Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator: fix CES sync in identity-based batching #32239

Merged
merged 1 commit into from
Apr 30, 2024
Merged

operator: fix CES sync in identity-based batching #32239

merged 1 commit into from
Apr 30, 2024

Conversation

thorn3r
Copy link
Contributor

@thorn3r thorn3r commented Apr 29, 2024

When CiliumEndpointSlice is enabled, any existing
CiliumEndpointSlices need to be added to the Cilium Operator's cache on start up.

The 'cesManagerIdentity' used for the identity-based slicing mode has 2 additional maps to track which CES map to which identity, and vice-versa. Currently these maps are not populated on the initial sync, causing the operator to believe the identity of a CiliumEndpoint has changed and removing it from the CES on first update. This causes all CiliumEndpointSlices to be recreated whenever the operator restarts.

This commit adds an override method to 'cesManagerIdentity' to populate the identity mapping on initial sync, allowing the operator to properly sync the existing CiliumEndpointSlices and avoid recreating them.

Fixes: #31564

Fix synchronization of CiliumEndpointSlices when running the Cilium Operator in identity-based slicing mode.

@thorn3r thorn3r added release-note/bug This PR fixes an issue in a previous release of Cilium. backport/1.15 This PR represents a backport for Cilium 1.15.x of a PR that was merged to main. labels Apr 29, 2024
@thorn3r
Copy link
Contributor Author

thorn3r commented Apr 29, 2024

/test

@thorn3r thorn3r marked this pull request as ready for review April 29, 2024 15:54
@thorn3r thorn3r requested a review from a team as a code owner April 29, 2024 15:54
@thorn3r thorn3r requested a review from pippolo84 April 29, 2024 15:54
@thorn3r
Copy link
Contributor Author

thorn3r commented Apr 29, 2024

lint workflow was broken due to hive renaming that was merged earlier today: #32020
updated the branch to fix this

@thorn3r
Copy link
Contributor Author

thorn3r commented Apr 29, 2024

/test

pippolo84
pippolo84 approved these changes Apr 30, 2024
View reviewed changes
Copy link
Member

@pippolo84 pippolo84 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks! 💯

Just a non-blocking nit left inline.

operator/pkg/ciliumendpointslice/manager.go Outdated Show resolved Hide resolved
@maintainer-s-little-helper maintainer-s-little-helper bot added ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Apr 30, 2024
@tklauser tklauser enabled auto-merge April 30, 2024 09:16
@thorn3r
operator: fix CES sync in identity-based batching
d16ee92 
When CiliumEndpointSlice is enabled, any existing
CiliumEndpointSlices need to be added to the Cilium Operator's cache on
start up.

The 'cesManagerIdentity' used for the identity-based slicing mode has 2
additional maps to track which CES map to which identity, and
vice-versa. Currently these maps are not populated on the initial sync,
causing the operator to believe the identity of a CiliumEndpoint has
changed and removing it from the CES on first update. This causes all
CiliumEndpointSlices to be recreated whenever the operator restarts.

This commit adds an override method to 'cesManagerIdentity' to populate
the identity mapping on initial sync, allowing the operator to properly
sync the existing CiliumEndpointSlices and avoid recreating them.

Fixes: cilium#31564

Signed-off-by: Tim Horner <timothy.horner@isovalent.com>
@thorn3r
Copy link
Contributor Author

thorn3r commented Apr 30, 2024

/test

@thorn3r thorn3r mentioned this pull request Apr 30, 2024
Open
@tklauser tklauser added this pull request to the merge queue Apr 30, 2024
Merged via the queue into cilium:main with commit 79a8358 Apr 30, 2024
64 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pippolo84 pippolo84 pippolo84 approved these changes

Assignees
No one assigned
Labels
backport/1.15 This PR represents a backport for Cilium 1.15.x of a PR that was merged to main. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

v1.15 Operator deletes and creates EndpointSlices on startup
3 participants
@thorn3r @pippolo84 @tklauser