Daniel Borkmann
Daniel Borkmann
(potential fix https://github.com/cilium/cilium/pull/33409 )
Is there a rationale for the 1s? Maybe we could i) bump to 5s and ii) have the log message to see if this has an effect as Sebastian mentioned.
(Ok, np, I'll trigger a debug PR tonight with first adding the log lines to see where we are.)
Excellent debugging! > Does the device manager doing a regenerate all endpoints as a result of lxc_health make sense? Maybe we should exclude > those interfaces from causing endpoint regeneration...
> I presume the endpoint deletion itself might also delete the device in addition to cleanupHealthEndpoint(). I'd think that other > than the agent teardown + startup we should only...
> > Excellent debugging! > > > Does the device manager doing a regenerate all endpoints as a result of lxc_health make sense? Maybe we should exclude > > >...
Another interesting log (note the endpoints 791 vs 1289): ``` 2024-07-19T09:53:24.645444393Z time=2024-07-19T09:53:24Z level=debug msg="upserting health status" module=health lastLevel=none reporter-id="agent.controlplane.endpoint-manager.cilium-endpoint-791 (cilium-test/test-conn-disrupt-client-5ccc6f6497-m52rv).datapath-regenerate" status="agent.controlplane.endpoint-manager.cilium-endpoint-791 (cilium-test/test-conn-disrupt-client-5ccc6f6497-m52rv).datapath-regenerate: [OK] Endpoint regeneration successful" 2024-07-19T09:53:24.651530130Z time=2024-07-19T09:53:24Z level=debug msg="stopping...
[...] > > As @rgo3 noted, there is logic to cleanup endpoint resources for restored lxc_health endpoints, this seems redundant as we > > also will remove such interfaces [here](https://github.com/cilium/cilium/blob/main/daemon/cmd/health.go#L149)....
Hi @tehnerd great to see you here! :) Do you expect the inbound LB traffic to be terminated in hostns of the Cilium nodes? Some time ago I added https://github.com/cilium/cilium/pull/31213...
> Hey, Daniel! In our setup each container (aka pod) has tunl interface in its namespace. So we terminate ipip there Ok, so that is currently not supported and needs...