Revision 6d8b5be5fc1f758ceb28c808c8ecaf9d27f0aa5d authored by Sebastian Wicki on 10 March 2021, 15:14:30 UTC, committed by Sebastian Wicki on 10 March 2021, 17:47:52 UTC
A VPC on EC2 can have secondary CIDRs which are routable within the VPC. Subnets which are used in Cilium's ENI IPAM mode might be derived from these secondary CIDRs, therefore we must also install routes for these secondary CIDRs. This commit ensures that we populate the `CiliumNode.Status.ENI.ENIS[].VPC.CIDRs` field with these secondary CIDRs if present. The IPAM code on the agent is already set up to install routes for these additional CIDRs [1], but since this field was never populated, the rules were also missing. Therefore, this fixes a bug where routes were missing in ENI IPAM mode, causing arbitrary connecitivty issues. With this commit, routes are only added for CIDRs which are present when the IP is allocated. A subsequent PR will add the functionality to update the routes dynamically in case CIDRs are added or removed from a VPC. [1] https://github.com/cilium/cilium/blob/2110b11c989fe7ef8c7d9c5510c53a55cdaaa54c/pkg/ipam/crd.go#L488 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
1 parent 69a53d9
| File | Mode | Size |
|---|---|---|
| .github | ||
| .travis | ||
| Documentation | ||
| api | ||
| bpf | ||
| bugtool | ||
| cilium | ||
| cilium-health | ||
| contrib | ||
| daemon | ||
| envoy | ||
| examples | ||
| hack | ||
| hubble-relay | ||
| install | ||
| jenkinsfiles | ||
| operator | ||
| pkg | ||
| plugins | ||
| proxylib | ||
| test | ||
| tests | ||
| tools | ||
| vendor | ||
| .authors.aux | -rw-r--r-- | 416 bytes |
| .dockerignore | -rw-r--r-- | 796 bytes |
| .gitattributes | -rw-r--r-- | 104 bytes |
| .gitignore | -rw-r--r-- | 1.1 KB |
| .gitmodules | -rw-r--r-- | 0 bytes |
| .mailmap | -rw-r--r-- | 1.9 KB |
| .travis.yml | -rw-r--r-- | 380 bytes |
| AUTHORS | -rw-r--r-- | 13.9 KB |
| CHANGELOG.md | -rw-r--r-- | 147.4 KB |
| CODEOWNERS | -rw-r--r-- | 1.4 KB |
| CONTRIBUTING.md | -rw-r--r-- | 227 bytes |
| Dockerfile | -rw-r--r-- | 2.8 KB |
| Dockerfile.builder | -rw-r--r-- | 1.1 KB |
| FURTHER_READINGS.rst | -rw-r--r-- | 4.9 KB |
| GO_VERSION | -rw-r--r-- | 8 bytes |
| Jenkinsfile.nightly | l--------- | 32 bytes |
| LICENSE | -rw-r--r-- | 11.1 KB |
| MAINTAINERS.rst | -rw-r--r-- | 1.4 KB |
| Makefile | -rw-r--r-- | 19.5 KB |
| Makefile.buildkit | -rw-r--r-- | 2.8 KB |
| Makefile.defs | -rw-r--r-- | 4.6 KB |
| Makefile.docker | -rw-r--r-- | 7.7 KB |
| Makefile.quiet | -rw-r--r-- | 718 bytes |
| README.rst | -rw-r--r-- | 14.9 KB |
| SECURITY.md | -rw-r--r-- | 615 bytes |
| USERS.md | -rw-r--r-- | 4.7 KB |
| VERSION | -rw-r--r-- | 6 bytes |
| Vagrantfile | -rw-r--r-- | 12.6 KB |
| cilium-dev.Dockerfile | -rw-r--r-- | 1.4 KB |
| cilium-dev.Dockerfile.dockerignore | -rw-r--r-- | 931 bytes |
| cilium-docker-plugin.Dockerfile | -rw-r--r-- | 625 bytes |
| cilium-operator-aws.Dockerfile | -rw-r--r-- | 1.2 KB |
| cilium-operator-azure.Dockerfile | -rw-r--r-- | 1.2 KB |
| cilium-operator-generic.Dockerfile | -rw-r--r-- | 1.2 KB |
| cilium-operator.Dockerfile | -rw-r--r-- | 1.2 KB |
| docs.Jenkinsfile | l--------- | 29 bytes |
| flannel.Jenkinsfile | l--------- | 32 bytes |
| ginkgo-kubernetes-all.Jenkinsfile | l--------- | 46 bytes |
| ginkgo.Jenkinsfile | l--------- | 31 bytes |
| go.mod | -rw-r--r-- | 4.4 KB |
| go.sum | -rw-r--r-- | 85.4 KB |
| hubble-relay.Dockerfile | -rw-r--r-- | 1.1 KB |
| kubernetes-upstream.Jenkinsfile | l--------- | 44 bytes |
| netlify.toml | -rw-r--r-- | 92 bytes |
| vagrant_box_defaults.rb | -rw-r--r-- | 330 bytes |
Computing file changes ...
