stable-2.14.9 #11949
Merged
stable-2.14.9 #11949
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Followup to linkerd/linkerd2-proxy-init#306 Fixes #11073 This adds the `reinitialize-pods` container to the `linkerd-cni` DaemonSet, along with its config in `values.yaml`. Also the `linkerd-cni`'s version is bumped, to contain the new binary for this controller.
#11907) Whenever the destination controller's informer receives an update of a Server resource, it checks every portPublisher in the endpointsWatcher to see if the Server selects any pods in that servicePort and updates those pods' opaque protocol field. Regardless of if any pods were matched or if the opaque protocol changed, an update is sent to each listener. This results in an update to every endpointTranslator each time a Server is updated. During a resync, we get an update for every Server in the cluster which results in N updates to each endpointTranslator where N is the number of Servers in the cluster. If N is greater than 100, it becomes possible that these N updates could overflow the endpointTranslator update queue if the queue is not being drained fast enough. We change this to only send the update for a Server if at least one of the servicePort addresses was selected by that server AND it's opaque protocol field changed. Signed-off-by: Alex Leong <[email protected]>
The Tap API resource shortnames were colliding with existing Kubernetes resources (e.g. `po`, `deploy`, etc), causing warnings from kubectl v1.29.0+. Remove the shortnames from the Tap APIService handlers. To validate: ```bash bin/k3d cluster create # install latest edge curl https://run.linkerd.io/install-edge | sh linkerd install --crds | kubectl apply -f - linkerd install | kubectl apply -f - linkerd check linkerd viz install | kubectl apply -f - linkerd check # observe shortnames kubectl api-resources --api-group=tap.linkerd.io # with kubectl v1.29.0+, observe "Warning: short name..." kubectl get po # replace tap image TAP_IMAGE=$(bin/docker-build-tap) bin/k3d image load $TAP_IMAGE kubectl -n linkerd-viz set image deploy/tap tap=$TAP_IMAGE # verify shortnames are no longer present kubectl api-resources --api-group=tap.linkerd.io # with kubectl v1.29.0+, observe no warning kubectl get po ``` Fixes #11784 Signed-off-by: Andrew Seigner <[email protected]>
We released a new version of the CNI plugin. The chart has been updated to reference the new version, however, some of the tests and the Go `version` pkg still reference the old version (v1.2.2). When installing through the CLI, I noticed that even though the chart value renders an image for the new repair controller, the image used is still v1.2.2, and as such, the container won't be started due to a missing binary. This change bumps the version to v1.3.0 everywhere. Signed-off-by: Matei David <[email protected]>
adleong
force-pushed
the
alex/stable-2.14.9
branch
from
a070ab3 to
6b917e5
Compare
Signed-off-by: Alex Leong <[email protected]>
adleong
force-pushed
the
alex/stable-2.14.9
branch
from
6b917e5 to
3469999
Compare
mateiidavid
approved these changes
Jan 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This stable release adds a cni-repair-controller which fixes the issue of
injected pods that cannot acquire proper network config because linkerd-cni
and/or the cluster's network CNI haven't fully started (#11699). It also
fixes a bug in the destination controller where having a large number of
Server resources could cause the destination controller to use an excessive
amount of CPU (#11907). Finally, it fixes a conflict with tap resource
shortnames which was causing warnings from kubectl v1.29.0+ (#11816).