Skip to content

Commit

Permalink
Update cilium images (patch) (#353)
Browse files Browse the repository at this point in the history
* Update cilium images

* Update properly to cilium v1.16.4

---------

Co-authored-by: Johannes Scheerer <[email protected]>
  • Loading branch information
gardener-ci-robot and ScheererJ authored Nov 27, 2024
1 parent cd6e564 commit 6258698
Show file tree
Hide file tree
Showing 6 changed files with 24 additions and 11 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -664,6 +664,7 @@ data:
proxy-xff-num-trusted-hops-ingress: "0"
proxy-xff-num-trusted-hops-egress: "0"
proxy-connect-timeout: "2"
proxy-initial-fetch-timeout: "30"
proxy-max-requests-per-connection: "0"
proxy-max-connection-duration-seconds: "0"
proxy-idle-timeout-seconds: "60"
Expand Down
15 changes: 8 additions & 7 deletions charts/internal/cilium/charts/envoy/templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -265,6 +265,7 @@ data:
},
"dynamicResources": {
"ldsConfig": {
"initialFetchTimeout": "30s",
"apiConfigSource": {
"apiType": "GRPC",
"transportApiVersion": "V3",
Expand All @@ -280,6 +281,7 @@ data:
"resourceApiVersion": "V3"
},
"cdsConfig": {
"initialFetchTimeout": "30s",
"apiConfigSource": {
"apiType": "GRPC",
"transportApiVersion": "V3",
Expand All @@ -303,14 +305,13 @@ data:
}
}
],
"layeredRuntime": {
"layers": [
"overload_manager": {
"resource_monitors": [
{
"name": "static_layer_0",
"staticLayer": {
"overload": {
"global_downstream_max_connections": 50000
}
"name": "envoy.resource_monitors.global_downstream_max_connections",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.resource_monitors.downstream_connections.v3.DownstreamConnectionsConfig",
"max_active_downstream_connections": "50000"
}
}
]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ spec:
- signing
- key encipherment
- server auth
- client auth
validity: 26280h
- name: hubble-relay-client-certs
namespace: kube-system
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ spec:
- signing
- key encipherment
- server auth
- client auth
validity: 26280h
- name: hubble-relay-client-certs
namespace: kube-system
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,15 @@ rules:
# to automatically delete [core|kube]dns pods so that are starting to being
# managed by Cilium
- delete
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
- cilium-config
verbs:
# allow patching of the configmap to set annotations
- patch
- apiGroups:
- ""
resources:
Expand Down
8 changes: 4 additions & 4 deletions imagevector/images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ images:
- name: cilium-agent
sourceRepository: github.com/cilium/cilium
repository: quay.io/cilium/cilium
tag: v1.16.2
tag: v1.16.4
labels:
- name: 'gardener.cloud/cve-categorisation'
value:
Expand All @@ -21,7 +21,7 @@ images:
- name: cilium-envoy
sourceRepository: github.com/cilium/cilium
repository: quay.io/cilium/cilium-envoy
tag: v1.29.9-1726784081-a90146d13b4cd7d168d573396ccf2b3db5a3b047
tag: v1.30.7-1731393961-97edc2815e2c6a174d3d12e71731d54f5d32ea16
labels:
- name: 'gardener.cloud/cve-categorisation'
value:
Expand All @@ -34,7 +34,7 @@ images:
- name: cilium-operator
sourceRepository: github.com/cilium/cilium
repository: quay.io/cilium/operator
tag: v1.16.2
tag: v1.16.4
labels:
- name: 'gardener.cloud/cve-categorisation'
value:
Expand Down Expand Up @@ -73,7 +73,7 @@ images:
- name: hubble-relay
sourceRepository: github.com/cilium/hubble-ui
repository: quay.io/cilium/hubble-relay
tag: v1.16.2
tag: v1.16.4
labels:
- name: 'gardener.cloud/cve-categorisation'
value:
Expand Down

0 comments on commit 6258698

Please sign in to comment.