Skip to content

endpoint/restore: remove special handling for host endpoint in case of ipsec#43757

Merged
julianwiedmann merged 1 commit intocilium:mainfrom
mhofstetter:pr/mhofstetter/endpoint-restore-remove-specialhandling-hostep
Jan 20, 2026
Merged

endpoint/restore: remove special handling for host endpoint in case of ipsec#43757
julianwiedmann merged 1 commit intocilium:mainfrom
mhofstetter:pr/mhofstetter/endpoint-restore-remove-specialhandling-hostep

Conversation

@mhofstetter
Copy link
Copy Markdown
Member

@mhofstetter mhofstetter commented Jan 14, 2026
edited
Loading

Currently, we regenerate the host endpoint before all other restored endpoints if IPSec is enabled.

This might be problematic as it increases the overall time for the endpoint restoration - and might lead to issues if Envoy prematurely configures Envoy before all Endpoints are restored (default after 3 min).

It looks like this code / special handling is no longer needed with v1.19. Let's remove it.

PR that (re-)introduced the temporary special-handling: #37723

@mhofstetter mhofstetter added kind/cleanup This includes no functional changes. release-note/misc This PR makes changes that have no direct user impact. labels Jan 14, 2026
@mhofstetter
Copy link
Copy Markdown
Member Author

mhofstetter commented Jan 14, 2026

/test

@mhofstetter mhofstetter marked this pull request as ready for review January 15, 2026 14:47
@mhofstetter mhofstetter requested a review from a team as a code owner January 15, 2026 14:47
@mhofstetter
Copy link
Copy Markdown
Member Author

mhofstetter commented Jan 15, 2026
edited
Loading

Requesting review from @pchaigno. Do we need any additional changes (VinE related) or is it fine to simply delete that code?

@mhofstetter mhofstetter added the needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch label Jan 15, 2026
@mhofstetter mhofstetter mentioned this pull request Jan 15, 2026
Closed
@mhofstetter mhofstetter mentioned this pull request Jan 16, 2026
Draft
@pchaigno pchaigno requested a review from ldelossa January 16, 2026 16:05
@pchaigno
Copy link
Copy Markdown
Member

pchaigno commented Jan 16, 2026

This looks fine to me, but I'd rather have Louis's review here as he authored the VinE work.

@ldelossa
Copy link
Copy Markdown
Contributor

ldelossa commented Jan 16, 2026

Awesome catch @mhofstetter !

Yes this is safe to go now that we are in a VinE steady state moving forward.

ldelossa
ldelossa approved these changes Jan 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@ldelossa ldelossa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you !

@mhofstetter
endpoint/restore: remove special handling for host endpoint in case o…
5759f8a 
…f ipsec

Currently, we regenerate the host endpoint before all other restored endpoints
if IPSec is enabled.

This might be problematic as it increases the overall time for the endpoint
restoration - and might lead to issues if Envoy prematurely configures
Envoy before all Endpoints are restored (default after 3 min).

It looks like this code / special handling is no longer needed with v1.19.
Let's remove it.

Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
@mhofstetter mhofstetter force-pushed the pr/mhofstetter/endpoint-restore-remove-specialhandling-hostep branch from 00eca08 to 5759f8a Compare January 19, 2026 12:41
@mhofstetter
Copy link
Copy Markdown
Member Author

mhofstetter commented Jan 19, 2026

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 19, 2026
@julianwiedmann julianwiedmann added the feature/ipsec Relates to Cilium's IPsec feature label Jan 20, 2026
@julianwiedmann julianwiedmann added this pull request to the merge queue Jan 20, 2026
Merged via the queue into cilium:main with commit 4f5a008 Jan 20, 2026
75 of 76 checks passed
@mhofstetter mhofstetter deleted the pr/mhofstetter/endpoint-restore-remove-specialhandling-hostep branch January 20, 2026 08:33
@giorio94 giorio94 mentioned this pull request Jan 22, 2026
Merged
6 tasks
@giorio94 giorio94 added backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. and removed needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch labels Jan 22, 2026
@github-actions github-actions bot added backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. and removed backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. labels Jan 22, 2026
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ldelossa ldelossa ldelossa approved these changes

@fristonio fristonio fristonio approved these changes

Assignees

No one assigned

Labels

backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. feature/ipsec Relates to Cilium's IPsec feature kind/cleanup This includes no functional changes. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@mhofstetter @pchaigno @ldelossa @fristonio @msune @julianwiedmann @giorio94