Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: remove ebpf from init containers #4819

Merged
merged 1 commit into from
Aug 12, 2022
Merged

chore: remove ebpf from init containers #4819

merged 1 commit into from
Aug 12, 2022

Conversation

bartsmykla
Copy link
Contributor

As there were some security considerations, we decided to
temporarily remove option to install transparent proxy using ebpf
in init containers

Checklist prior to review

  • Link to docs PR or issue -- this PR removes unreleased feature
  • Link to UI issue or PR -- this PR removes unreleased feature
  • Is the issue worked on linked? -- none
  • The PR does not hardcode values that might break projects that depend on kuma (e.g. "kumahq" as a image registry) -- this PR removes unreleased feature
  • The PR will work for both Linux and Windows, system specific functions like syscall.Mkfifo have equivalent implementation on the other OS -- this PR removes unreleased feature
  • Unit Tests -- this PR removes unreleased feature
  • E2E Tests -- this PR removes unreleased feature
  • Manual Universal Tests --
  • Manual Kubernetes Tests --
  • Do you need to update UPGRADE.md? -- this PR removes unreleased feature
  • Does it need to be backported according to the backporting policy? -- no

@bartsmykla
chore: remove ebpf from init containers
4a589e9 
As there were some security considerations, we decided to
temporarily remove option to install transparent proxy using ebpf
in init containers

Signed-off-by: Bart Smykla <[email protected]>
@bartsmykla bartsmykla requested a review from a team as a code owner August 12, 2022 11:44
@codecov-commenter
Copy link

Codecov Report

Merging #4819 (4a589e9) into master (66ba873) will increase coverage by 0.00%.
The diff coverage is 85.71%.

@@           Coverage Diff            @@
##           master    #4819    +/-   ##
========================================
  Coverage   46.44%   46.45%            
========================================
  Files         690      690            
  Lines       47164    47057   -107     
========================================
- Hits        21903    21858    -45     
+ Misses      23330    23274    -56     
+ Partials     1931     1925     -6
Impacted Files Coverage Δ
...p/kumactl/cmd/install/install_transparent_proxy.go 82.66% <0.00%> (+2.78%) ⬆️
pkg/config/plugins/runtime/k8s/config.go 86.04% <ø> (-0.48%) ⬇️
pkg/plugins/runtime/k8s/metadata/annotations.go 72.09% <ø> (+3.20%) ⬆️
pkg/transparentproxy/kubernetes/kubernetes.go 80.82% <ø> (-1.66%) ⬇️
.../plugins/runtime/k8s/webhooks/injector/injector.go 71.86% <100.00%> (+10.64%) ⬆️
pkg/xds/cache/once/cache.go 87.17% <0.00%> (-7.70%) ⬇️
pkg/core/resources/manager/cache.go 85.71% <0.00%> (-2.60%) ⬇️
pkg/xds/generator/direct_access_proxy_generator.go 90.90% <0.00%> (+1.13%) ⬆️
pkg/gc/finalizer.go 78.26% <0.00%> (+4.34%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@slonka
Copy link
Contributor

slonka commented Aug 12, 2022
edited
Loading

If this was a separate command we could probably do cmd.hidden = true - maybe something to remember in the future (if it can be done even)

@bartsmykla bartsmykla enabled auto-merge (squash) August 12, 2022 12:48
slonka
slonka reviewed Aug 12, 2022
View reviewed changes
Copy link
Contributor

@slonka slonka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just 1 question.

app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml Show resolved Hide resolved
deployments/charts/kuma/values.yaml Show resolved Hide resolved
@bartsmykla bartsmykla merged commit 767315c into kumahq:master Aug 12, 2022
@bartsmykla bartsmykla deleted the chore/remove-ebpf-from-init-containers branch August 12, 2022 13:09
bartsmykla added a commit to bartsmykla/kuma that referenced this pull request Aug 26, 2022
@bartsmykla
Revert "chore: remove ebpf from init containers (kumahq#4819)"
265ec95 
This reverts commit 767315c

Signed-off-by: Bart Smykla <[email protected]>
bartsmykla added a commit that referenced this pull request Aug 30, 2022
@bartsmykla
feat: transparent proxy with ebpf in init containers (#4919)
dba075a 
* Revert "chore: remove ebpf from init containers (#4819)"

This reverts commit 767315c

Signed-off-by: Bart Smykla <[email protected]>

* chore: upgrade kuma-net to v0.5.0

Signed-off-by: Bart Smykla <[email protected]>

Signed-off-by: Bart Smykla <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slonka slonka slonka approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bartsmykla @codecov-commenter @slonka