Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

install: Fail helm if kube-proxy-replacement is not valid #25907

Merged
merged 1 commit into from
Jun 6, 2023
Merged

install: Fail helm if kube-proxy-replacement is not valid #25907

merged 1 commit into from
Jun 6, 2023

Conversation

jrajahalme
Copy link
Member

Fail helm if kube-proxy-replacement is set or defaults to an invalid value.

kube-proxy-replacement can be defaulted to a deprecated (and since removed) "probe" value. User can also set it into an incorrect value explicitly. It is better to fail on helm than cilium agent failing to start.

@jrajahalme jrajahalme added area/daemon Impacts operation of the Cilium daemon. release-note/misc This PR makes changes that have no direct user impact. area/helm Impacts helm charts and user deployment experience labels Jun 5, 2023
@jrajahalme jrajahalme requested review from a team as code owners June 5, 2023 15:04
brb
brb approved these changes Jun 5, 2023
View reviewed changes
Copy link
Member

@brb brb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

sayboras
sayboras reviewed Jun 6, 2023
View reviewed changes
install/kubernetes/cilium/templates/cilium-configmap.yaml
@@ -54,6 +54,9 @@
{{- $bpfCtTcpMax := (coalesce .Values.bpf.ctTcpMax $defaultBpfCtTcpMax) -}}
{{- $bpfCtAnyMax := (coalesce .Values.bpf.ctAnyMax $defaultBpfCtAnyMax) -}}
{{- $kubeProxyReplacement := (coalesce .Values.kubeProxyReplacement $defaultKubeProxyReplacement) -}}
{{- if and (ne $kubeProxyReplacement "disabled") (ne $kubeProxyReplacement "partial") (ne $kubeProxyReplacement "strict") }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any reason to have this check here instead of validation.yaml? I assume the $defaultKubeProxyReplacement is always having valid value.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$defaultKubeProxyReplacement is computed only in this file, so I'm assuming it is not having the same values in validation.yaml, or at least that seems to be the case.

@jrajahalme
Copy link
Member Author

/test

@jrajahalme jrajahalme added the needs-backport/1.13 This PR / issue needs backporting to the v1.13 branch label Jun 6, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.13.4 Jun 6, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.11.18 Jun 6, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.12.11 Jun 6, 2023
@jrajahalme
Copy link
Member Author

Travis hit a known flake #24678

@jrajahalme
Copy link
Member Author

/ci-l4lb

@jrajahalme
Copy link
Member Author

ci-l4lb fails for a verifier fail #25892, needs a rebase to pick up a fix in main.

@jrajahalme
install: Fail helm if kube-proxy-replacement is not valid
c824261 
Fail helm if kube-proxy-replacement is set or defaults to an invalid value.

kube-proxy-replacement can be defaulted to a deprecated (and since
removed) "probe" value. User can also set it into an incorrect value
explicitly. It is better to fail on helm than cilium agent failing to
start.

Signed-off-by: Jarno Rajahalme <jarno@isovalent.com>
@jrajahalme
Copy link
Member Author

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jun 6, 2023
@jrajahalme jrajahalme merged commit f64e073 into cilium:main Jun 6, 2023
61 checks passed
@YutaroHayakawa YutaroHayakawa mentioned this pull request Jun 7, 2023
Merged
4 tasks
@YutaroHayakawa YutaroHayakawa added backport-pending/1.13 The backport for Cilium 1.13.x for this PR is in progress. and removed needs-backport/1.13 This PR / issue needs backporting to the v1.13 branch labels Jun 7, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.13 in 1.13.4 Jun 7, 2023
@YutaroHayakawa YutaroHayakawa mentioned this pull request Jun 8, 2023
Merged
3 tasks
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.12 in 1.12.11 Jun 8, 2023
@YutaroHayakawa YutaroHayakawa mentioned this pull request Jun 8, 2023
Merged
2 tasks
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.11 in 1.11.18 Jun 8, 2023
@YutaroHayakawa YutaroHayakawa added backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. and removed backport-pending/1.13 The backport for Cilium 1.13.x for this PR is in progress. labels Jun 8, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.13 to Backport done to v1.13 in 1.13.4 Jun 8, 2023
@qmonnet qmonnet mentioned this pull request Jun 9, 2023
Closed
@michi-covalent michi-covalent mentioned this pull request Jun 9, 2023
Closed
@YutaroHayakawa YutaroHayakawa added backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. and removed backport-pending/1.11 labels Jun 12, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.11 to Backport done to v1.11 in 1.11.18 Jun 12, 2023
@YutaroHayakawa YutaroHayakawa added backport-done/1.12 The backport for Cilium 1.12.x for this PR is done. and removed backport-pending/1.12 labels Jun 12, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.12 to Backport done to v1.12 in 1.12.11 Jun 12, 2023
This was referenced Jun 12, 2023
Closed
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sayboras sayboras sayboras left review comments

@brb brb brb approved these changes

@youngnick youngnick youngnick approved these changes

Assignees
No one assigned
Labels
area/daemon Impacts operation of the Cilium daemon. area/helm Impacts helm charts and user deployment experience backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. backport-done/1.12 The backport for Cilium 1.12.x for this PR is done. backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
No open projects
1.11.18
Backport done to v1.11
1.12.11
Backport done to v1.12
1.13.4
Backport done to v1.13
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jrajahalme @brb @sayboras @youngnick @YutaroHayakawa