Skip to content

feat: enable Cilium kube-proxy replacement for new clusters #1288

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 4, 2025
Merged

feat: enable Cilium kube-proxy replacement for new clusters #1288

merged 5 commits into from
Sep 4, 2025

Conversation

@dkoshkin
Copy link
Contributor

@dkoshkin dkoshkin commented Sep 3, 2025

What problem does this PR solve?:
This PR enables Cilium's kube-proxy replacement feature automatically when clusters disable kube-proxy installation for new clusters.

Which issue(s) this PR fixes:
Fixes #

How Has This Been Tested?:

Special notes for your reviewer:

@dkoshkin dkoshkin mentioned this pull request Sep 3, 2025
Merged
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-cilium-kube-proxy-replacement-new-clusters branch from d5f3ea6 to 742615f Compare September 4, 2025 01:13
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-cilium-kube-proxy-replacement-new-clusters branch from 742615f to 7d79c35 Compare September 4, 2025 01:14
@jimmidyson
fixup! refactor: Use CAAPH templating rather than custom temlating
9fe0052 
Use the ControlPlane reference in the CAAPH template and check the annotation
for skip kube proxy on the referenced control plane object. As per
https://cluster-api.sigs.k8s.io/reference/api/metadata-propagation\#cluster-topology
the skip proxy annotation will be propagated to the annotations on the
referenced control plane so is safe to check. CAAPH adds the referenced
control plane to the variables referencable in the Helm values template.
@jimmidyson
Copy link
Member

jimmidyson commented Sep 4, 2025
edited
Loading

@dkoshkin Pushed a follow up commit 9fe0052 that uses CAAPH templating rather than a separate templating function. Sorry I meant to send a PR to your PR branch but messed up and pushed directly, can revert if you disagree with the approach.

@jimmidyson jimmidyson force-pushed the dkoshkin/feat-cilium-kube-proxy-replacement-new-clusters branch from ee7933a to a51ba86 Compare September 4, 2025 12:06
@jimmidyson
fixup! fix: Remove skip-kube-proxy from CRS cluster examples
f4ea809 
CRS generation set the K8S_SERVICE_HOST literally to `auto`. When using
the Helm chart, `auto` looks up the host from the `cluster-info` ConfigMap
but this is not available when generating the CRS manifests. To use this,
we would need to update the CRS templates when applying them to the cluster
but we can defer that for now.
@jimmidyson jimmidyson force-pushed the dkoshkin/feat-cilium-kube-proxy-replacement-new-clusters branch from 2ffb502 to f4ea809 Compare September 4, 2025 12:20
jimmidyson
jimmidyson reviewed Sep 4, 2025
View reviewed changes
@jimmidyson jimmidyson requested a review from supershal September 4, 2025 13:26
@jimmidyson jimmidyson enabled auto-merge (squash) September 4, 2025 16:00
@dkoshkin dkoshkin disabled auto-merge September 4, 2025 16:29
@jimmidyson jimmidyson merged commit 1f347dc into main Sep 4, 2025
37 of 38 checks passed
@jimmidyson jimmidyson deleted the dkoshkin/feat-cilium-kube-proxy-replacement-new-clusters branch September 4, 2025 16:32
dkoshkin added a commit that referenced this pull request Sep 9, 2025
@dkoshkin
feat: automatically enable Cilium kube-proxy replacement feature (#1286)
6fe03f8 
**What problem does this PR solve?**:
This PR enables Cilium's kube-proxy replacement feature automatically
when clusters disable kube-proxy installation during upgrades.
The Cilium handler will apply the new configuration, wait for the
DaemonSet to be rolled out and then delete the kube-proxy DaemonSet and
its ConfigMap.

**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->

**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->
Stacked on
#1288
@supershal supershal mentioned this pull request Sep 29, 2025
Merged
This was referenced Oct 22, 2025
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jimmidyson jimmidyson jimmidyson approved these changes

@mhrabovcin mhrabovcin mhrabovcin approved these changes

@dlipovetsky dlipovetsky Awaiting requested review from dlipovetsky

@yanhua121 yanhua121 Awaiting requested review from yanhua121

@supershal supershal Awaiting requested review from supershal

Assignees

No one assigned

Labels

do not merge feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dkoshkin @jimmidyson @mhrabovcin