Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve the helm values autodetection logic #2365

Merged
merged 7 commits into from
Mar 12, 2024
Merged

Improve the helm values autodetection logic #2365

merged 7 commits into from
Mar 12, 2024

Conversation

giorio94
Copy link
Member

@giorio94 giorio94 commented Mar 5, 2024
edited
Loading

Please review commit by commit, and refer to the individual messages for additional details.

  • Remove unused fields/parameters from the getHelmValues logic;
  • Drop support for EOL Cilium v1.11 and earlier in helm values generation;
  • Drop broken bpf.masquerade autodetection logic;
  • Fix retrieval of the user-configured routing mode, and uniform retrieval of nested helm value;
  • Improve KPR autodetection logic to not override user configuration, and not configure deprecated values;
  • Fix KPR probing in connectivity tests to account for both legacy and current values.
  • Replace the remaining references to deprecated KPR settings in GHA workflows.

giorio94 added 4 commits March 5, 2024 11:43
@giorio94
helm: remove unused fields/parameters from getHelmValues logic
551222d 
It appears that they are no longer used after removing the
legacy installation logic.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94
helm: do not care for unsupported Cilium versions in values generation
8b88714 
Cilium v1.11 and earlier have been EOL for more than six months now.
Hence, let's stop caring about them when auto-configuring the helm
values.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94
helm: remove bpf.masquerade autodetection logic
40c58c4 
The current logic is supposed to automatically enable BPF masquerade
when KPR is enabled, and IPv6 is not enabled. However, it looks like
it is broken since 9ddd6d8 ("install: Do not use individual
HelmOpts"), because we iterate on a map of maps containing the rendered
values, but attempt to match the values against --set strings.

Instead of fixing it, let's just remove this logic altogether for the
sake of simplicity. Additionally, it is potentially fragile, and may
lead to surprises to users (as well as in CI) given the difference with
respect to the default Cilium's values, and a plain helm install.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94
helm: uniform retrieval of nested helm value
5c47f6d 
Let's replace the custom logic to retrieve a specific helm value with
the unstructured.NestedString method, to ensure consistency among the
different call sites. Additionally, this change fixes the retrieval
of the routing mode configured by the user, which was previously
never obtained correctly, due to a format mismatch.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94 giorio94 requested review from a team as code owners March 5, 2024 15:30
@giorio94
helm: improve KPR autodetection logic
b657754 
Make sure that the autodetected values don't override possible user
configurations. Additionally, adapt the kubeProxyReplacement value
based on the CIlium version, as strict got deprevated in v1.14.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94 giorio94 force-pushed the mio/autodetection branch from 15f6ebb to 947eb71 Compare March 5, 2024 15:39
@giorio94
Copy link
Member Author

giorio94 commented Mar 6, 2024

The failure appears to be legitimate, as it uncovered an already existing bug causing incorrect KPR features detection when configured using the new format (i.e., true|false). Converting back to draft while addressing it.

@giorio94 giorio94 marked this pull request as draft March 6, 2024 09:17
giorio94 added 2 commits March 6, 2024 10:41
@giorio94
connectivity: fix KPR feature probing
dba93ec 
Currently, KPR feature determination considered only the legacy
disabled|partial|strict values, while ignoring the false|true
possibilities. This issue caused little harm so far because we
never directly relied upon it, but only probed for subfeatures
(mainly KPRNodePort and KPRHostPort). One special case is
represented by north-sourth-loadbalancing/outside-to-nodeport
tests, which disable flow validation when the KPR NodePort
implementation is disabled. However, due to a bug, this worked
only when KPR mode was set to "Disabled", regardless of whether
it was enabled or not in all other circumstances.

Let's address this by generalizing the KPR feature detection
logic, as well as correctly checking the KPR NodePort status
as part of the outside-to-nodeport tests.

Signed-off-by: Marco Iorio <[email protected]>
@giorio94
gha: replace remaining references to deprecated KPR settings
5f69a4c 
Signed-off-by: Marco Iorio <[email protected]>
@giorio94 giorio94 force-pushed the mio/autodetection branch from 947eb71 to 5f69a4c Compare March 6, 2024 09:42
@giorio94
Copy link
Member Author

giorio94 commented Mar 6, 2024

I've pushed a commit to address the KPR feature detection issue. Back to reviewable state.

@giorio94 giorio94 marked this pull request as ready for review March 6, 2024 09:43
@giorio94 giorio94 requested a review from a team as a code owner March 6, 2024 09:43
@giorio94 giorio94 requested a review from aspsk March 6, 2024 09:43
gandro
gandro approved these changes Mar 6, 2024
View reviewed changes
Copy link
Member

@gandro gandro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice cleanup!

michi-covalent
michi-covalent approved these changes Mar 11, 2024
View reviewed changes
Copy link
Contributor

@michi-covalent michi-covalent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i didn't know about unstructured.NestedString. very cool 🥰

@michi-covalent
Copy link
Contributor

@tommyp1ckles @aspsk ping!

This was referenced Mar 11, 2024
Merged
Closed
sayboras
sayboras approved these changes Mar 11, 2024
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks ✔️

@sayboras sayboras mentioned this pull request Mar 12, 2024
Closed
3 tasks
@michi-covalent
Copy link
Contributor

6 approvals. good enough for me.

@michi-covalent michi-covalent merged commit dbd3594 into cilium:main Mar 12, 2024
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gandro gandro gandro approved these changes

@tklauser tklauser tklauser approved these changes

@brlbil brlbil brlbil approved these changes

@tommyp1ckles tommyp1ckles tommyp1ckles approved these changes

@sayboras sayboras sayboras approved these changes

@michi-covalent michi-covalent michi-covalent approved these changes

@aspsk aspsk Awaiting requested review from aspsk aspsk was automatically assigned from cilium/sig-lb

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@giorio94 @michi-covalent @gandro @tklauser @brlbil @tommyp1ckles @sayboras