gateway-api: Race condition between routes and Gateway #25573
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Commit 6d958fc44bc78fee2fe108c9214953f99e96b866 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
maintainer-s-little-helper
bot
added
dont-merge/needs-sign-off
sayboras
force-pushed
the
tam/flake-conformance-api
branch
from
6d958fc
to
029dbb9
Compare
|
Commit 6d958fc44bc78fee2fe108c9214953f99e96b866 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
sayboras
added
release-note/bug
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-release-note-label
sayboras
added
dont-merge/needs-release-note-label
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-release-note-label
sayboras
force-pushed
the
tam/flake-conformance-api
branch
from
029dbb9
to
13ed109
Compare
youngnick
approved these changes
May 23, 2023
|
/test Job 'Cilium-PR-K8s-1.26-kernel-net-next' failed: Click to show.Test NameFailure OutputJenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.26-kernel-net-next/83/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
|
/test-runtime |
|
/test-1.26-net-next Job 'Cilium-PR-K8s-1.26-kernel-net-next' failed: Click to show.Test NameFailure OutputJenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.26-kernel-net-next/130/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
|
Re-run as the report is not accessible. |
|
hitting the flake #25605, all other CI are ✔️ , required review is in. Marking this ready to merge. |
sayboras
added
the
ready-to-merge
|
@sayboras needs rebase |
squeed
added
dont-merge/needs-rebase
sayboras
force-pushed
the
tam/flake-conformance-api
branch
from
13ed109
to
912e619
Compare
There was a race condition between http/tls routes and the underlying
Gateway resource. Basically, if the HTTP or TLS Route resource is created
before Gateway resource, its status will be updated with the value
`gateway not found`. However, the reconciliation for HTTP or TLS routes
is not triggered even after mentioned Gateway is created. The issue is due
to an unnecessary predicate on GenerationChangedPredicate, which only
checks for changes in spec.
This commit is to remove GenerationChangedPredicate predicate in HTTP and
TLS routes.
Status for gateway not found
```json
{
"lastTransitionTime": "2023-05-22T05:24:01Z",
"message": "Gateway.gateway.networking.k8s.io \"gateway-tlsroute\" not found",
"observedGeneration": 1,
"reason": "InvalidTLSRoute",
"status": "False",
"type": "Accepted"
}
```
Testing was done before and after the changes with below step:
- Create one TLSRoute with a non-existent Gateway. This TLSRoute status should say `gateway not found`
- Create mentioned Gateway Resource with a valid GatewayClass
- Verify the TLSRoute status, which should be updated to Accepted.
Fixes: cilium#25487
Signed-off-by: Tam Mach <tam.mach@cilium.io>
sayboras
force-pushed
the
tam/flake-conformance-api
branch
from
912e619
to
4cbd87c
Compare
sayboras
removed
the
dont-merge/needs-rebase
|
/test Job 'Cilium-PR-K8s-1.26-kernel-net-next' failed: Click to show.Test NameFailure OutputJenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.26-kernel-net-next/179/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
|
Hit another flake #25524, marking this ready to merge after rebase. |
sayboras
added
the
ready-to-merge
|
/test-1.26-net-next |
sayboras
added
backport-pending/1.13
maintainer-s-little-helper
bot
moved this from Needs backport from main
to Backport done to v1.13
in 1.13.3
This was referenced Jun 9, 2023
mhofstetter
added a commit
to mhofstetter/cilium
that referenced
this pull request
Nov 6, 2023
This commit adds the missing reference-grant watch to the TLS route controller. Fixes: cilium#25573 & cilium#25711 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
mhofstetter
added a commit
to mhofstetter/cilium
that referenced
this pull request
Nov 8, 2023
This commit adds the missing reference-grant watch to the TLS route controller. Fixes: cilium#25573 & cilium#25711 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
gandro
pushed a commit
to gandro/cilium
that referenced
this pull request
Nov 15, 2023
[ upstream commit 30d3a6f ] This commit adds the missing reference-grant watch to the TLS route controller. Fixes: cilium#25573 & cilium#25711 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com> Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
sujoshua
pushed a commit
to sujoshua/cilium
that referenced
this pull request
Nov 16, 2023
This commit adds the missing reference-grant watch to the TLS route controller. Fixes: cilium#25573 & cilium#25711 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
pjablonski123
pushed a commit
to pjablonski123/cilium
that referenced
this pull request
Dec 15, 2023
This commit adds the missing reference-grant watch to the TLS route controller. Fixes: cilium#25573 & cilium#25711 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a race condition between http/tls routes and the underlying Gateway resource. Basically, if the HTTP or TLS Route resource is created before Gateway resource, its status will be updated with the value
gateway not found. However, the reconciliation for HTTP or TLS routes is not triggered even after mentioned Gateway is created. The issue is due to an unnecessary predicate on GenerationChangedPredicate, which only checks for changes in spec.This commit is to remove GenerationChangedPredicate predicate in HTTP and TLS routes.
Status for gateway not found
{ "lastTransitionTime": "2023-05-22T05:24:01Z", "message": "Gateway.gateway.networking.k8s.io \"gateway-tlsroute\" not found", "observedGeneration": 1, "reason": "InvalidTLSRoute", "status": "False", "type": "Accepted" }Testing was done before and after the changes with below step:
gateway not foundFixes: #25487