[pull] main from metallb:main #112
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
The creation of the metrics-certs volume is conditioned by FRR mode, while it should only be conditioned by the presence of the name of the secret in the values. Signed-off-by: Federico Paolinelli <[email protected]>
k8s now supports mixed protocol services of type LoadBalancer Coauthored-by: Federico Paolinelli <[email protected]> Signed-off-by: Federico Paolinelli <[email protected]>
Signed-off-by: Zechun Chen <[email protected]>
Remove the pointer packages and use the util 'ptr' package of k8s. Signed-off-by: Lior Noy <[email protected]>
make the names of the webhook and cert metallb specific to avoid name conflicts with other resources in the cluster. Signed-off-by: cyclinder <[email protected]>
Until now, controller-runtime logs were running with the default. Here we propagate the loglevel parameter to those logs too. Note that this might cause less logs than we are used to, when triaging (but it should honor the desire of the user). Signed-off-by: Federico Paolinelli <[email protected]>
Removing a check that was making all the tests be skipped, and fix a broken test. Signed-off-by: Federico Paolinelli <[email protected]>
MetalLB now honors the node.kubernetes.io/exclude-from-external-load-balancers but this might harm some deployments where there is only one node and kubeadm still labels the control plane with such label. Here we provide a knob to disable the behaviour and make metallb work in such scenarios. Signed-off-by: Federico Paolinelli <[email protected]>
We allow disabling the exclusion from the chart. Signed-off-by: Federico Paolinelli <[email protected]>
This might harm multiple users, so we mention it and we document how to work it around. Signed-off-by: Federico Paolinelli <[email protected]>
The current implementation creates one route map per localpref / community, duplicating the same route-map for each advertisement (while what we really need is one route map, many prefix-lists entries, one per service). Here we collect all the communities / localpref / large communities per neighbor, and we use it to generate a route-map per neighbor per community / localpref only once. Signed-off-by: Federico Paolinelli <[email protected]>
This should make the pull request parseable by the k8s release notes parser. Signed-off-by: Federico Paolinelli <[email protected]>
The label is added based on having /kind xxx on the PR comment. This makes the PR compatible with the k8s release notes generator. Signed-off-by: Federico Paolinelli <[email protected]>
This leverages the kubernetes release notes tool that harves the PRs a given commit belongs to. Signed-off-by: Federico Paolinelli <[email protected]>
Mention how to use the release notes tool and also push for merges instead of cherry picks. Signed-off-by: Federico Paolinelli <[email protected]>
We move to a k8s like way to generate the release notes, removing the mandatory release notes. Signed-off-by: Federico Paolinelli <[email protected]>
We don't want to allow the labeler job to change ANY PR, just the one the action is currently running against. From the docs: This event runs in the context of the base of the pull request, rather than in the context of the merge commit, as the pull_request event does. Signed-off-by: Federico Paolinelli <[email protected]>
Signed-off-by: tico88612 <[email protected]>
Also added common labels for this cm. Signed-off-by: Ruslan Khizhnyak <[email protected]>
Add a new go struct called ServiceL2Status for later implements of exposing layer2 service status. Signed-off-by: lwabish <[email protected]> (cherry picked from commit a4f2654)
This is the core implement of layer2 service status exposing. A new k8s controller called layer2_status_controller was added to speakers. Signed-off-by: lwabish <[email protected]>
Add unit tests for layer2 status controller. Integrate layer2 status exposing to E2E test. Signed-off-by: lwabish <[email protected]>
This includes the following non go codes for layer2 status related function:
helm chart
kubebuilder crds/rbac
changelog
deepcopy go files
Signed-off-by: lwabish <[email protected]>
Updating: - the raw manifests / kustomize - the go dependnecies - the chart dependency Signed-off-by: Alina Sudakov <[email protected]>
Added BGP connect time field in the frrk8s BGP sessison manager. This change enables the setting of connect time in frrk8s mode. Also enabled the test run of BGP peer connect time to run in frrk8s mode. Signed-off-by: Alina Sudakov <[email protected]>
Even though union seemed the solution to our issues, github merges don't really like the property. Now that we moved to a kubernetes-way of doing release notes, we can remove the attribute. Signed-off-by: Federico Paolinelli <[email protected]>
Added the disableMP BGP Field to the BGPPeer CRD. Also Regenerated deepcopy functions, manifests and website api docs. Signed-off-by: Alina Sudakov <[email protected]>
- Added disableMP field to the metallb internal config and to the SessionParameters. Followed by modifying the conversion from the API to the internal configuration to include the disableMP field. - Updated Validation to raise an error if the connectTime field is set for native BGP mode, and a corresponding unit test is added for verification. Signed-off-by: Alina Sudakov <[email protected]>
- Added the disableMP Field to the FRR Configuration Struct - Updated the neighboripfamily Template to not set ipv4 addresses in the ipv6 family and viceversa in the case where disableMP is true. - Updated unit Tests and golden file by adding an additional test to reflect the addition of this field. Signed-off-by: Alina Sudakov <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
Bumps [securego/gosec](https://github.com/securego/gosec) from 2.21.2 to 2.22.0. - [Release notes](https://github.com/securego/gosec/releases) - [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml) - [Commits](securego/gosec@v2.21.2...v2.22.0) --- updated-dependencies: - dependency-name: securego/gosec dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v9.0.0...v9.1.0) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Using the latest go, fixing some cves. Signed-off-by: Federico Paolinelli <[email protected]>
Bumping the deps and the corresponding go version. Signed-off-by: Federico Paolinelli <[email protected]>
Signed-off-by: Federico Paolinelli <[email protected]>
We have a chicken / egg issue here. Govuln check complains about CVEs fixed by 1.23.6+ (or 1.24), while gosec is not compatible (yet) with such versions. Here we disable gosec with the intent of reenabling it once its supported. Signed-off-by: Federico Paolinelli <[email protected]>
Signed-off-by: Federico Paolinelli <[email protected]>
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.31.1 to 0.32.2. - [Commits](kubernetes/component-base@v0.31.1...v0.32.2) --- updated-dependencies: - dependency-name: k8s.io/component-base dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.2.0 to 3.4.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v3.2.0...v3.4.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…with node IPs Assigning a node IP to metallb is likely to break the cluster. Here we intercept it at pool creation and we refuse the configuration. Signed-off-by: Yi-Ying Tan <[email protected]> Co-authored-by: Federico Paolinelli <[email protected]>
The --short flag is not supported by recent kubectl clients. Although kubectl exits with a non-zero status, this is not caught by the get_command_version function. Signed-off-by: Daniel Lipovetsky <[email protected]>
Unassign can be called for services whose pool was deleted, in that case we should not decrement the existing prometheus metrics but remove them completely instead. Signed-off-by: Ori Braunshtein <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
We introduce a new k8s controller to manage pool status, mostly triggered by events generated by the allocator. Signed-off-by: Ori Braunshtein <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
We add e2e tests for the pool status, changing the updater to use patch instead of update to avoid conflicts with the status of the pool being modified: since the controller now manages the Status of the resource, in order to use Update we need to first fetch the existing and hope it works while Patch avoids that completely. Signed-off-by: Ori Braunshtein <[email protected]>
The test re-used the same pool name twice, effectively making it racey. Now that the pool status is implemented we can first verify the config was loaded to make sure the service does not reuse its existing pool. In addition, removed the first pool being pinned to the namespace to not have it with a higher priority. Signed-off-by: Ori Braunshtein <[email protected]>
- Add 'interface' field to BGPPeer CRD that specify network interface for unnumbered peering - Make 'peerAddress' and 'interface' mutually exclusive Signed-off-by: karampok <[email protected]>
Signed-off-by: karampok <[email protected]>
Signed-off-by: karampok <[email protected]>
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.22.0 to 2.22.2. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.22.0...v2.22.2) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Without yq, "inv generatemanifests" fails. CI has been working because yq is installed on the GitHub Actions runners. See https://github.com/actions/runner-images/blob/650fb260cb8ba21ccccaff47470d3f43c94fbb3e/images/ubuntu/Ubuntu2204-Readme.md?plain=1#L105 Signed-off-by: Daniel Lipovetsky <[email protected]>
Because the caBundle is present and valid, the Pod will run. However, the certificate has long expired (Aug 18 2022). Therefore, cert-controller soon rotates the caBundle, causing open-policy-agent/cert-controller#50. Signed-off-by: Daniel Lipovetsky <[email protected]>
Signed-off-by: karampok <[email protected]>
Signed-off-by: karampok <[email protected]>
As part of the process of moving from metallb.universe.tf to metallb.io, we'd have to rename the package. In order to do so, a vanity url page must be implemented to refer metallb.io/metallb to the actual repo. Note: this could made parametric, and it will probably make sense to do so if we need vanity urls for frr-k8s and / or a separated test repo. Signed-off-by: Federico Paolinelli <[email protected]>
The documentation explains how to enable the service account in case MetalLB was deployed via the manifests, but not via the Helm Charts. Signed-off-by: Federico Paolinelli <[email protected]>
The patch can be removed because it is unused. Signed-off-by: Daniel Lipovetsky <[email protected]>
Bumps [github.com/golang/glog](https://github.com/golang/glog) from 1.0.0 to 1.2.4. - [Release notes](https://github.com/golang/glog/releases) - [Commits](golang/glog@v1.0.0...v1.2.4) --- updated-dependencies: - dependency-name: github.com/golang/glog dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )