Martynas Pumputis
Martynas Pumputis
Each pwru release published in https://github.com/cilium/pwru/releases is statically linked, and it doesn't have any runtime dependencies. So, it should be trivial to package for major distros (Archlinux, Ubuntu, Debian, Fedora,...
Successful run - https://github.com/cilium/cilium/actions/runs/7193795883 and https://github.com/cilium/cilium/actions/runs/7194052088 (had to change the location of the `ipsec-key-rotate` action to `@main`).
Apache-2 has been used by all modules in the project. Related: https://github.com/cilium/pwru/pull/190
For the BPF code compilation we already use clang. Let's use the same compiler for the libpcap.a and CGO compilations.
Same as https://github.com/cilium/cilium/pull/27328/commits/28f376b99d7c429f32ea4849d630cf129ae33ccd.
Installed Cilium with CLI: ``` cilium install --chart-directory=./install/kubernetes/cilium/ --helm-set=debug.enabled=true --helm-set=bpf.monitorAggregation=none --helm-set=image.repository=quay.io/cilium/cilium-ci --helm-set=image.useDigest=false --helm-set=image.tag=v1.15 --helm-set=operator.image.repository=quay.io/cilium/operator --helm-set=operator.image.suffix=-ci --helm-set=operator.image.tag=v1.15 --helm-set=operator.image.useDigest=false --helm-set=clustermesh.apiserver.image.repository=quay.io/cilium/clustermesh-apiserver-ci --helm-set=clustermesh.apiserver.image.tag=v1.15 --helm-set=clustermesh.apiserver.image.useDigest=false --helm-set=hubble.relay.image.repository=quay.io/cilium/hubble-relay-ci --helm-set=hubble.relay.image.tag=v1.15 --helm-set=hubble.relay.image.useDigest=false --cluster-name=cilium-cilium-7249674943-1 --helm-set=hubble.relay.enabled=true --helm-set loadBalancer.l7.backend=envoy --helm-set tls.secretsBackend=k8s --helm-set=bpf.monitorAggregation=none...
Currently, the BPF-based SNAT uses `IPV4_MASQUERADE` addr for SNAT'ing. This works fine as long as there is a single global scope IP addr. However, if we add multiple IP addrs...