Fix flaky integration test #169
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
The monitor uses create to report the latest latency measurements, and we do not need to distinguish between create and update for our use case. However, the fake client is implemented using a simple object tracker that will fail if create is called multiple times for the same resource name. This can affect unit tests for the monitor, either because a misleading error message is logged or because updates are ignored. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v3...v4) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Users want to share LoadBalancerIP between multiple Services when they face external IP shortage. It's possible to do it when the Services sharing an IP meet the requirements: * The Services use different ports * The Services use the `Cluster` external traffic policy, or they have identical Endpoints. However, the ability of using any IP that is already allocated to another Service may incur a security risk that a Service can "steal" LoadBalancer traffic intended for another Service. To support the use case without introducing the security risk, we use the annotation `service.antrea.io/allow-shared-load-balancer-ip: true` on Services to restrict IPs that can be shared. Services without the annotation will continue to have their LoadBalancerIPs exclusively used. Services with the annotation can share an IP between themselves when requesting the same IP. Ideally, we should also check if the Services meet the first two requirements before assigning the IP to them. However, it's difficult to prevent Services from being changed to not meet the requirements after they get the IP assigned. Therefore, we assume that users using the feature know how to configure Services properly. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…-io#6494) Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
It seems that codecov upload has been broken for a while for ci/jenkins/test-vmc.sh and ci/jenkins/test-mc.sh. The file pattern must be quoted when calling the codecov binary, or the glob will be expanded by the shell instead of by codecov (which is bad because we want the glob to be expanded in the context of the search directory). We also set "disable_search" to "true" when using the codecov-action in Github workflows. This action uses the codecov CLI and there is no need to keep search enabled when providing an explicit and comprehensive list of files to include in the report. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
1. Add logic to check the installed OVSext drivers, if only the desired version
of driver is already installed, skip the installation; otherwise, remove the
existing drivers and re-install.
2. Add logic to check the installed VC redistributable files, if the existing
installed vc_redist version is greater or equal than the min required version,
skip the installation; otherwise re-install with the provided files.
3. Improve the logic updating the env paths by removing duplicated paths.
4. Improve Uninstall-OVS script by removing OVS bin paths from the system path
after they are deleted.
5. Fix certificate import for a signed OVS driver when Node is running Windows
Server 2022.
Note that running `.\Install-OVS.ps1` manually is no longer required when using
the containerized OVS installation method, even when using the test-signed
OVS driver that we provide.
Signed-off-by: Wenying Dong <wenyingd@vmware.com>
The test modifies other_config in the Open_vSwitch table. This is global configuration, and not specific to a bridge. Improper cleanup can affect subsequent runs of the test, but also other tests such as TestPacketOutIn, as it sets flow-restore-wait. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
…#6503) Added sudo to the clean job script to align with the login process and ensure correct access to the necessary secrets. The clean job was failing to access the correct secrets because it was not using sudo, whereas the login process used with Jenkins account. Signed-off-by: Shuyang Xin <gavinx@vmware.com>
antrea-io#6506) The chaining CNI conf was not created correctly under two conditions: 1. If there is non CNI conf file in the directory, like a kubeconfig required by the primary CNI. 2. If the CNI conf file is created but not completely written yet. The patch ensures it only selects valid CNI conf and waits for it to be written before using it to create the chaining CNI conf. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
There has not been a CLA for this project for years, at least not since it became a CNCF project. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Additionally, make validate-metrics-doc.sh output the diff if there is. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…-io#6512) Bumps the golang-org-x group with 4 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/mod](https://github.com/golang/mod), [golang.org/x/net](https://github.com/golang/net) and [golang.org/x/tools](https://github.com/golang/tools). Updates `golang.org/x/crypto` from 0.24.0 to 0.25.0 - [Commits](golang/crypto@v0.24.0...v0.25.0) Updates `golang.org/x/mod` from 0.18.0 to 0.19.0 - [Commits](golang/mod@v0.18.0...v0.19.0) Updates `golang.org/x/net` from 0.26.0 to 0.27.0 - [Commits](golang/net@v0.26.0...v0.27.0) Updates `golang.org/x/sys` from 0.21.0 to 0.22.0 - [Commits](golang/sys@v0.21.0...v0.22.0) Updates `golang.org/x/tools` from 0.22.0 to 0.23.0 - [Release notes](https://github.com/golang/tools/releases) - [Commits](golang/tools@v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: KMAnju-2021 <km074btcse18@igdtuw.ac.in>
When calculating AddressGroups, terminated Pods should be excluded because their IPs can be recycled and reused by other active Pods. When calculating AppliedToGroups and EgressGroups, terminated Pods could be excluded as their network resources including network interfaces have been deleted. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…rea-io#6462) * Add detailed containerd version requirements for various Kubernetes versions. * Upgrade agnhost image for Windows2022 compatibility. Signed-off-by: Shuyang Xin <gavinx@vmware.com>
…-wait flag Antrea uses a global configuration flow-restore-wait='true' to ensure that OVS OpenFlow entries can start working after the dependencies are ready. A connectivity issue exists if a setup uses a Node's primary interface as the uplink of the secondary network OVS bridge, before the flow-restore-wait option of OVS is removed by antrea-agent. This commit ensures agent attaches a host interface to the secondary OVS bridge after the global flow-restore-wait option is removed. Signed-off-by: Wenying Dong <wenyingd@vmware.com>
When trigger Manually upstream conformance test on Linux, if the input kubernetes version has no corresponding kind Node image, the job will build kind Node image with the Kubernetes source code. Signed-off-by: Jiajing Hu <hjiajing@vmware.com>
…ube-proxy presents (antrea-io#6308) To ensure full functionality of AntreaProxy, except for handling ClusterIP from Nodes, even when kube-proxy in iptables mode is present, certain key changes are implemented when proxyAll is enabled: The jump rules for the chains managed by Antrea, `ANTREA-PREROUTING` and `ANTREA-OUTPUT` in nat table, are installed by inserting instead of appending to bypass the chain `KUBE-SERVICES` performing Service DNAT managed by kube-proxy. Antrea ensures that the jump rules take precedence over those managed by kube-proxy. The iptables rules of nat table chain `ANTREA-PREROUTING` are like below, and they are similar in chain `ANTREA-OUTPUT`. ``` -A ANTREA-PREROUTING -m comment --comment "Antrea: DNAT external to NodePort packets" -m set --match-set ANTREA-NODEPORT-IP dst,dst -j DNAT --to-destination 169.254.0.252 ``` The rule is to DNAT NodePort traffic, bypassing chain `KUBE-SERVICES`. The iptables rules of raw table chains ANTREA-PREROUTING / ANTREA-OUTPUT are like below: ``` 1. -A ANTREA-PREROUTING -m comment --comment "Antrea: do not track incoming encapsulation packets" -m udp -p udp --dport 6081 -m addrtype --dst-type LOCAL -j NOTRACK 2. -A ANTREA-PREROUTING -m comment --comment "Antrea: drop Pod multicast traffic forwarded via underlay network" -m set --match-set CLUSTER-NODE-IP src -d 224.0.0.0/4 -j DROP 3. -A ANTREA-PREROUTING -m comment --comment "Antrea: do not track request packets destined to external IPs" -m set --match-set ANTREA-EXTERNAL-IP dst -j NOTRACK 4. -A ANTREA-PREROUTING -m comment --comment "Antrea: do not track reply packets sourced from external IPs" -m set --match-set ANTREA-EXTERNAL-IP src -j NOTRACK 5. -A ANTREA-OUTPUT -m comment --comment "Antrea: do not track request packets destined to external IPs" -m set --match-set ANTREA-EXTERNAL-IP dst -j NOTRACK ``` - Rules 1-2 are not new rules. - Rule 3 is to bypass conntrack for packets sourced from external and destined to externalIPs, which also results in bypassing the chains managed by Antrea Proxy and kube-proxy in nat table. - Rule 4 is to bypass conntrack for packets sourced from externalIPs, which also results in bypassing the chains managed by Antrea Proxy and kube-proxy in nat table. - Rule 5 is to bypass conntrack for packets sourced from local and destined to externalIPs, which also results in bypassing the chains managed by Antrea Proxy and kube-proxy in nat table. The following are the benchmark results of a LoadBalancer Service configured with DSR mode. The results of TCP_STREAM and TCP_RR (single TCP connection) are almost the same as that before. The result of TCP_CRR (multiple TCP connections) performs better than before. One reason should be that conntrack is skipped for LoadBalancer Services. ``` Test v2.0 proxyAll Dev proxyAll Delta TCP_STREAM 4933.97 4918.35 -0.32% TCP_RR 8095.49 8032.4 -0.78% TCP_CRR 1645.66 1888.93 +14.79% ``` Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
An "Access is denied" error is possibly returned when importing certificate into the trusted publishers store at the first time on a fresh Windows 2022 Node. To resolve the issue, this change uses the "Add" method provided by certificate stre as an alternative when importing to trusted publishers. Signed-off-by: Wenying Dong <wenyingd@vmware.com>
hongliangl
force-pushed
the
20240627-fix-integration-flaky-test
branch
from
28fa4d3 to
0c24a77
Compare
antrea-io#6531) The NodePortLocal cache bound a Pod's NodePortLocal rules to its Pod IP. However, a Pod IP can be recycled and allocated to another Pod when it runs into succeeded or failed stage, which causes more than one Pod to share a Pod IP. When the terminated Pod was deleted, NodePortLocal controller incorrectly deleted the rules that belong to another Pod because they have the same IP. The patch fixes it by binding the NodePortLocal rules to its Pod key (namespace + name). The podToIP cache is no longer needed as we can clean up rules by Pod key. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…6515) Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
This commit introduces a new parameter `--deploy-external-frr` in `ci/kind/kind-setup.sh`, enabling to deploy one FRR container in the Kind cluster network. This serves as the foundation for running BGPPolicy e2e tests. Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.23.0 to 0.24.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.23.0...0.24.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Lan Luo <luola@vmware.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.65.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.64.0...v1.65.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…6482) Add the network requirement about feature BGPPolicy. Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
…#6542) Topology Aware Hints was renamed to Topology Aware Routing in K8s 1.27 Note that the feature gate was not renamed in K8s. It is `TopologyAwareHints`. Closes antrea-io#6469 Signed-off-by: Rajnish Kumar <rajnishk1@vmware.com>
Bumps [github.com/osrg/gobgp/v3](https://github.com/osrg/gobgp) from 3.27.0 to 3.28.0. - [Release notes](https://github.com/osrg/gobgp/releases) - [Changelog](https://github.com/osrg/gobgp/blob/master/.goreleaser.yml) - [Commits](osrg/gobgp@v3.27.0...v3.28.0) --- updated-dependencies: - dependency-name: github.com/osrg/gobgp/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
This commit implements the controller for the BGPPolicy API, designed to advertise Service IPs, Egress IPs, and Pod IPs to BGP peers from selected Kubernetes Nodes. According to the spec of BGPPolicy, the Node selector is used to select Nodes to which a BGPPolicy is applied. Multiple BGPPolicies can be applied to the same Node. However, only the oldest BGPPolicy will be effective on a Node, with others serving as alternatives. The effective one may be changed in the following cases: - The current effective BGPPolicy is updated and not applied to the Node. - The current effective BGPPolicy is deleted. The BGP server instance is only created and started for the effective BGPPolicy on a Node. If the effective BGPPolicy is changed, the corresponding BGP server instance will be terminated by calling the `Stop` method, and a new BGP server instance will be created and started by calling the `Start` method for the new effective BGPPolicy. To create a BGP server instance, ASN, router ID, and listen port must be specified. The ASN and listen port are specified in the spec of the effective BGPPolicy. For router ID, if the Kubernetes cluster is IPv4-only or dual-stack, we use the Node's IPv4 address as the router ID, ensuring uniqueness. If the Kubernetes cluster is IPv6-only, where no Node IPv4 address is available, the router ID could be specified via the Node annotation `node.antrea.io/bgp-router-id`. If not present, a router ID will be generated by hashing the Node name and update it to the Node annotation `node.antrea.io/bgp-router-id`. Additionally, the stale BGP server instance will be terminated and a new BGP server instance should be created and started when any of ASN, routerID, or listen port changes. The information of the BGP peers is specified in the effective BGPPolicy. The unique identification of a BGP peer is the peer IP address and peer ASN. To reconcile the latest BGP peers: - Get the BGP peers to be added and add them by calling the `AddPeer` method of the BGP server instance. - Get the BGP peers to be deleted and delete them by calling the `RemovePeer` method of the BGP server instance. - Get the remaining BGP peers and calculate the updated BGP peers, then update them by calling the `UpdatePeer` method of the BGP server instance. The information of the IPs to be advertised can be calculated from the spec of the effective BGPPolicy. Currently, we advertise the IPs and CIDRs to all the BGP peers. To reconcile the latest IPs to all BGP peers: - If the BGP server instance is newly created and started, advertise all the IPs by calling the `AdvertiseRoutes` method. - If the BGP server instance is not newly created and started: - Get the IPs/CIDRs to be added and advertise them by calling the `AdvertiseRoutes` method. - Get the IPs/CIDRs to be removed and withdraw them by calling the `WithdrawRoutes` method. The feature is gated by the alpha BGPPolicy FeatureGate and only supported in Linux. For antrea-io#5948 Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
Implement REST server for NodeLatencyStats in v1alpha1.stats.antrea.io With this change the feature is now usable. `kubectl get nodelatencystats` will display the latest latency information. For antrea-io#5514 Signed-off-by: Asklv <boironic@gmail.com> Signed-off-by: Antonin Bas <antonin.bas@broadcom.com> Co-authored-by: Antonin Bas <antonin.bas@broadcom.com>
The NodeLatencyMonitor was not starting (more precisely, the monitorLoop method was never called). This is because NewNodeLatencyMonitor was called *after* starting the informer factory. This means that the informer created in NewNodeLatencyMonitor was never started, and that WaitForNamedCacheSync was blocking indefinitely. With this change, we ensure that NewNodeLatencyMonitor is called *before* starting the informer factory. The Run method is still called at the end of Agent "initialization", once the datapath has been configured. Note that it is not clear that WaitForNamedCacheSync is really needed for the NodeLatencyMonitor. However, it is probably fine to use the same "pattern" as for our other controllers. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
* Add e2e tests for BGPPolicy Signed-off-by: Hongliang Liu <lhongliang@vmware.com> * e2e: Address review comments on BGPPolicy Signed-off-by: Quan Tian <quan.tian@broadcom.com> --------- Signed-off-by: Hongliang Liu <lhongliang@vmware.com> Signed-off-by: Quan Tian <quan.tian@broadcom.com> Co-authored-by: Quan Tian <quan.tian@broadcom.com>
…ed (antrea-io#6554) Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…6555) When K8s version is not specified, it's supposed to use default version. The step of building local image is not implemented to support empty input, it should be skipped when K8s version is empty. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
Signed-off-by: Lan Luo <luola@vmware.com>
Signed-off-by: Quan Tian <quan.tian@broadcom.com>
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.1 to 1.34.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.33.1...v1.34.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
For most workflows, we want to use the "docker" driver, while the "docker-container" driver should be used when images need to be pushed to the registry (so we can use registry-based caching). When using the "docker-container" driver, images are built in a build container, and there is no access to the docker image store (see moby/buildkit#2343). This means that when building a new image, we cannot use "local" images as base images. This is an issue because the base image may not exist yet in the directory, and because we may want to use a modified base image which is not the same as the one in the registry. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.19.0 to 2.19.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.19.0...v2.19.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The feature is quite simple at the moment, so maybe no need for a dedicated documentation page. Fixes antrea-io#6551 Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.34.0 to 1.34.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.0...v1.34.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: KMAnju-2021 <km074btcse18@igdtuw.ac.in> Add logs for the kind tests in jenkins
The image tag missed "v" when built for a released antctl. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
The L7Listener is responsible for receiving and processing Suricata events. When the stop channel is closed, the listener should be closed in order to stop accepting connections. This doesn't really matter when this code is run as part of the antrea-agent, but it is useful for unit testing. We also improve the unit tests for the L7Listener. Sub-tests should not share a common gomock controller. Instead of sleeps, we use polling when waiting for conditions to be met. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
To support scenarios that hardcoded images are not accessible. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
…ntrea-io#6580) The patch adds a parameter `TEST_ARGS` to pass go test arguments when running tests with make. It also add `-it` to `docker run` to make the tests interruptable. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
Make Start / Stop log messages consistent across Antrea programs. Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
The ACNP doc wrongly describes egress to have a "from" field. It only supports "to" field. Signed-off-by: Zhengsheng Zhou <zhengsheng.zhou@broadcom.com>
…antrea-io#6586) Some alpha features were not tested because of it. Signed-off-by: Quan Tian <quan.tian@broadcom.com>
Bumps the golang-org-x group with 4 updates: [golang.org/x/mod](https://github.com/golang/mod), [golang.org/x/sync](https://github.com/golang/sync), [golang.org/x/sys](https://github.com/golang/sys) and [golang.org/x/time](https://github.com/golang/time). Updates `golang.org/x/mod` from 0.19.0 to 0.20.0 - [Commits](golang/mod@v0.19.0...v0.20.0) Updates `golang.org/x/sync` from 0.7.0 to 0.8.0 - [Commits](golang/sync@v0.7.0...v0.8.0) Updates `golang.org/x/sys` from 0.22.0 to 0.23.0 - [Commits](golang/sys@v0.22.0...v0.23.0) Updates `golang.org/x/time` from 0.5.0 to 0.6.0 - [Commits](golang/time@v0.5.0...v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x - dependency-name: golang.org/x/time dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org-x ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In bridging mode (on Linux), when moving the physical adapter to the bridge, we explictly set the MTU for the bridge port to the same value as for the physical adapter. Without this change, the MTU may default to a different (lower) value if some existing container ports have a lower MTU value. For example, this occurs when first installing Antrea in encap mode, then re-installing Antrea in noEncap mode with bridging mode enabled. We also do some minor documentation updates to indicate to users that they should consider restarting existing workloads when updating the Antrea datapath configuration. Fixes antrea-io#6456 Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
hongliangl
force-pushed
the
20240627-fix-integration-flaky-test
branch
from
0c24a77 to
7c40f02
Compare
Bumps [github.com/osrg/gobgp/v3](https://github.com/osrg/gobgp) from 3.28.0 to 3.29.0. - [Release notes](https://github.com/osrg/gobgp/releases) - [Changelog](https://github.com/osrg/gobgp/blob/master/.goreleaser.yml) - [Commits](osrg/gobgp@v3.28.0...v3.29.0) --- updated-dependencies: - dependency-name: github.com/osrg/gobgp/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
hongliangl
force-pushed
the
20240627-fix-integration-flaky-test
branch
from
7c40f02 to
53673ee
Compare
The testGoBGPLifecycle gets failed occasionally, and it is not easy to reproduce the failure manually. Adding some error output to which the error occurs may help to resolve the issue. Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
hongliangl
force-pushed
the
20240627-fix-integration-flaky-test
branch
from
53673ee to
7c78d7b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.