doc: add early warning for policy-default-local-cluster#40108
doc: add early warning for policy-default-local-cluster#40108joestringer merged 1 commit intocilium:mainfrom
Conversation
maintainer-s-little-helper
bot
added
the
dont-merge/needs-release-note-label
MrFreezeex
added
the
area/clustermesh
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
from
1a6bd59 to
c4dca90
Compare
|
I am not actually sure about the release note, technically it could even be misc but maybe major would be a thing too to highlight the future breaking change 🤔 (although probably not a major change and even the actual breaking change would be in 1.19 when we will change the default value of the option 🤷♂️) |
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
from
c4dca90 to
630cfdb
Compare
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
from
630cfdb to
42cd6ce
Compare
|
/test |
joestringer
left a comment
joestringer
left a comment
There was a problem hiding this comment.
Some small grammar suggestions and standardizing the language. Most notable question is what the process is for someone to actually change the policies. I ran the recommended command but in my dev cluster I guess my simplistic policies did not require any conversion. It wasn't super obvious to me what we're instructing the user about with the new setting.
I also considered where the right place is for these instructions, and in the longer term the clustermesh policy doc should just define what the desired semantics are, so that should be the primary message communicated in that section. For the upgrade / migration instructions I would suggest moving that over to the upgrade guide.
joestringer
added
release-note/misc
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-release-note-label
|
This information seems relevant to users upgrading to v1.18, so I've marked it as a release-blocker for v1.18. We've still got plenty of time to get the PR in so you don't have to worry too much about that, this just helps us to track and prioritize PRs for the coming weeks. |
Typically we'd probably set the original PR as a major (or at least minor) change. I guess the way we prepare release notes isn't exactly structured to clearly identify "breaking changes" up front. That said, I'm not sure I fully understand what happens right now - will this change the setting by default for existing users? My read of the doc was no, which means it's technically not a breaking change yet until we change the default. That said, the main thing I would want to make sure of is that if someone reads the upgrade guide, it is clear to them that there is a potential breaking change for clustermesh + policy and then they can decide whether to take action (+ take action based on the instructions provided by this PR). If the current structure of the upgrade guide doesn't adequately highlight this breaking change, we could introduce a new title to make this more clear. |
I agree with Joe that the best is probably marking the original PR as a (Edit: I've double-checked, and #39338 is already marked |
Yes this is opt-in for 1.18 so no breaking change / no change whatsoever as of now but users can start to actively change their network policies to explicitly target some clusters so that its behavior won't change whatever to what value |
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
5 times, most recently
from
ffde6f2 to
b3171a5
Compare
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
3 times, most recently
from
ea2284a to
8974a85
Compare
joestringer
added
the
area/documentation
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
from
8974a85 to
17cf5df
Compare
joestringer
left a comment
joestringer
left a comment
There was a problem hiding this comment.
I made some minor wording suggestions for use of plural and tone (avoid use of we in favor of just instructing the user what to do).
Other than that, the structure looks good and the text seems fairly straightforward to follow, including three common policy transition cases. This feels like it should be comprehensive enough for users to upgrade.
giorio94
left a comment
giorio94
left a comment
There was a problem hiding this comment.
Thanks! I'm still not totally convinced about the upgrade note -- I've tried adding one suggestion inline, let me know if it makes sense to you. Looks good to me besides that, pending Joe's comments.
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
2 times, most recently
from
fb05e75 to
58f9985
Compare
Add an early warning about defaulting `policy-default-local-cluster` to true in 1.19 which will result in a breaking change. Also include some migration guidance with cli command dedicated for that. Signed-off-by: Arthur Outhenin-Chalandre <[email protected]>
MrFreezeex
force-pushed
the
upgrade-policy-default-local-cluster
branch
from
58f9985 to
78e04fd
Compare
|
Thanks a lot for your suggestions/reviews it improved greatly the proposed docs 🙏 ❤️. Let me know if you find anything else! |
joestringer
left a comment
joestringer
left a comment
There was a problem hiding this comment.
LGTM, thanks! I think I'll bookmark this as a good example of how to communicate a breaking change to users in advance while expecting them to take action to mitigate.
|
/test |
maintainer-s-little-helper
bot
added
the
ready-to-merge
3 participants
Add an early warning about defaulting
policy-default-local-clusterto true in 1.19 which will result in a breaking change. Also include some migration guidance with cli command dedicated for that.I asked about this on slack (https://cilium.slack.com/archives/C2B917YHE/p1749648584305359) if there was any objection to default it in 1.19 and no one raised something so far.
Related to #36194 / #36194 (comment)