From a532e5954aacb7945aaaca6668d6c068a2777d57 Mon Sep 17 00:00:00 2001 From: Tobias Klauser Date: Thu, 14 Oct 2021 15:13:52 +0200 Subject: [PATCH 1/2] go.mod, vendor: update github.com/cilium/cilium to v1.10.5 Signed-off-by: Tobias Klauser --- go.mod | 2 +- go.sum | 4 +- vendor/github.com/cilium/cilium/AUTHORS | 8 +- .../cilium/cilium/api/v1/flow/flow.pb.go | 8 +- .../cilium/cilium/api/v1/flow/flow.proto | 1 + .../cilium/api/v1/observer/observer.pb.go | 1 + .../cilium/pkg/k8s/apis/cilium.io/const.go | 14 +++ .../cilium/pkg/logging/logfields/logfields.go | 6 ++ .../cilium/cilium/pkg/option/config.go | 85 ++++++++++++++----- .../cilium/cilium/pkg/option/constants.go | 2 + vendor/modules.txt | 2 +- 11 files changed, 106 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index 3d47a5950e..791d92a438 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ replace ( require ( github.com/blang/semver/v4 v4.0.0 - github.com/cilium/cilium v1.10.4 + github.com/cilium/cilium v1.10.5 github.com/cilium/hubble v0.8.2 github.com/cilium/workerpool v1.1.0 github.com/cloudflare/cfssl v1.6.0 diff --git a/go.sum b/go.sum index 1f6a716ebd..feccd4394c 100644 --- a/go.sum +++ b/go.sum @@ -165,8 +165,9 @@ github.com/christarazi/controller-tools v0.3.1-0.20200911184030-7e668c1fb4c2/go. github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/cilium v1.10.4 h1:xW56mkiRhxshPcS30IhsCBPwSFEgV3xcQSWMZyg8oq4= github.com/cilium/cilium v1.10.4/go.mod h1:lWTUj3a9NwQKl+6wUCt0iVPySWpsAqm+1lfAXyig1LI= +github.com/cilium/cilium v1.10.5 h1:Pz+nrzC5QCwk856sGffDeSWVJzprCX322591hNIY8Qw= +github.com/cilium/cilium v1.10.5/go.mod h1:CTKt1JRubX/p/4xtUaDmx6139cfYQqI8VI8l7NZBxJA= github.com/cilium/customvet v0.0.0-20201209211516-9852765c1ac4/go.mod h1:MEn5V1CejgUNFP3Y1JKmBC6Mb9TuK53ecHG9lffctFg= github.com/cilium/deepequal-gen v0.0.0-20200406125435-ad6a9003139e/go.mod h1:c4R5wxGyXhbM6zyKeRKNIc9aab5EZi4z4oOSZvUMvZA= github.com/cilium/dns v1.1.4-0.20190417235132-8e25ec9a0ff3/go.mod h1:cXN7jgo+gsGlNvQ7Vqu2ELdc3f7i7PPgupHqSkLzzBo= @@ -1282,6 +1283,7 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210902050250-f475640dd07b h1:S7hKs0Flbq0bbc9xgYt4stIEG1zNDFqyrPwAX2Wj/sE= golang.org/x/sys v0.0.0-20210902050250-f475640dd07b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= diff --git a/vendor/github.com/cilium/cilium/AUTHORS b/vendor/github.com/cilium/cilium/AUTHORS index a50a9e4c00..6fcb01bab4 100644 --- a/vendor/github.com/cilium/cilium/AUTHORS +++ b/vendor/github.com/cilium/cilium/AUTHORS @@ -1,6 +1,7 @@ The following people, in alphabetical order, have either authored or signed off on commits in the Cilium repository: +Àbéjídé Àyodélé abejideayodele@gmail.com AdamKorcz adam@adalogics.com Adam Wolfe Gordon awg@digitalocean.com Aditi Ghag aditi@cilium.io @@ -130,6 +131,7 @@ Jess Frazelle acidburn@microsoft.com Jianlin Lv Jianlin.Lv@arm.com JieJhih Jhang jiejhihjhang@gmail.com Jim Angel jimangel@google.com.com +JinLin Fu withlin@apache.org Jiong Wang jiong.wang@netronome.com Joao Victorino joao@accuknox.com Joe Farrell joe2farrell@gmail.com @@ -167,7 +169,7 @@ Liu Qun qunliu@zyhx-group.com Livingstone S E livingstone.s.e@gmail.com Li Yi denverdino@gmail.com Lorenzo Fundaró lorenzofundaro@gmail.com -Louis DeLosSantos louis.delos@isovalent.com +Louis DeLosSantos louis@isovalent.com Maciej Fijalkowski maciej.fijalkowski@intel.com Maciej Kwiek maciej@isovalent.com Maciej Skrocki maciejskrocki@google.com @@ -261,6 +263,7 @@ Stephen Martin lockwood@opperline.com Steven Ceuppens steven.ceuppens@icloud.com Steven Normore snormore@digitalocean.com Stevo Slavić sslavic@gmail.com +Stijn Smits stijn@stijn98s.nl Strukov Anton anstrukov@luxoft.com Swaminathan Vasudevan svasudevan@suse.com Taeung Song treeze.taeung@gmail.com @@ -286,8 +289,9 @@ Trevor Tao trevor.tao@arm.com Umesh Keerthy B S umesh.freelance@gmail.com Vadim Ponomarev velizarx@gmail.com Valas Valancius valas@google.com -Vance Li liyannois@gmail.com +Vance Li vanceli@tencent.com Vigneshwaren Sunder vickymailed@gmail.com +Ville Ojamo bluikko@users.noreply.github.com Vishnu Soman K vishnusomank05@gmail.com Vlad Artamonov 742047+vladdy@users.noreply.github.com Vlad Gorodetsky v@gor.io diff --git a/vendor/github.com/cilium/cilium/api/v1/flow/flow.pb.go b/vendor/github.com/cilium/cilium/api/v1/flow/flow.pb.go index 0d62bf86de..d94cd07d73 100644 --- a/vendor/github.com/cilium/cilium/api/v1/flow/flow.pb.go +++ b/vendor/github.com/cilium/cilium/api/v1/flow/flow.pb.go @@ -285,6 +285,7 @@ const ( Verdict_DROPPED Verdict = 2 Verdict_ERROR Verdict = 3 Verdict_AUDIT Verdict = 4 + Verdict_REDIRECTED Verdict = 5 ) // Enum value maps for Verdict. @@ -295,6 +296,7 @@ var ( 2: "DROPPED", 3: "ERROR", 4: "AUDIT", + 5: "REDIRECTED", } Verdict_value = map[string]int32{ "VERDICT_UNKNOWN": 0, @@ -302,6 +304,7 @@ var ( "DROPPED": 2, "ERROR": 3, "AUDIT": 4, + "REDIRECTED": 5, } ) @@ -4384,12 +4387,13 @@ var file_flow_flow_proto_rawDesc = []byte{ 0x4d, 0x50, 0x4c, 0x45, 0x10, 0x03, 0x2a, 0x30, 0x0a, 0x09, 0x49, 0x50, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0f, 0x0a, 0x0b, 0x49, 0x50, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x55, 0x53, 0x45, 0x44, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x49, 0x50, 0x76, 0x34, 0x10, 0x01, 0x12, 0x08, - 0x0a, 0x04, 0x49, 0x50, 0x76, 0x36, 0x10, 0x02, 0x2a, 0x50, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x64, + 0x0a, 0x04, 0x49, 0x50, 0x76, 0x36, 0x10, 0x02, 0x2a, 0x60, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x64, 0x69, 0x63, 0x74, 0x12, 0x13, 0x0a, 0x0f, 0x56, 0x45, 0x52, 0x44, 0x49, 0x43, 0x54, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x57, 0x41, 0x52, 0x44, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x44, 0x52, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x12, - 0x09, 0x0a, 0x05, 0x41, 0x55, 0x44, 0x49, 0x54, 0x10, 0x04, 0x2a, 0x88, 0x0d, 0x0a, 0x0a, 0x44, + 0x09, 0x0a, 0x05, 0x41, 0x55, 0x44, 0x49, 0x54, 0x10, 0x04, 0x12, 0x0e, 0x0a, 0x0a, 0x52, 0x45, + 0x44, 0x49, 0x52, 0x45, 0x43, 0x54, 0x45, 0x44, 0x10, 0x05, 0x2a, 0x88, 0x0d, 0x0a, 0x0a, 0x44, 0x72, 0x6f, 0x70, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x17, 0x0a, 0x13, 0x44, 0x52, 0x4f, 0x50, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x17, 0x0a, 0x12, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x5f, 0x53, 0x4f, diff --git a/vendor/github.com/cilium/cilium/api/v1/flow/flow.proto b/vendor/github.com/cilium/cilium/api/v1/flow/flow.proto index cbbee1c80c..e47c309925 100644 --- a/vendor/github.com/cilium/cilium/api/v1/flow/flow.proto +++ b/vendor/github.com/cilium/cilium/api/v1/flow/flow.proto @@ -234,6 +234,7 @@ enum Verdict { DROPPED = 2; ERROR = 3; AUDIT = 4; + REDIRECTED = 5; } // These values are shared with pkg/monitor/api/drop.go and bpf/lib/common.h. diff --git a/vendor/github.com/cilium/cilium/api/v1/observer/observer.pb.go b/vendor/github.com/cilium/cilium/api/v1/observer/observer.pb.go index 40a14ec272..7737e3b3e4 100644 --- a/vendor/github.com/cilium/cilium/api/v1/observer/observer.pb.go +++ b/vendor/github.com/cilium/cilium/api/v1/observer/observer.pb.go @@ -99,6 +99,7 @@ const Verdict_FORWARDED = flow.Verdict_FORWARDED const Verdict_DROPPED = flow.Verdict_DROPPED const Verdict_ERROR = flow.Verdict_ERROR const Verdict_AUDIT = flow.Verdict_AUDIT +const Verdict_REDIRECTED = flow.Verdict_REDIRECTED var Verdict_name = flow.Verdict_name var Verdict_value = flow.Verdict_value diff --git a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go index f6c9522e8a..f8a58c7691 100644 --- a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go +++ b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go @@ -47,21 +47,35 @@ const ( // PodNamespaceMetaLabels is the label used to store the labels of the // kubernetes namespace's labels. PodNamespaceMetaLabels = "io.cilium.k8s.namespace.labels" + + // PodNamespaceMetaNameLabel is the label that Kubernetes automatically adds + // to namespaces. + PodNamespaceMetaNameLabel = PodNamespaceMetaLabels + "." + LabelMetadataName + + // LabelMetadataName is the label name which, in-tree, is used to + // automatically label namespaces, so they can be selected easily by tools + // which require definitive labels. + LabelMetadataName = "kubernetes.io/metadata.name" + // PodNamespaceLabel is the label used in kubernetes containers to // specify which namespace they belong to. PodNamespaceLabel = "io.kubernetes.pod.namespace" + // PodNameLabel is the label used in kubernetes containers to // specify the POD name. PodNameLabel = "io.kubernetes.pod.name" + // AppKubernetes is the label which is recommended by the official k8s // documentation ad the lablel for every resource object. AppKubernetes = "app.kubernetes.io" + // CtrlPrefixPolicyStatus is the prefix used for the controllers set up // to sync the CNP with kube-apiserver. CtrlPrefixPolicyStatus = "sync-cnp-policy-status" // CiliumK8sAnnotationPrefix is the prefix key for the annotations used in kubernetes. CiliumK8sAnnotationPrefix = "cilium.io/" + // CiliumIdentityAnnotationDeprecated is the previous annotation key used to map to an endpoint's security identity. CiliumIdentityAnnotationDeprecated = "cilium-identity" diff --git a/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go b/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go index 32592339b8..f03439310a 100644 --- a/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go +++ b/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go @@ -546,4 +546,10 @@ const ( // ExpectedENIs are the ENIs which are expected to be available ExpectedENIs = "expectedENIs" + + // NumEntries is the number of entries counted + NumEntries = "entries" + + // Hint helps nudge the user in the right direction when troubleshooting. + Hint = "hint" ) diff --git a/vendor/github.com/cilium/cilium/pkg/option/config.go b/vendor/github.com/cilium/cilium/pkg/option/config.go index acb576a3be..876a3a21d2 100644 --- a/vendor/github.com/cilium/cilium/pkg/option/config.go +++ b/vendor/github.com/cilium/cilium/pkg/option/config.go @@ -84,6 +84,10 @@ const ( // ARPPingRefreshPeriod is the ARP entries refresher period ARPPingRefreshPeriod = "arping-refresh-period" + // EnableL2NeighDiscovery determines if cilium should perform L2 neighbor + // discovery. + EnableL2NeighDiscovery = "enable-l2-neigh-discovery" + // BPFRoot is the Path to BPF filesystem BPFRoot = "bpf-root" @@ -316,6 +320,12 @@ const ( // EnableLocalRedirectPolicy enables support for local redirect policy EnableLocalRedirectPolicy = "enable-local-redirect-policy" + // EnableMKE enables MKE specific 'chaining' for kube-proxy replacement + EnableMKE = "enable-mke" + + // CgroupPathMKE points to the cgroupv1 net_cls mount instance + CgroupPathMKE = "mke-cgroup-mount" + // LibDir enables the directory path to store runtime build environment LibDir = "lib-dir" @@ -346,6 +356,9 @@ const ( // EnableBPFMasquerade masquerades packets from endpoints leaving the host with BPF instead of iptables EnableBPFMasquerade = "enable-bpf-masquerade" + // DeriveMasqIPAddrFromDevice is device name which IP addr is used for BPF masquerades + DeriveMasqIPAddrFromDevice = "derive-masquerade-ip-addr-from-device" + // EnableIPMasqAgent enables BPF ip-masq-agent EnableIPMasqAgent = "enable-ip-masq-agent" @@ -452,6 +465,9 @@ const ( // EnableHostReachableServices is the name of the EnableHostReachableServices option EnableHostReachableServices = "enable-host-reachable-services" + // BPFSocketLBHostnsOnly is the name of the BPFSocketLBHostnsOnly option + BPFSocketLBHostnsOnly = "bpf-lb-sock-hostns-only" + // HostReachableServicesProtos is the name of the HostReachableServicesProtos option HostReachableServicesProtos = "host-reachable-services-protos" @@ -960,6 +976,11 @@ const ( // ExternalClusterIPName is the name of the option to enable // cluster external access to ClusterIP services. ExternalClusterIPName = "bpf-lb-external-clusterip" + + // BypassIPAvailabilityUponRestore bypasses the IP availability error + // within IPAM upon endpoint restore and allows the use of the restored IP + // regardless of whether it's available in the pool. + BypassIPAvailabilityUponRestore = "bypass-ip-availability-upon-restore" ) // Default string arguments @@ -1414,6 +1435,7 @@ type DaemonConfig struct { // CLI options BPFRoot string + BPFSocketLBHostnsOnly bool CGroupRoot string BPFCompileDebug string CompilerFlags []string @@ -1455,26 +1477,27 @@ type DaemonConfig struct { // Masquerade specifies whether or not to masquerade packets from endpoints // leaving the host. - EnableIPv4Masquerade bool - EnableIPv6Masquerade bool - EnableBPFMasquerade bool - EnableBPFClockProbe bool - EnableIPMasqAgent bool - EnableEgressGateway bool - IPMasqAgentConfigPath string - InstallIptRules bool - MonitorAggregation string - PreAllocateMaps bool - IPv6NodeAddr string - IPv4NodeAddr string - SidecarIstioProxyImage string - SocketPath string - TracePayloadlen int - Version string - PProf bool - PProfPort int - PrometheusServeAddr string - ToFQDNsMinTTL int + EnableIPv4Masquerade bool + EnableIPv6Masquerade bool + EnableBPFMasquerade bool + DeriveMasqIPAddrFromDevice string + EnableBPFClockProbe bool + EnableIPMasqAgent bool + EnableEgressGateway bool + IPMasqAgentConfigPath string + InstallIptRules bool + MonitorAggregation string + PreAllocateMaps bool + IPv6NodeAddr string + IPv4NodeAddr string + SidecarIstioProxyImage string + SocketPath string + TracePayloadlen int + Version string + PProf bool + PProfPort int + PrometheusServeAddr string + ToFQDNsMinTTL int // DNSMaxIPsPerRestoredRule defines the maximum number of IPs to maintain // for each FQDN selector in endpoint's restored DNS rules @@ -1721,6 +1744,12 @@ type DaemonConfig struct { // EnableRecorder enables the datapath pcap recorder EnableRecorder bool + // EnableMKE enables MKE specific 'chaining' for kube-proxy replacement + EnableMKE bool + + // CgroupPathMKE points to the cgroupv1 net_cls mount instance + CgroupPathMKE string + // KubeProxyReplacementHealthzBindAddr is the KubeProxyReplacement healthz server bind addr KubeProxyReplacementHealthzBindAddr string @@ -1972,6 +2001,15 @@ type DaemonConfig struct { // ARPPingRefreshPeriod is the ARP entries refresher period. ARPPingRefreshPeriod time.Duration + + // EnableL2NeighDiscovery determines if cilium should perform L2 neighbor + // discovery. + EnableL2NeighDiscovery bool + + // BypassIPAvailabilityUponRestore bypasses the IP availability error + // within IPAM upon endpoint restore and allows the use of the restored IP + // regardless of whether it's available in the pool. + BypassIPAvailabilityUponRestore bool } var ( @@ -2370,6 +2408,7 @@ func (c *DaemonConfig) Populate() { c.AllowLocalhost = viper.GetString(AllowLocalhost) c.AnnotateK8sNode = viper.GetBool(AnnotateK8sNode) c.ARPPingRefreshPeriod = viper.GetDuration(ARPPingRefreshPeriod) + c.EnableL2NeighDiscovery = viper.GetBool(EnableL2NeighDiscovery) c.AutoCreateCiliumNodeResource = viper.GetBool(AutoCreateCiliumNodeResource) c.BPFRoot = viper.GetString(BPFRoot) c.CertDirectory = viper.GetString(CertsDirectory) @@ -2394,6 +2433,7 @@ func (c *DaemonConfig) Populate() { c.DevicePreFilter = viper.GetString(PrefilterDevice) c.DisableCiliumEndpointCRD = viper.GetBool(DisableCiliumEndpointCRDName) c.EgressMasqueradeInterfaces = viper.GetString(EgressMasqueradeInterfaces) + c.BPFSocketLBHostnsOnly = viper.GetBool(BPFSocketLBHostnsOnly) c.EnableHostReachableServices = viper.GetBool(EnableHostReachableServices) c.EnableRemoteNodeIdentity = viper.GetBool(EnableRemoteNodeIdentity) c.K8sHeartbeatTimeout = viper.GetDuration(K8sHeartbeatTimeout) @@ -2421,6 +2461,8 @@ func (c *DaemonConfig) Populate() { c.EnableSessionAffinity = viper.GetBool(EnableSessionAffinity) c.EnableBandwidthManager = viper.GetBool(EnableBandwidthManager) c.EnableRecorder = viper.GetBool(EnableRecorder) + c.EnableMKE = viper.GetBool(EnableMKE) + c.CgroupPathMKE = viper.GetString(CgroupPathMKE) c.EnableHostFirewall = viper.GetBool(EnableHostFirewall) c.EnableLocalRedirectPolicy = viper.GetBool(EnableLocalRedirectPolicy) c.EncryptInterface = viper.GetStringSlice(EncryptInterface) @@ -2534,6 +2576,7 @@ func (c *DaemonConfig) Populate() { if err != nil { log.WithError(err).Fatal("Failed to populate masquerading settings") } + c.populateLoadBalancerSettings() c.populateDevices() c.EgressMultiHomeIPRuleCompat = viper.GetBool(EgressMultiHomeIPRuleCompat) @@ -2737,6 +2780,7 @@ func (c *DaemonConfig) Populate() { c.SelectiveRegeneration = viper.GetBool(SelectiveRegeneration) c.SkipCRDCreation = viper.GetBool(SkipCRDCreation) c.DisableCNPStatusUpdates = viper.GetBool(DisableCNPStatusUpdates) + c.BypassIPAvailabilityUponRestore = viper.GetBool(BypassIPAvailabilityUponRestore) } func (c *DaemonConfig) populateMasqueradingSettings() error { @@ -2751,6 +2795,7 @@ func (c *DaemonConfig) populateMasqueradingSettings() error { c.EnableIPv6Masquerade = viper.GetBool(EnableIPv6Masquerade) && c.EnableIPv6 c.EnableBPFMasquerade = viper.GetBool(EnableBPFMasquerade) + c.DeriveMasqIPAddrFromDevice = viper.GetString(DeriveMasqIPAddrFromDevice) return nil } diff --git a/vendor/github.com/cilium/cilium/pkg/option/constants.go b/vendor/github.com/cilium/cilium/pkg/option/constants.go index f116e647d8..ef3bf489fc 100644 --- a/vendor/github.com/cilium/cilium/pkg/option/constants.go +++ b/vendor/github.com/cilium/cilium/pkg/option/constants.go @@ -47,3 +47,5 @@ const ( ClockSourceKtime BPFClockSource = iota ClockSourceJiffies ) + +const HostExtensionMKE = 0x1bda7a diff --git a/vendor/modules.txt b/vendor/modules.txt index d5d8885f23..c906948d16 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -44,7 +44,7 @@ github.com/blang/semver/v4 # github.com/cespare/xxhash/v2 v2.1.1 ## explicit; go 1.11 github.com/cespare/xxhash/v2 -# github.com/cilium/cilium v1.10.4 +# github.com/cilium/cilium v1.10.5 ## explicit; go 1.16 github.com/cilium/cilium/api/v1/client github.com/cilium/cilium/api/v1/client/daemon From 37c899809caf9bff1e62be257d94cffe91494daf Mon Sep 17 00:00:00 2001 From: Tobias Klauser Date: Thu, 14 Oct 2021 15:14:52 +0200 Subject: [PATCH 2/2] Update default Cilium version to 1.10.5 Signed-off-by: Tobias Klauser --- defaults/defaults.go | 2 +- internal/cli/cmd/install.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/defaults/defaults.go b/defaults/defaults.go index 12c57cc3e6..cb3d6ca0b6 100644 --- a/defaults/defaults.go +++ b/defaults/defaults.go @@ -67,7 +67,7 @@ const ( ConnectivityCheckJSONMockImage = "quay.io/cilium/json-mock:v1.3.0@sha256:2729064827fa9dbfface8d3df424feb6c792a0ba07117b844349635c93c06d2b" ConfigMapName = "cilium-config" - Version = "v1.10.4" + Version = "v1.10.5" TunnelType = "vxlan" diff --git a/internal/cli/cmd/install.go b/internal/cli/cmd/install.go index 0438d7e8eb..d5844898b9 100644 --- a/internal/cli/cmd/install.go +++ b/internal/cli/cmd/install.go @@ -127,7 +127,7 @@ Examples: cilium upgrade # Upgrade Cilium to a specific version -cilium upgrade --version v1.10.4 +cilium upgrade --version v1.10.5 `, RunE: func(cmd *cobra.Command, args []string) error { installer, err := install.NewK8sInstaller(k8sClient, params)