Mastodawn

I think in the current tech landscape, we should more often point out the good things instead of only anger-posting through the bad things.

In that vain: I'm always a bit nervous before a Cilium (k8s CNI) update. That's a core k8s component, without it working the cluster basically collapses. It's also burrowing pretty deeply in to the kernel, from what I understand. But I've never had an update fail, never even had a (perceptible) interruption.

Good engineering from Cilium!

#HomeLab #Good

Show thread

Pete Keen Feb 28

@mmeier eBPF is super cool. Tiny programs that run in kernel space and have become sort of a de facto extension mechanism.

Show thread

Michael Feb 28

@zrail Yes! I read into it a bit when I was first deploying Cilium, because it appeared so prominently in their docs. It is genuinely cool. And, if I remember correctly, it was originally just intended for firewall programming, but then developed a life of its own?

Show thread

Pete Keen Feb 28

@mmeier right. Other kernel subsystems saw how well it worked and started implementing the interface and here we are.

Show thread

Benjamin Pinchon Mar 1

@mmeier I had the same feeling until my upgrade to Cilium 1.19 locked my cluster, forcing me to rollback by reinstalling the nodes: https://github.com/cilium/cilium/issues/44216

Patch has been merged in the Linux kernel to fix the issue, so currently waiting the next 6.19 release. ✌️

Cilium breaks the cluster on 6.18.5-talos because of regressin in kernel/bpf/verifier.c · Issue #44216 · cilium/cilium

Is there an existing issue for this? I have searched the existing issues Version equal or higher than v1.19.0 and lower than v1.20.0 What happened? Comes from this Talos issue. Cluster network comp...

GitHub