v1.14 Backports 2024-02-16 #30800
Merged
v1.14 Backports 2024-02-16 #30800
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ upstream commit c19a84e ] This error can happen if a state is being destroyed while packets are in flight. It should be rare as the window in the kernel where it can happen is very short. Signed-off-by: Paul Chaignon <[email protected]> Signed-off-by: Tam Mach <[email protected]>
[ upstream commit 3c479d4 ] The test output are riddled with logs such as: Defaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init) This gets particularly noisy when waiting for the key rotation to complete, during which time we run kubectl exec repeatedly. This commit fixes it. Signed-off-by: Paul Chaignon <[email protected]> Signed-off-by: Tam Mach <[email protected]>
[ upstream commit 12e3ae9 ] When the Pod generates a TCP stream larger than MSS, it may be sent as a GSO large packet. We observed in such a case, SRv6-encapsulated packet is dropped. The root cause was a misuse of ctx_adjust_hroom. We call it ctx_adjust_hroom(ctx, growth, BPF_ADJ_ROOM_MAC, 0), but this way, the helper is not aware of what kind of encapsulation we want to perform, so it doesn't adjust skb->inner_protocol (should be ETH_P_IP) and skb_shinfo->gso_type (should be SKB_GSO_IPXIP6 | SKB_GSO_TCPV4) appropriately. As a result, the packet will be dropped in ip4ip6_gso_segment due to the flag mismatch. Use BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 flag which is introduced to solve this problem. Signed-off-by: Yutaro Hayakawa <[email protected]> Signed-off-by: Tam Mach <[email protected]>
sayboras
added
kind/backports
|
/test-backport-1.14 |
YutaroHayakawa
approved these changes
Feb 16, 2024
|
Required reviews are in, marking this ready to merge for tophat to check. |
sayboras
added
the
ready-to-merge
aanm
approved these changes
Feb 16, 2024
maintainer-s-little-helper
bot
removed
the
ready-to-merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, a GitHub action will update the labels of these PRs: