Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.13: node: Fix node encryption condition in incorrect backport #26953

Merged
merged 1 commit into from
Jul 21, 2023
Merged

v1.13: node: Fix node encryption condition in incorrect backport #26953

merged 1 commit into from
Jul 21, 2023

Conversation

pchaigno
Copy link
Member

Julian noticed that backported commit 7dbd40f ("ipsec: Remove workarounds for path asymmetry that was removed") didn't match the upstream commit due to a wrong conflict resolution. This commit fixes it.

We don't expect much impact here as node encryption was never stable, barely used, and eventually removed, but best to fix it, if only for consistency with v1.11 and v1.12.

Fixes: #26792.

@pchaigno
node: Fix node encryption condition in incorrect backport
28ac94a 
Julian noticed that backported commit 7dbd40f ("ipsec: Remove workarounds
for path asymmetry that was removed") didn't match the upstream commit
due to a wrong conflict resolution. This commit fixes it.

We don't expect much impact here as node encryption was never stable,
barely used, and eventually removed, but best to fix it, if only for
consistency with v1.11 and v1.12.

Fixes: 7dbd40f ("ipsec: Remove workarounds for path asymmetry that was removed")
Reported-by: Julian Wiedmann <jwi@isovalent.com>
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
@pchaigno pchaigno added the area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. label Jul 20, 2023
@pchaigno pchaigno requested a review from a team as a code owner July 20, 2023 10:43
@maintainer-s-little-helper maintainer-s-little-helper bot added backport/1.13 This PR represents a backport for Cilium 1.13.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master. labels Jul 20, 2023
@pchaigno
Copy link
Member Author

pchaigno commented Jul 20, 2023
edited by maintainer-s-little-helper bot

/test-backport-1.13

Job 'Cilium-PR-K8s-1.21-kernel-4.19' failed:

Click to show.

Test Name

K8sAgentChaosTest Restart with long lived connections TCP connection is not dropped when cilium restarts

Failure Output

FAIL: Pods are not ready after timeout

Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.21-kernel-4.19/89/

If it is a flake and a GitHub issue doesn't already exist to track it, comment /mlh new-flake Cilium-PR-K8s-1.21-kernel-4.19 so I can create one.

Then please upload the Jenkins artifacts to that issue.

julianwiedmann
julianwiedmann approved these changes Jul 20, 2023
View reviewed changes
Copy link
Member

@julianwiedmann julianwiedmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you Paul!

@pchaigno
Copy link
Member Author

pchaigno commented Jul 20, 2023
edited

k8s-1.21-kernel-4.19 hit the docker.io rate limiting. Restarting:
/test-1.21-4.19

@pchaigno pchaigno added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jul 21, 2023
@aditighag aditighag merged commit 4ac3b49 into cilium:v1.13 Jul 21, 2023
62 checks passed
@pchaigno pchaigno deleted the pr/pchaigno/v1.13-fix-backport branch July 21, 2023 22:27
@maintainer-s-little-helper maintainer-s-little-helper bot removed the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jul 21, 2023
@gentoo-root gentoo-root mentioned this pull request Jul 26, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julianwiedmann julianwiedmann julianwiedmann approved these changes

Assignees
No one assigned
Labels
area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. backport/1.13 This PR represents a backport for Cilium 1.13.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@pchaigno @julianwiedmann @aditighag