aws: Add ability to mark ENIs as unmanaged#19096
Merged
qmonnet merged 3 commits intocilium:masterfrom Mar 30, 2022
Merged
Conversation
gandro
added
release-note/minor
Member
Author
|
/ci-eks |
gandro
force-pushed
the
pr/gandro/eni-exclude-tags
branch
from
81bcae4 to
c492154
Compare
Member
Author
|
/ci-eks |
gandro
force-pushed
the
pr/gandro/eni-exclude-tags
branch
2 times, most recently
from
e7c3b2e to
b9d0149
Compare
Member
Author
|
/ci-eks |
qmonnet
approved these changes
Mar 17, 2022
Member
qmonnet
left a comment
qmonnet
left a comment
There was a problem hiding this comment.
Looks good, but Travis failure might be related to the changes?
ldelossa
approved these changes
Mar 17, 2022
Contributor
ldelossa
left a comment
ldelossa
left a comment
There was a problem hiding this comment.
Don't have a ton of knowledge with ENI but I think I get the gist here. Changes look good 👍
sayboras
approved these changes
Mar 18, 2022
twpayne
approved these changes
Mar 18, 2022
Contributor
|
Note that the Travis failure seems relevant to this PR: |
This commit adds the ability to specify a set of tags in the ENI spec to exclude certain ENIs from Cilium's IP allocation. To exclude interfaces based on tags, a user may set the `exclude-interface-tags` option in the CNI config (same as other ENI IPAM parameters). If an interface matches all tags specified in the parameter, it will be ignored by Cilium. This new mechanism works similar to the existing `first-interface-index` value, but is able to also exclude interfaces which are added to worker nodes dynamically after Cilium is already running. Signed-off-by: Sebastian Wicki <[email protected]>
This adds a unit test where a node contains an ignored ENI. We ensure that no secondary IPs are assigned to that ENI and that new ENIs are attached and managed instead. Signed-off-by: Sebastian Wicki <[email protected]>
Signed-off-by: Sebastian Wicki <[email protected]>
gandro
force-pushed
the
pr/gandro/eni-exclude-tags
branch
from
b9d0149 to
428f3aa
Compare
Member
Author
|
Thanks for the reviews and the feedback. Not sure why the unit test didn't break before for me, might have been racy. Fixed it as per Tam's suggestion to add a manual Resync. |
Member
Author
|
/test |
Member
Author
|
Marking ready to merge. The relevant CI test suite (ci-eks) passed multiple times in a row. |
gandro
added
the
ready-to-merge
gandro
added a commit
to gandro/cilium
that referenced
this pull request
Mar 30, 2022
PR cilium#18463 changed the signature of the CreateNetworkInterface and NewNodeManager methods. This change was merged last week. PR cilium#19096 added a unit test in TestNodeManagerENIExcludeInterfaceTags which calls those methods with the old signature. Because the latter PR was not rebased after a merge, we accidentally merged a non-compilable unit test into master, even though CI was green (as CI was run before the signature was changed). Signed-off-by: Sebastian Wicki <[email protected]>
pchaigno
pushed a commit
that referenced
this pull request
Mar 30, 2022
PR #18463 changed the signature of the CreateNetworkInterface and NewNodeManager methods. This change was merged last week. PR #19096 added a unit test in TestNodeManagerENIExcludeInterfaceTags which calls those methods with the old signature. Because the latter PR was not rebased after a merge, we accidentally merged a non-compilable unit test into master, even though CI was green (as CI was run before the signature was changed). Signed-off-by: Sebastian Wicki <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds the ability to specify a set of tags in the ENI spec to
exclude certain ENIs from Cilium's IP allocation. To exclude interfaces
based on tags, a user may set the
exclude-interface-tagsoption in theCNI config (same as other ENI IPAM parameters). If an interface matches
all tags specified in the parameter, it will be ignored by Cilium.
This new mechanism works similar to the existing
first-interface-indexvalue, but is able to also exclude interfaceswhich are added to worker nodes dynamically after Cilium is already
running.