John Howard
John Howard
Triggered by node upgrade from v1.26.14-gke.1006000 to v1.29.1-gke.1589020, kernel 5.15.146+ -> 6.1.58+. We are on LLVM 14 mirroring upstream (https://github.com/envoyproxy/envoy-build-tools/blob/c41199833f85ea06a88f1dfa3ac4ebef179c9bdd/docker/linux/ubuntu/Dockerfile#L24)
Temporary workaround is https://github.com/istio/test-infra/pull/5352, @kyessenov is looking into upgrading LLVM. Also plausible is `vm.mmap_rnd_bits`. This might impact older release branches, cc @istio/release-managers
Does kube-proxy do this?
Well we don't necessarily have to do what they do, but the people who develop EndpointSlice API and kube-proxy are the same, so they _probably_ are following best practices. So...
Drain duration impacts more than shutdown. Why do we even need to change it when in exit_on_zero_connections mode..?
isn't the default 45s ?
~#50746 very likely fixes this. Will be in the next 1.22 and 1.21 patch~ sorry wrong issue
IMO the gold standard here is to use the nodes container runtime. It was built for this task, and also has fancy things like custom snapshotters, p2p fetching, ... And...
10mb and Lua scripts are very different IMO. 10mb is well not even super uncomon of a docker image size, I think we have a few that small
Someone reported the failureThreshold issue on 1.20 the other day: https://istio.slack.com/archives/C37A4KAAD/p1715623761368409 > EDIT: The overriding of .Values.global.hub or .Values.global.variant does not seem to cause this. The same error(s) happen when...