Skip to content

bpf: Migrate EPHEMERAL_MIN to runtime config#43564

Merged
aanm merged 2 commits intomainfrom
pr/vk/bpf/cfg/ephemeral/min
Jan 6, 2026
Merged

bpf: Migrate EPHEMERAL_MIN to runtime config#43564
aanm merged 2 commits intomainfrom
pr/vk/bpf/cfg/ephemeral/min

Conversation

@viktor-kurchenko
Copy link
Copy Markdown
Contributor

@viktor-kurchenko viktor-kurchenko commented Jan 5, 2026

Migrate EPHEMERAL_MIN to runtime config.

Please see description per-commit.

Related: #38370

@viktor-kurchenko viktor-kurchenko added area/loader Impacts the loading of BPF programs into the kernel. area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/misc This PR makes changes that have no direct user impact. labels Jan 5, 2026
@viktor-kurchenko viktor-kurchenko changed the title Pr/vk/bpf/cfg/ephemeral/min bpf: Migrate EPHEMERAL_MIN to runtime config Jan 5, 2026
@viktor-kurchenko
Copy link
Copy Markdown
Contributor Author

viktor-kurchenko commented Jan 5, 2026

/test

@viktor-kurchenko viktor-kurchenko marked this pull request as ready for review January 5, 2026 17:12
@viktor-kurchenko viktor-kurchenko requested review from a team as code owners January 5, 2026 17:12
@viktor-kurchenko viktor-kurchenko force-pushed the pr/vk/bpf/cfg/ephemeral/min branch 2 times, most recently from d9dcbc1 to eb225ee Compare January 5, 2026 18:48
@viktor-kurchenko
Copy link
Copy Markdown
Contributor Author

viktor-kurchenko commented Jan 5, 2026

/test

@viktor-kurchenko
bpf, nat: EPHEMERAL_MIN converted to runtime config
487f477 
Switch NAT minimum egress port to use runtime config `ephemeral_min`
instead of a static macro.
Add and set `EphemeralMin` during local node config build.
Wire `sysctl` into the orchestrator to read net.ipv4.ip_local_port_range
and drop legacy header define.

Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>
@viktor-kurchenko
datapath: move getEphemeralPortRangeMin function closer to usage
e4a96ca 
Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>
@viktor-kurchenko viktor-kurchenko force-pushed the pr/vk/bpf/cfg/ephemeral/min branch from 42244c3 to e4a96ca Compare January 5, 2026 20:43
@viktor-kurchenko
Copy link
Copy Markdown
Contributor Author

viktor-kurchenko commented Jan 5, 2026

/test

dylandreimerink
dylandreimerink approved these changes Jan 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@dylandreimerink dylandreimerink left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!, this looks good to me

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 6, 2026
@aanm aanm added this pull request to the merge queue Jan 6, 2026
Merged via the queue into main with commit 3c31a28 Jan 6, 2026
436 of 447 checks passed
@aanm aanm deleted the pr/vk/bpf/cfg/ephemeral/min branch January 6, 2026 13:18
@ti-mo ti-mo mentioned this pull request Jan 14, 2026
Open
33 tasks
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dylandreimerink dylandreimerink dylandreimerink approved these changes

Assignees

No one assigned

Labels

area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. area/loader Impacts the loading of BPF programs into the kernel. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@viktor-kurchenko @dylandreimerink @msune @aanm