Update Cilium to v1.18.2#17601
Conversation
5f5952b to
05179e9
Compare
|
/test pull-kops-e2e-azure-cni-cilium |
1 similar comment
|
/test pull-kops-e2e-azure-cni-cilium |
05179e9 to
088be9e
Compare
|
/test pull-kops-e2e-k8s-gce-cilium |
ed38aaa to
b88fae9
Compare
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
b88fae9 to
150064a
Compare
|
None of the failures are in Cilium tests or related. |
| bpf-ct-global-tcp-max: "{{ .BPFCTGlobalTCPMax }}" | ||
| bpf-ct-global-any-max: "{{ .BPFCTGlobalAnyMax }}" | ||
|
|
||
| # BPF load balancing algorithm ("random", "maglev") (default "random") | ||
| bpf-lb-algorithm: "{{ .BPFLBAlgorithm }}" | ||
|
|
||
| # Maglev per service backend table size (parameter M) (default 16381) | ||
| bpf-lb-maglev-table-size: "{{ .BPFLBMaglevTableSize }}" | ||
|
|
||
| # bpf-nat-global-max specified the maximum number of entries in the | ||
| # BPF NAT table. (default 524288) | ||
| bpf-nat-global-max: "{{ .BPFNATGlobalMax }}" | ||
|
|
||
| # bpf-neigh-global-max specified the maximum number of entries in the | ||
| # BPF neighbor table. (default 524288) | ||
| bpf-neigh-global-max: "{{ .BPFNeighGlobalMax }}" |
There was a problem hiding this comment.
These were all removed, is that intentional?
There was a problem hiding this comment.
Yes, but I have an idea how to add some back. They are not gone, just not overridden.
The point is that they are kind of useless, we should add something at the end to allow any override.
# Extra config allows adding arbitrary properties to the cilium config.
# By putting it at the end of the ConfigMap, it's also possible to override existing properties.
There was a problem hiding this comment.
extra config would need to be done with templating, right? to recognize all of the other spec.networking.cilium fields?
There was a problem hiding this comment.
I was thinking of a simple `map[string]string', pretty much how we deal with AWS VPC CNI. Anyone could add whatever option they want, without any validation from kOps.
There was a problem hiding this comment.
yea that sounds reasonable. should we add it in this PR or a followup?
There was a problem hiding this comment.
Let's do a followup and see how tests go in the mean time.
| # bpf-lb-sock-hostns-only enables skipping socket LB for services when inside a pod namespace, | ||
| # in favor of service LB at the pod interface. Socket LB is still used when in the host namespace. | ||
| # Required by service mesh (e.g., Istio, Linkerd). (default false) | ||
| bpf-lb-sock-hostns-only: "{{ .BPFLBSockHostNSOnly }}" |
There was a problem hiding this comment.
Same as above, should be added as a generic override.
There was a problem hiding this comment.
Same as above, should be added as a generic override.
| enable-remote-node-identity: "{{ .EnableRemoteNodeIdentity }}" | ||
|
|
||
| # Enable unreachable routes on pod deletion (default false) | ||
| enable-unreachable-routes: "{{ .EnableUnreachableRoutes }}" |
There was a problem hiding this comment.
Some of these are just gone, others have mover around. It's easier to see in the rendered files.
There was a problem hiding this comment.
This seems to have been hidden at some point.
|
/test pull-kops-e2e-aws-upgrade-k133-ko133-to-kstable-kolatest-many-addons |
|
/test pull-kops-e2e-cni-amazonvpc |
|
/retest |
|
/test pull-kops-e2e-cni-amazonvpc |
|
/test pull-kops-e2e-k8s-aws-amazonvpc |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rifelpet The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
No description provided.