Skip to main content

Browse the archive

https://github.com/cilium/cilium
31 August 2024, 23:00:30 UTC
sort by:
Revision Author Date Message Commit Date
40557c1 Thomas Graf 03 December 2017, 21:10:46 UTC v1.0.0-rc2 release Signed-off-by: Thomas Graf <thomas@cilium.io> 03 December 2017, 22:18:13 UTC
08649f1 Thomas Graf 03 December 2017, 01:39:28 UTC Documentation: Split into multiple sidebar sections Signed-off-by: Thomas Graf <thomas@cilium.io> 04 December 2017, 05:32:42 UTC
8b4751e Thomas Graf 02 December 2017, 02:33:09 UTC Documentation: Do not prefix sections with "Cilium" Signed-off-by: Thomas Graf <tgraf@suug.ch> 04 December 2017, 05:32:42 UTC
53baed1 Thomas Graf 28 November 2017, 00:36:41 UTC Documentation: Convert README to rst Allows to share the functionality overview and further reading section with the docs. Signed-off-by: Thomas Graf <thomas@cilium.io> 04 December 2017, 05:32:42 UTC
1310505 Thomas Graf 27 November 2017, 19:45:54 UTC Documentation: Update sphinx theme Signed-off-by: Thomas Graf <thomas@cilium.io> 04 December 2017, 05:32:42 UTC
cd30f12 Thomas Graf 27 November 2017, 14:47:58 UTC README: Updates - Update and extend functionality overview - Add Jessie's snowflake setup Signed-off-by: Thomas Graf <thomas@cilium.io> 04 December 2017, 05:32:42 UTC
424a577 Thomas Graf 26 November 2017, 04:11:11 UTC Documentation: check for dependencies sphinx-tabs and recommonmark Signed-off-by: Thomas Graf <thomas@cilium.io> 04 December 2017, 05:32:42 UTC
57d31cb André Martins 04 December 2017, 01:12:18 UTC pkg: fixed monitor output for conntrack messages Fixed swapped src dst IPs on Conntrack related messages on the monitor's output: before fix: CPU 00: MARK 0xb140dcc2 FROM 29140 DEBUG: Conntrack lookup 1/2: src=10.15.71.108:58582 dst=10.15.22.134:85 after fix: CPU 00: MARK 0xb140dcc2 FROM 29140 DEBUG: Conntrack lookup 1/2: src=10.15.22.134:58582 dst=10.15.71.108:85 Signed-off-by: André Martins <andre@cilium.io> 04 December 2017, 03:00:01 UTC
82d543a Alexander Alemayhu 03 December 2017, 19:37:45 UTC Documentation: use VERSION file If the release ends with the `.90` patch we know the branch should be master. For everything else use the release format "v{major}.{minor}". Closes: #1805 (Documentation website title includes outdated cilium version) Suggested-by: Thomas Graf <thomas@cilium.io> Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 04 December 2017, 01:23:27 UTC
cddc016 Thomas Graf 03 December 2017, 06:23:50 UTC Documentation: Generate command reference for agent Signed-off-by: Thomas Graf <thomas@cilium.io> 03 December 2017, 17:24:24 UTC
0ed7f13 Thomas Graf 03 December 2017, 05:57:46 UTC agent: Add hidden cmdref command Signed-off-by: Thomas Graf <thomas@cilium.io> 03 December 2017, 17:24:24 UTC
ad4184e André Martins 03 December 2017, 14:16:46 UTC cmd: fixing cilium endpoint list output Fixing output of cilium endpoint list an endpoint with multi labels Signed-off-by: André Martins <andre@cilium.io> 03 December 2017, 16:05:45 UTC
36b979d Alexander Alemayhu 03 December 2017, 11:33:38 UTC examples: readd cilium-ds.yaml in minikube examples We are still linking to this from the Kubernetes website[0]. When the link has been updated this commit this can be reverted. Tested that this works by replacing the URL with my branch kubectl create -f https://raw.githubusercontent.com/scanf/cilium/k8s-policy-url/examples/minikube/cilium-ds.yaml [0]: https://kubernetes.io/docs/tasks/administer-cluster/cilium-network-policy/ Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 03 December 2017, 13:21:50 UTC
85d9f39 Thomas Graf 02 December 2017, 21:48:12 UTC test: Adjust tests to separate ingress/egress default deny Changes GetPolicyStatus() to return a more fine grained count to differentiate between ingress and egress default deny. Signed-off-by: Thomas Graf <thomas@cilium.io> 03 December 2017, 02:51:22 UTC
acb2395 Thomas Graf 03 December 2017, 00:36:48 UTC examples: Remove flag only available in latest The documentation examples still point to the HEAD branch despite the attempt to fix this. Remove the flag for now. Signed-off-by: Thomas Graf <thomas@cilium.io> 03 December 2017, 00:38:07 UTC
6f0093b Strukov Anton 28 November 2017, 14:03:31 UTC Forgot about install section 02 December 2017, 20:33:10 UTC
ae903d7 Strukov Anton 28 November 2017, 13:47:45 UTC More obvious how to achieve bpffs mounted by systemd. 02 December 2017, 20:33:10 UTC
8a55425 Manali Bhutiyani 28 November 2017, 23:35:55 UTC Separate ingress and egress default deny with separate controls The current behaviour puts an endpoint into default deny at ingress whenever there is a policy rule that selects the endpoint. This behaviour can be modified by running the agent in "always" policy enforcement mode in which case all endpoints are always in default deny mode. With the introduction of egress rules, it is unclear whether a policy rule should put an endpoint into default deny at ingress, egress, or both. New behaviour: 1. If any rule selects an endpoint and the rule has an ingress section, the endpoint goes into default deny at ingress 2. If any rule selects an endpoint and the rule has an egress section, the endpoint goes into default deny at egress. 3. An empty endpoint label selector selects all endpoints 4. An empty CIDR block allows nothing Fixes: #2002 Signed-off-by: Manali Bhutiyani manali@covalent.io 02 December 2017, 19:40:34 UTC
f4760a5 Thomas Graf 26 November 2017, 15:09:25 UTC bpf: Split policy enforcement enablement into ingress and egress Replaces the existing logic which enables policy enforcement generally based on a single defined POLICY_ENFORCEMENT to more fine grained control via POLICY_INGRESS and POLICY_EGRESS. Signed-off-by: Thomas Graf <thomas@cilium.io> 02 December 2017, 19:40:34 UTC
7fcc17b Alexander Alemayhu 24 November 2017, 17:08:52 UTC cilium: add bugtool as subcommand Also regenerate command reference. Requested-by: André Martins <andre@cilium.io> Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
3465f70 Alexander Alemayhu 20 November 2017, 18:34:40 UTC tests: copy the debuginfo and cilium-bugtool output for CI artifact Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
ecb4b1d Alexander Alemayhu 20 November 2017, 14:19:04 UTC Documentation: show usage examples of bugtool and debuginfo Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
4931e2f Alexander Alemayhu 15 November 2017, 09:50:50 UTC contrib: add cilium-bugtool to docker cp-dirs We want this to be available from the container. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
ab1fcf9 Alexander Alemayhu 13 November 2017, 04:05:17 UTC cilium-bugtool: new tool for extracting debug info from environment $ cilium-bugtool --help cilium-bugtool - capture system and node information for debugging a Cilium node Usage: bugtool [flags] Flags: -H, --host string URI to server-side API --k8s-label string Kubernetes label for Cilium pod (default "k8s-app=cilium") --k8s-namespace string Kubernetes namespace for Cilium pod (default "kube-system") -p, --port int Port to use for the HTTP server, (default 4444) (default 4444) --serve Start HTTP server to serve static files -t, --tmp string Path to store extracted files (default "/tmp/") Closes: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
1b07bf7 Alexander Alemayhu 12 November 2017, 03:58:40 UTC cilium: add subcommand for reading debuginfo This is the first consumer of `GET /debuginfo`. $ cilium debuginfo --help Request available debugging information from agent Usage: cilium debuginfo [flags] Flags: -f, --file string Redirect output to file Global Flags: --config string config file (default is $HOME/.cilium.yaml) -D, --debug Enable debug messages -H, --host string URI to server-side API Also regenerate the command reference. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
549b7cf Alexander Alemayhu 11 November 2017, 09:15:19 UTC daemon: populate debuginfo structure Use all of the refactored functions to retrieve status, endpoints, rules, etc. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
d99e43f Alexander Alemayhu 15 November 2017, 15:45:39 UTC monitor: expose the PID will be used in `GET /debuginfo` to read the memory map. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
81828cb Alexander Alemayhu 16 November 2017, 04:59:42 UTC policy: add function for retrieving the rules list Will be used in `GET /debuginfo`. No functional change intended. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
76f3aca Alexander Alemayhu 14 November 2017, 15:11:14 UTC service: refactor so getting service list outside is easier used in `GET /debuginfo`. No functional change intended. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
f7b7766 Alexander Alemayhu 14 November 2017, 12:49:12 UTC endpoint: refactor retrieving and print endpoint list Makes it easier to use from `GET /debuginfo`. No functional change intended. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
83f15b4 Alexander Alemayhu 12 November 2017, 06:15:07 UTC status: move retrieving status into a separate function This makes it easier for other call sites on the agent side interested in the status structure to read it without performing a HTTP request. Will be used in `cilium debuginfo`. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
1e9abc6 Alexander Alemayhu 12 November 2017, 05:49:08 UTC version: add a structure to read out some of the version fields This will be used by `cilium-bugtool` and `cilium debuginfo`. While it's added to simplify the version printing it can be used to add a JSON format, but was not needed for now so left the FIXME alone. The test is there to detect changes to the format in case someone starts depending on this order. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
e005656 Alexander Alemayhu 11 November 2017, 04:21:39 UTC api: new endpoint for extracting debug information from agent - `GET /debuginfo` returns the `DebugInfo` structure which contains - Cilium version - Kernel version - Cilium status - Endpoint list - Service list - Policy - Cilium process memory map - Cilium node monitor process memory map - Environment variables This is will have two users. The first one is new subcommand `cilium debuginfo` and the second is `cilium-bugtool`. Related: #1942 (bugtool - tool to capture node/system information) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 17:16:30 UTC
f3e5119 Joe Stringer 01 December 2017, 18:48:46 UTC manager: Make style a bit more consistent Other parts of the code often wraps logging lines for readability, and uses `defer` for unlocking in a function that has simple locking usage. Apply this style to these functions as well. Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 16:00:33 UTC
4228e90 Joe Stringer 01 December 2017, 18:45:09 UTC manager: Delete nodes even if map update fails Previously, it was plausible for the IPv4 tunnel endpoint to be deleted then the IPv6 tunnel endpoint would remain, in which case the node would remain, the tunnel endpoint would no longer exist in BPF, and the host routes would not be replaced. Make this more consistent by deleting the entries, logging any failures to do so, and always updating the routes if any node deletion or route update is attempted. Found by inspection. Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 16:00:33 UTC
b1b8a66 Joe Stringer 01 December 2017, 18:33:52 UTC manager: Log failure to delete CIDR at debug level This log appears spuriously on startup, but is harmless in that case. Log at debug level instead. Fixes: #1915 Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 16:00:33 UTC
b8f4732 Joe Stringer 01 December 2017, 20:51:53 UTC bpf: Avoid excessive proxymap updates Periodically updating the contents of BPF map entries is expensive due to the atomic updates, syscalls, data copy, etc, but the only thing that is relevant for garbage collection is to ensure that deletion occurs at the correct time. Rather than actively updating proxymap entry periodically from userspace, set the lifetime initially to the monotonic time when the entry is intended to expire, and only perform deletion from userspace for the entry after that time is exceeded. This is the proxymap equivalent of the changes that commit d53ffc9b7172 ("bpf: avoid excessive map updates due to timeout update") made for the ctmap. Fixes: #1566 Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 15:59:51 UTC
090fac2 Joe Stringer 01 December 2017, 21:01:43 UTC bpf: Fix typo LIFEIME -> LIFETIME Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 15:59:51 UTC
997cd4e Joe Stringer 02 December 2017, 00:46:12 UTC CODEOWNERS: Fix up ordering Apparently when I previously sorted using `sort`, some subdirectories ended up listing above the parent directory. Fix up the remaining incorrect directory ordering. Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 15:58:16 UTC
9f795da Joe Stringer 01 December 2017, 23:27:29 UTC Documentation: Document dependencies to build documentation Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 01:29:13 UTC
20a525c Joe Stringer 01 December 2017, 23:26:43 UTC Documentation: Highlight good first issues for developers Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 01:29:13 UTC
c09ab81 Joe Stringer 14 November 2017, 22:37:52 UTC docker: Clarify how to add new directories When adding new base directories to the tree, contrib/packaging/cp-dirs.sh needs to be extended to help the docker scripts know how to package the new directory. Clarify the instructions in the dockerfiles. Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 01:29:13 UTC
41f6a80 Joe Stringer 17 October 2017, 16:34:51 UTC policy: Convert comment to debug message This comment could be just as well served as a debug message, which would allow devs to notice this occurring at runtime. Switch it over. Signed-off-by: Joe Stringer <joe@covalent.io> 02 December 2017, 01:29:13 UTC
9d140a2 Ian Vernon 01 December 2017, 19:01:55 UTC tests: only output last 200 lines of various logs This will help us avoid having disk fill up on Jenkins. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:25:42 UTC
f9451d1 Alexander Alemayhu 17 November 2017, 07:36:41 UTC Documentation: add cheat sheet for CLI Closes: #1736 (Cheatsheet for people getting started) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:06:18 UTC
a3d68a7 Alexander Alemayhu 30 November 2017, 13:04:23 UTC tests: cause failure when missing cmdref changes Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:06:18 UTC
6d3d5b9 Alexander Alemayhu 29 November 2017, 10:42:24 UTC monitor: add a README file Requested-by: Ashwin Paranjpe <ashwin@covalent.io> Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:06:18 UTC
cc12604 Ian Vernon 30 November 2017, 19:55:41 UTC test/helpers: truncate the output of logs to console To avoid having a ton of logs dumped to console, just give the last 50 lines. If for some reason there are tons of logs created by Cilium (i.e., > 1 GB) this will reduce the load on Jenkins. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
f3c3cdb Ian Vernon 30 November 2017, 19:54:32 UTC test: refactor SetPolicyEnforcement Explicitly wait for endpoints to be ready after each update of PolicyEnforcement for the Cilium daemon. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
aaeadb2 Ian Vernon 30 November 2017, 19:53:23 UTC test/runtime: update Kafka test to reflect node refactoring Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
1757163 Ian Vernon 19 November 2017, 20:50:50 UTC test: remove Vagrant type The Vagrant type was just an empty struct, which contained no useful state. Remove this struct and refactor functions that used it to not have it as a receiver. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
2cd8320 Ian Vernon 18 November 2017, 19:21:13 UTC test: refactor Kubectl helper * refactor Kubectl helper to just be a wrapper around SSHMeta Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
f9cd7e6 Ian Vernon 18 November 2017, 19:11:24 UTC test/helpers: remove Docker type Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
3cbdd5c Ian Vernon 18 November 2017, 19:10:11 UTC test/helpers: remove Cilium type Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
9362e15 Ian Vernon 18 November 2017, 18:50:55 UTC test: refactor cilium.Exec to cilium.ExecCilium * Refactor name for function to execute Cilium CLI commands in preparation for eliminating Cilium type. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
c4c027b Ian Vernon 18 November 2017, 18:46:33 UTC test: refactor CreateNewRuntimeHelper * Refactor CreateNewRuntimeHelper to return an SSHMeta instead of a Docker type for Docker commands. This is intermediate as this function will eventually only return one SSHMeta. Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
ce43126 Ian Vernon 18 November 2017, 18:40:36 UTC test/helpers: change Docker receiver type to SSHMeta receiver type Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
9f04554 Ian Vernon 18 November 2017, 18:34:19 UTC test/helpers: add logger as member of SSHMeta Signed-off by: Ian Vernon <ian@cilium.io> 02 December 2017, 00:05:23 UTC
f4e46ef Alexander Alemayhu 23 November 2017, 11:38:58 UTC tests: perform validation on YAML examples This is just on a syntax level, _not_ a proper policy runtime test. Also making the script make sure that when a policy exist there should be a equivalent of the counter part. So if a JSON example is missing it fails and the same for YAML. To get the test passing added missing YAML files for the getting-started guide. Closes: #1845 (Validate example policies in Cilium documentation) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:04:06 UTC
f53b1d4 Alexander Alemayhu 23 November 2017, 11:43:44 UTC vagrant: install YAML linter > yamllint does not only check for syntax validity, but for weirdnesses like key repetition and cosmetic problems such as lines length, trailing spaces, indentation, etc. Related: #1845 (Validate example policies in Cilium documentation) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:04:06 UTC
8bbce83 Alexander Alemayhu 01 December 2017, 10:37:25 UTC Documentation: use tabs for all examples in policy section Checked all the JSON examples by importing them all with 10s interval and also once deleting all policies before importing a new one. The only noticeable error was (assuming it is harmless) "Unable to create http proxy" error="address already in use" id="38939:ingress:TCP:80" kind=oxy Also tested the YAML examples similar to above but using `kubectl instead. Did not see any errors but noticed that the `toServices` end up with a empty egress (assuming it is expected). Related: #1845 (Validate example policies in Cilium documentation) Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 02 December 2017, 00:04:06 UTC
be371d4 Ian Vernon 30 November 2017, 22:47:42 UTC tests: remove set +x in cidr-limit test There is no reason for this flag to be unset. The output of the test is redirected to a file for further debugging. Signed-off by: Ian Vernon <ian@cilium.io> 01 December 2017, 23:49:59 UTC
dd99fc6 Ian Vernon 30 November 2017, 22:33:28 UTC tests: adding more logs to 20-cidr-limit Add more logs to 20-cidr-limit which has been failing sporadically in the build. Signed-off by: Ian Vernon <ian@cilium.io> 01 December 2017, 23:49:59 UTC
09bd419 Ray Bejjani 30 November 2017, 21:10:05 UTC Documentation: k8s metrics examples and instructions cilium-agent can serve metrics to prometheus. This is now exposed in our examples, along with a minimal prometheus k8s spec to illustrate it. We detail this in a new docs page about metrics. Signed-off-by: Ray Bejjani <ray@covalent.io> 01 December 2017, 23:49:22 UTC
225904a Joe Stringer 01 December 2017, 02:44:16 UTC cmd: Improve L4Policy output in `endpoint get` The API for `cilium endpoint get` renders the L4Policies as a nested JSON string which looks ugly when formatted to the terminal. When processing the response to this query, look for nested JSON, unquote it; decode it; and re-marshal it into the buffer so we get nice output. Fixes: #1584 Signed-off-by: Joe Stringer <joe@covalent.io> 01 December 2017, 23:47:35 UTC
bd9b5cd Joe Stringer 30 November 2017, 18:56:31 UTC cmd: Add `--json` support to `endpoint get` This prints the raw JSON from the API, since upcoming changes will modify the output formatting. Signed-off-by: Joe Stringer <joe@covalent.io> 01 December 2017, 23:47:35 UTC
a870b3a Joe Stringer 01 December 2017, 21:30:08 UTC CODEOWNERS: Reorder to fix ownership precedence CODEOWNERS is a linear list of filepaths with the specified owners where entries later in the file overwrite entries earlier in the file[1]. To ensure that the appropriate owners are requested, sort the contents of this file. The particular file `daemon/bpf.sha` was triggering the wrong owners previously, this fixes that and makes the list more robust. [1] https://github.com/blog/2392-introducing-code-owners Signed-off-by: Joe Stringer <joe@covalent.io> 01 December 2017, 23:44:13 UTC
81f0b2c Ian Vernon 01 December 2017, 22:22:35 UTC Documentation: add Nightly test information to contributing Signed-off by: Ian Vernon <ian@cilium.io> 01 December 2017, 23:43:11 UTC
c8b788b Ian Vernon 01 December 2017, 21:46:20 UTC Documentation: clarify Jenkins access Signed-off by: Ian Vernon <ian@cilium.io> 01 December 2017, 23:43:11 UTC
d551eda André Martins 30 November 2017, 17:45:39 UTC Revert "tests: Disable tests temporarily to resolve CI build failures" This reverts commit db33c9340afaf726186dde57886586ac86b74b9b. Signed-off-by: André Martins <andre@cilium.io> 01 December 2017, 18:56:04 UTC
32448cf André Martins 01 December 2017, 00:54:01 UTC tests: fixed verbose output of 999-deadlock-check.sh Signed-off-by: André Martins <andre@cilium.io> 01 December 2017, 03:51:12 UTC
41d6f21 André Martins 28 November 2017, 23:41:51 UTC pkg/proxy: add Lock for ProxySource Due DATA Races being detected by the race detector, it was necessary to change the RLock and RUnlock calls to Lock and Unlock calls. This is manly due the `endpoint.GetLabelsSHA()` method which can overwrite internal endpoint's attributes. Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 23:14:15 UTC
361ad2d André Martins 28 November 2017, 23:33:51 UTC pkg/endpoint: RLock endpoint in ResolveIdentity Endpoint.Consumable is protected by this mutex and so this variable needs to be protected. Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 23:14:15 UTC
52df506 André Martins 28 November 2017, 23:31:18 UTC daemon: use endpoints mutex directly Use endpoints mutex instead of method mainly used by the ProxySource interface Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 23:14:15 UTC
711c1d3 André Martins 28 November 2017, 23:30:09 UTC pkg/endpoint: assign errors to err to detect failure on defer Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 23:14:15 UTC
b7821e9 Alexander Alemayhu 30 November 2017, 19:11:56 UTC Documentation: bump sphinx-tabs version The rendering issue we were seeing has been fixed in[0]. [0]: https://github.com/djungelorm/sphinx-tabs/commit/8709047d7f2e069ecfa8cd61ab3fcd82b09b3200 Signed-off-by: Alexander Alemayhu <alexander@alemayhu.com> 30 November 2017, 22:07:37 UTC
0948bc0 André Martins 24 November 2017, 23:41:33 UTC endpointmanager: hide mutex in the package This commit hides the endpointmanager internal mutex to be inaccessible by outside of this package. This also fixes some data race conditions that were triggered by misplaced lock / unlocks of this package. Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 20:02:37 UTC
d4de83a André Martins 30 November 2017, 00:07:01 UTC pkg/kvstore: fixed race in internal mutex map - Created unit tests for lock_test.go - Add reference counter to allow removing unused lockpaths once they are no longer used. Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 18:32:13 UTC
6373429 Eloy Coto 30 November 2017, 14:25:22 UTC Ginkgo- Fix logging issues Fix issues that we had on the jenkins builds from 334 to 341. Issue introduced by commit ca0dbdf. Signed-off-by: Eloy Coto <eloy.coto@gmail.com> 30 November 2017, 16:59:05 UTC
fd8144e André Martins 30 November 2017, 11:13:59 UTC docs: add missing cmdref Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 14:56:56 UTC
5d882fd Daniel Borkmann 30 November 2017, 13:18:10 UTC bpf: fix verifier error in dameon debug mode with newer LLVM versions 4.9.65 doesn't have narrow ctx access support in verifier, and clang generates such patterns occasionally when it thinks only up to specific size is accessed anyway. Fix the following error: [...] level=warning msg="72: (b7) r5 = 20" level=warning msg="73: (85) call 25" level=warning msg="74: (71) r1 = *(u8 *)(r10 -132)" level=warning msg="75: (71) r3 = *(u8 *)(r6 +44)" level=warning msg="invalid bpf_context access off=44 size=1" Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> 30 November 2017, 14:56:13 UTC
3f4f037 Ray Bejjani 30 November 2017, 10:37:38 UTC monitor: update Makefile dependencies in Makefile The monitor uses a number of packages under pkg/ and autogenerated files under api/ The Makefile reflects this and will cause a recompile when these files are changed. Signed-off-by: Ray Bejjani <ray@covalent.io> 30 November 2017, 13:15:37 UTC
62b9d61 Joe Stringer 29 November 2017, 17:53:37 UTC cilium-health: Add '--admin' option to restrict resources The new '--admin' option restricts which protocols that the /healthz and /status resources are served over. If specified as 'unix', it will only serve these resources over the unix socket (if not otherwise disabled by --passive); if specified as 'any' (default), these resources will also be served over the HTTP sockets. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
c93d4ce Joe Stringer 27 November 2017, 20:46:25 UTC daemon: Launch cilium-health on startup Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
c7a6348 Joe Stringer 27 November 2017, 20:45:33 UTC pkg: Refactor monitor launcher common code A generic launcher will be useful for an upcoming commit where the Cilium daemon also launches the cilium-health daemon. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
a19b4d2 Joe Stringer 21 November 2017, 04:09:21 UTC cilium-health: Add --passive mode for HTTP server Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
f1ef0bd Joe Stringer 24 November 2017, 23:57:53 UTC cilium-health: Add support for HTTP ping to nodes Add support to the cilium-health client and server to host a new /hello API call over TCP socket 4240, and be able to make requests to it. Pinging this port on all known cluster nodes is done periodically, just like how regular ICMP ping polling is done. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
d95ad2e Joe Stringer 16 November 2017, 00:00:43 UTC cilium-health: Report ping status to other nodes Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
72dd0ea Joe Stringer 15 November 2017, 02:25:33 UTC vendor: Add github.com/servak/go-fastping Also add the transitive dependencies on golang.org ICMP/IPv4/IPv6. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
87c2bb5 Joe Stringer 15 November 2017, 23:54:09 UTC cilium-health: Add new health status agent cilium-health is a new client and daemon which allows users to probe the status of the local node, and also of the connectivity between the local node and remote nodes in the cluster. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
ecf94d8 Joe Stringer 15 November 2017, 23:51:20 UTC api: Add swagger-generated health API Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
d80859b Joe Stringer 15 November 2017, 23:50:54 UTC api: Add cilium-health API GET /status: Returns the connectivity status to all other cilium-health instances using interval-based probing. GET /status/probe: Runs a synchronous probe to all other cilium-health instances and returns the connectivity status. GET /healthz: Returns current health: * uptime * system load * local agent status See also Issue #1947 Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
5a9ae01 Joe Stringer 14 November 2017, 20:49:30 UTC vendor: Add github.com/c9s/goprocinfo/linux goprocinfo provides a wrapper around /proc on linux systems, which will be used to collect system load in an upcoming commit. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
19cce6e Joe Stringer 17 November 2017, 01:01:18 UTC client: Fix connecting to TCP servers Previously, the client package created the client by passing the entire "unix://foo" or "http://foo" host string into the hostname field of the client, however when creating a client using an "http://" host string this would result in HTTP requests attempting to reach "http://http://hostname". Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
7afe49d Joe Stringer 24 November 2017, 23:15:34 UTC cmd: Add "--json" option. This is only used by some commands right now, so leave it hidden (since it's a bit inconsistent). When each command implements json-formatting the responses, we can make this not hidden. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
de3da23 Joe Stringer 14 November 2017, 18:58:50 UTC api: Export cluster nodes in /status Export a list of known cluster nodes, including names, IPs and CIDR allocations in the health status requested on a local node. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
2605fab Joe Stringer 16 November 2017, 14:18:14 UTC client: Refactor formatting Cilium StatusResponse This makes it reusable from cilium-health client. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
31b108d Joe Stringer 14 November 2017, 18:17:21 UTC daemon: Refactor getting local node addressing This should live in pkg/node. Signed-off-by: Joe Stringer <joe@covalent.io> 30 November 2017, 04:21:48 UTC
eefebb9 Jarno Rajahalme 29 November 2017, 20:04:04 UTC endpoint: Set endpoint state to "ready" also after failure. Set endpoint's state to "ready" also after failure, but make sure endpoint's Status is not chnaged to "OK" in that case, so that cilium API will return endpoint's state as "not-ready". Move setting the endpoint's realized policy revision later to the point when we know the build succeeded. Fixes: GH issue #2070 Reported-by: Ian Vernon <ian@covalent.io> Signed-off-by: Jarno Rajahalme <jarno@covalent.io> 30 November 2017, 04:20:19 UTC
bedd94e André Martins 30 November 2017, 00:07:47 UTC Vagrantfile: bumping vagrant box to 2.5 Signed-off-by: André Martins <andre@cilium.io> 30 November 2017, 04:19:55 UTC
back to top