Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated cherry pick of #4459: Upgrade Antrea base image to ubuntu:22.04 #4488

Merged
merged 1 commit into from
Dec 17, 2022
Merged

Automated cherry pick of #4459: Upgrade Antrea base image to ubuntu:22.04 #4488

merged 1 commit into from
Dec 17, 2022

Conversation

xliuxu
Copy link
Contributor

@xliuxu xliuxu commented Dec 16, 2022

Cherry pick of #4459 on release-1.7.

#4459: Upgrade Antrea base image to ubuntu:22.04

For details on the cherry pick process, see the cherry pick requests page.

@xliuxu xliuxu added the kind/cherry-pick Categorizes issue or PR as related to the cherry-pick of a bug fix from the main branch to a release label Dec 16, 2022
@antoninbas @xliuxu
Upgrade Antrea base image to ubuntu:22.04
36109e7 
Ubuntu 20.04 comes with iptables 1.8.4, which seems to have several bugs
when used with nft. In particular, we observe that iptables-restore
sometimes segfaults when restoring the ANTREA-NODE-PORT-LOCAL chain in
the nat table. Ubuntu 22.04 comes with a more recent iptables version,
1.8.7.

As part of this change, we change the tag format for base images
(antrea/openvswitch and antrea/base-ubuntu). We no longer use the OVS
version as the tag, instead we use the Antrea minor version number.

Fixes antrea-io#4435

Signed-off-by: Antonin Bas <abas@vmware.com>
@xliuxu xliuxu force-pushed the automated-cherry-pick-of-#4459-upstream-release-1.7 branch from 068f099 to 36109e7 Compare December 16, 2022 09:49
@codecov
Copy link

codecov bot commented Dec 16, 2022
edited
Loading

Codecov Report

Merging #4488 (64234ce) into release-1.7 (40bebc4) will decrease coverage by 18.02%.
The diff coverage is n/a.

❗ Current head 64234ce differs from pull request most recent head 36109e7. Consider uploading reports for the commit 36109e7 to get more accurate results

Impacted file tree graph

@@               Coverage Diff                @@
##           release-1.7    #4488       +/-   ##
================================================
- Coverage        62.62%   44.60%   -18.03%     
================================================
  Files              298      258       -40     
  Lines            44408    39235     -5173     
================================================
- Hits             27811    17499    -10312     
- Misses           14354    19975     +5621     
+ Partials          2243     1761      -482
Flag Coverage Δ
e2e-tests 44.60% <ø> (?)
kind-e2e-tests ?
unit-tests ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
pkg/ipfix/ipfix_registry.go 0.00% <0.00%> (-100.00%) ⬇️
.../agent/flowexporter/priorityqueue/priorityqueue.go 0.00% <0.00%> (-93.34%) ⬇️
pkg/ipfix/ipfix_intermediate.go 0.00% <0.00%> (-90.91%) ⬇️
...lowaggregator/clickhouseclient/clickhouseclient.go 0.00% <0.00%> (-90.77%) ⬇️
pkg/controller/networkpolicy/endpoint_querier.go 4.58% <0.00%> (-88.08%) ⬇️
pkg/agent/flowexporter/connections/conntrack.go 0.00% <0.00%> (-85.72%) ⬇️
.../agent/flowexporter/connections/conntrack_linux.go 0.00% <0.00%> (-85.49%) ⬇️
pkg/util/flowexport/flowexport.go 0.00% <0.00%> (-84.62%) ⬇️
pkg/ipfix/ipfix_collector.go 0.00% <0.00%> (-83.34%) ⬇️
pkg/ipfix/ipfix_process.go 0.00% <0.00%> (-81.25%) ⬇️
... and 182 more

@xliuxu
Copy link
Contributor Author

xliuxu commented Dec 16, 2022

@tnqn @antoninbas I removed the dpkg -i /tmp/ovs-debs/*.deb in the OVS Ubuntu Dockerfile. Otherwise, it will try to upgrade the OVS packages instead of using our debs.

@xliuxu
Copy link
Contributor Author

xliuxu commented Dec 16, 2022

/test-all

@tnqn
Copy link
Member

tnqn commented Dec 16, 2022

@tnqn @antoninbas I removed the dpkg -i /tmp/ovs-debs/*.deb in the OVS Ubuntu Dockerfile. Otherwise, it will try to upgrade the OVS packages instead of using our debs.

I assume you mean apt-get -f -y --no-install-recommends install would upgrade the OVS packages, then does the issue exist in main branch too?

@xliuxu
Copy link
Contributor Author

xliuxu commented Dec 16, 2022
edited
Loading

@tnqn @antoninbas I removed the dpkg -i /tmp/ovs-debs/*.deb in the OVS Ubuntu Dockerfile. Otherwise, it will try to upgrade the OVS packages instead of using our debs.

I assume you mean apt-get -f -y --no-install-recommends install would upgrade the OVS packages, then does the issue exist in main branch too?

During my test if we keep the dpkg -i step and use apt -f —no-install-recommends install to fix the dependencies, it will try to upgrade the ovs packages (2.17.0 to 2.17.3)

The following packages will be upgraded:
  openvswitch-common openvswitch-ipsec openvswitch-switch python3-openvswitch

I have tested and did not observe this in main branch. Perhaps it is because that we have upgraded OVS to 2.17.3 in main branch already.

@antoninbas
Copy link
Contributor

@xliuxu that's fine by me and it makes sense: it's the first time the OVS version that we ship is "older" than the version of OVS provided by the distribution, which explains the automatic upgrade.
However, in my opinion this change should also be included in the main branch.

@tnqn tnqn merged commit b4c36c5 into antrea-io:release-1.7 Dec 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnqn tnqn tnqn left review comments

@antoninbas antoninbas antoninbas approved these changes

Assignees
No one assigned
Labels
kind/cherry-pick Categorizes issue or PR as related to the cherry-pick of a bug fix from the main branch to a release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@xliuxu @tnqn @antoninbas