google/gops 4412
A tool to list and diagnose Go processes currently running on your system
Risc-V journey thru containers and new projects
Write Kubernetes integration tests in go!
Just local BPF wip branches for upstream
Build gccgo toolchain from scratch
LSCI 2012 Programing Project
isovalent/clustermesh-apiserver 0
API server for ClusterMesh
A FileSystem Abstraction System for Go
Container introspection tool. Find out what container runtime is being used as well as features available.
pull request commentcilium/packer-ci-build
provision/ubuntu: install scapy
build-next-please
comment created time in 4 hours
pull request commentcilium/packer-ci-build
provision/ubuntu: install scapy
build-me-please
comment created time in 4 hours
PR opened cilium/packer-ci-build
scapy will be used for cilium/cilium#10541 to send SCTP INIT packets.
Signed-off-by: Tobias Klauser tklauser@distanz.ch
pr created time in 4 hours
push eventcilium/packer-ci-build
commit sha 50ac9a0269e98d4eb54962065f904e08a95cd0e6
provision/ubuntu: install scapy scapy will be used for cilium/cilium#10541 to send SCTP INIT packets. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 4 hours
pull request commentcilium/cilium
cilium: print names for reserved identities in `cilium ip list`
test-me-please
comment created time in 6 hours
push eventcilium/cilium
commit sha 05cb87fe779ded7a656245dfd7d2c83ec0f77fff
cilium: print names for reserved identities in `cilium ip list` Currently, the identities in the output of `cilium ip list` are always in numeric format: $ cilium ip list IP IDENTITY SOURCE 0.0.0.0/0 2 10.0.0.39/32 1 10.0.0.78/32 4 10.0.0.109/32 61205 k8s 10.0.0.179/32 39864 k8s 10.0.2.15/32 1 10.192.1.86/32 4 10.192.1.110/32 4 10.192.1.144/32 7749 k8s 10.192.1.169/32 4 172.28.128.6/32 1 192.168.9.1/32 1 192.168.36.1/32 7749 k8s 192.168.36.11/32 1 192.168.37.11/32 1 f00d::a0f:0:0:76d5/128 7749 k8s f00d::a0f:0:0:79ba/128 4 f00d::a0f:0:0:9fb8/128 4 f00d::a0f:0:0:f4ec/128 4 fc00::10ca:1/128 7749 k8s Make it easier to immediately recognize reserved identities by their name (without having to remember them) by changing the output to print the name by default: $ cilium ip list IP IDENTITY SOURCE 0.0.0.0/0 world 10.0.0.39/32 host 10.0.0.78/32 health 10.0.0.109/32 61205 k8s 10.0.0.179/32 39864 k8s 10.0.2.15/32 host 10.192.1.86/32 health 10.192.1.110/32 health 10.192.1.144/32 7749 k8s 10.192.1.169/32 health 172.28.128.6/32 host 192.168.9.1/32 host 192.168.36.1/32 7749 k8s 192.168.36.11/32 host 192.168.37.11/32 host f00d::a0f:0:0:76d5/128 7749 k8s f00d::a0f:0:0:79ba/128 health f00d::a0f:0:0:9fb8/128 health f00d::a0f:0:0:f4ec/128 health fc00::10ca:1/128 7749 k8s This behavior can be disabled (i.e. the identities are all printed in numeric format) by specifying the `-n` flag. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 9 hours
issue commentsirupsen/logrus
Tag v1.6.1 (and v1.7.0 ?) releases
Thanks for proposing this @thaJeztah, I'd appreciate a new release as well. Especially one including #1088 to reduce dependencies.
comment created time in 9 hours
pull request commentcilium/cilium
cilium: print names for reserved identities in `cilium ip list`
test-me-please
comment created time in 9 hours
PR opened cilium/cilium
Currently, the identities in the output of cilium ip list are always
in numeric format:
$ cilium ip list
IP IDENTITY SOURCE
0.0.0.0/0 2
10.0.0.39/32 1
10.0.0.78/32 4
10.0.0.109/32 61205 k8s
10.0.0.179/32 39864 k8s
10.0.2.15/32 1
10.192.1.86/32 4
10.192.1.110/32 4
10.192.1.144/32 7749 k8s
10.192.1.169/32 4
172.28.128.6/32 1
192.168.9.1/32 1
192.168.36.1/32 7749 k8s
192.168.36.11/32 1
192.168.37.11/32 1
f00d::a0f:0:0:76d5/128 7749 k8s
f00d::a0f:0:0:79ba/128 4
f00d::a0f:0:0:9fb8/128 4
f00d::a0f:0:0:f4ec/128 4
fc00::10ca:1/128 7749 k8s
Make it easier to immediately recognize reserved identities by their name (without having to remember them) by changing the output to print the name by default:
$ cilium ip list
IP IDENTITY SOURCE
0.0.0.0/0 world
10.0.0.39/32 host
10.0.0.78/32 health
10.0.0.109/32 61205 k8s
10.0.0.179/32 39864 k8s
10.0.2.15/32 host
10.192.1.86/32 health
10.192.1.110/32 health
10.192.1.144/32 7749 k8s
10.192.1.169/32 health
172.28.128.6/32 host
192.168.9.1/32 host
192.168.36.1/32 7749 k8s
192.168.36.11/32 host
192.168.37.11/32 host
f00d::a0f:0:0:76d5/128 7749 k8s
f00d::a0f:0:0:79ba/128 health
f00d::a0f:0:0:9fb8/128 health
f00d::a0f:0:0:f4ec/128 health
fc00::10ca:1/128 7749 k8s
This behavior can be disabled (i.e. the identities are all printed in
numeric format) by specifying the -n flag.
Show names for reserved identities in `cilium ip list`.
pr created time in 9 hours
create barnchcilium/cilium
branch : pr/tklauser/ip-list-identity-string
created branch time in 9 hours
Pull request review commentgoogle/syzkaller
vm/qemu: allow to specify network device type
var archConfigs = map[string]*archConfig{ Qemu: "qemu-system-ppc64", TargetDir: "/", QemuArgs: "-enable-kvm -vga none",+ NetDev: "virtio-net-pci", CmdLine: linuxCmdline, }, "linux/riscv64": { Qemu: "qemu-system-riscv64", TargetDir: "/", QemuArgs: "-machine virt",- UseNewQemuNetOptions: true,+ NetDev: "virtio-net-pci",
virtio-net-device worked fine for me with qemu-system-riscv64. Didn't test it with qemu-system-x86_64 though. I just checked with virtio-net-pci and it seems to work for qemu-system-riscv64 as well, so LGTM.
comment created time in 9 hours
pull request commentmoby/sys
mount: use MNT_* flags from golang.org/x/sys/unix on freebsd
Not really related, but is there any chance FreeBSD's
getmntent(2)would be implemented in x/sys/unix? It is used by mountinfo package, here:https://github.com/moby/sys/blob/4a8c65a81a10cb75cb8beac8fa9278c48ebdf933/mountinfo/mountinfo_freebsd.go#L20
@kolyshkin Thanks. I assume you meant getmntinfo(2), not getmntent(2)? Looking at its implementation
https://github.com/freebsd/freebsd/blob/726c74451f3a4fd9f97e0253f5929f3342bfd88d/lib/libc/gen/getmntinfo.c#L44-L70
it seems it is not a syscall by itself but using the getfsstat(2) syscall internally. This one is already wrapped by golang.org/x/sys/unix:
https://github.com/golang/sys/blob/d9f96fdee20d1e5115ee34ba4016eae6cfb66eb9/unix/syscall_freebsd.go#L160
So it should be fairly straight-forward to implement getmntinfo in Go using it.
comment created time in 3 days
pull request commentcilium/cilium
test, images: update helm to 3.3.4
test-me-please
comment created time in 4 days
PR opened cilium/cilium
In the provision script, also remove the downloaded tarball and un-archived directory after installation.
pr created time in 4 days
push eventisovalent/clustermesh-apiserver
commit sha 135718a671ad15293edc3e4de96e5851b63ae0b1
gofmt vmmanager.go Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 4 days
push eventtklauser/bbolt
commit sha 74e833b57266f0ecd4deb7157be785aa134257bc
Use madvise syscall wrapper from golang.org/x/sys/unix Direct syscalls using syscall.Syscall(SYS_*, ...) should no longer be used on darwin, see [1]. Instead, use the madvise syscall wrapper provided by the golang.org/x/sys/unix package for all unix platforms. This implement the same functionality. [1] https://golang.org/doc/go1.12#darwin As suggested by @ptabor in https://github.com/etcd-io/etcd/pull/12316#issuecomment-698193671
push time in 4 days
pull request commentetcd-io/etcd
pkg/fileutil: use fcntl syscall wrappers from golang.org/x/sys/unix
LGTM
Thank you. Bolt also needs to be updated, e.g https://github.com/etcd-io/bbolt/blob/f6be82302843a215152f5a1daf652c1ee5503f85/bolt_unix.go#L7
Thanks, sent https://github.com/etcd-io/bbolt/pull/243
comment created time in 4 days
PR opened etcd-io/bbolt
Direct syscalls using syscall.Syscall(SYS_*, ...) should no longer be used on darwin, see [1]. Instead, use the madvise syscall wrapper provided by the golang.org/x/sys/unix package for all unix platforms. This implement the same functionality.
[1] https://golang.org/doc/go1.12#darwin
As suggested by @ptabor in https://github.com/etcd-io/etcd/pull/12316#issuecomment-698193671
pr created time in 4 days
issue commentgolang/go
syscall: panic when syscall.ParseSocketControlMessage called
Which Go version and and on which GOARCH is this? The original post says go version go1.15.1 darwin/amd64 but you seem to be running this on GOOS=linux?
I cannot reproduce on go 1.15.2 with the given data using the following test:
func TestParseSocketControlMessage(t *testing.T) {
for _, tc := range [][]byte{
{1, 31, 65, 55, 214, 142, 234, 242, 235, 176, 145, 153, 234, 178, 2, 177, 238, 111, 87, 28, 84, 157, 20, 223, 14, 118, 21, 61, 176, 39, 113, 172},
{1, 2, 11, 46, 119, 211, 135, 230, 134, 164, 122, 177, 135, 166, 111, 165, 131, 123, 58, 8, 57, 137, 121, 203, 99, 98, 120, 41, 221, 51, 28, 184},
{1, 15, 176, 48, 199, 181, 23, 145, 22, 211, 111, 200, 23, 209, 255, 210, 19, 12, 170, 127, 169, 254, 233, 188, 243, 21, 232, 94, 77, 68, 140, 207},
{1, 43, 111, 48, 214, 55, 188, 180, 189, 246, 163, 107, 188, 244, 84, 247, 184, 41, 1, 90, 2, 219, 66, 153, 88, 48, 67, 123, 230, 97, 39, 234},
{1, 33, 185, 7, 158, 109, 173, 219, 172, 153, 161, 4, 173, 155, 69, 152, 169, 70, 16, 53, 19, 180, 83, 246, 73, 95, 82, 20, 247, 14, 54, 133},
{1, 62, 215, 26, 79, 218, 126, 130, 127, 192, 142, 142, 126, 194, 150, 193, 122, 31, 195, 108, 192, 237, 128, 175, 154, 6, 129, 77, 36, 87, 229, 220},
{1, 2, 166, 7, 6, 238, 42, 207, 43, 141, 12, 220, 42, 143, 194, 140, 46, 82, 151, 33, 148, 160, 212, 226, 206, 75, 213, 0, 112, 26, 177, 145},
{1, 16, 130, 36, 213, 6, 159, 238, 158, 172, 179, 79, 159, 174, 119, 173, 155, 115, 34, 0, 33, 129, 97, 195, 123, 106, 96, 33, 197, 59, 4, 176},
{1, 12, 50, 4, 187, 36, 199, 216, 198, 154, 141, 105, 199, 152, 47, 155, 195, 69, 122, 54, 121, 183, 57, 245, 35, 92, 56, 23, 157, 13, 92, 134},
} {
_, err := syscall.ParseSocketControlMessage(tc)
if err != nil && err != syscall.EINVAL {
t.Errorf("ParseSocketControlMessage: %v", err)
}
}
}
This never panic()s and ParseSocketControlMessage always returns EINVAL as expected for an invalid socket control message. Could you please post the modified reproducer program with the recover and logging of the socket control message which you used to gather the sample data?
comment created time in 4 days
pull request commentcilium/cilium
k8s: Consider session affinity parameters when comparing Services
retest-net-next
comment created time in 5 days
push eventtklauser/syncthing
commit sha 41c365403ecf883b766baf498f6d28480b4e4f79
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix Use the IoctlFileClone and IoctlFileCloneRange ioctl wrappers and the FileCloneRange type provided by golang.org/x/sys/unix instead of locally implementing them. This also allows to re-enable the code for ppc/ppc64/ppc64le again (see commit 758a1a6a3729 ("lib/fs: Disable ioctl on ppc (fixes #6898) (#6901)")) since golang.org/x/sys/unix internally uses the correct FICLONE and FICLONERANGE values depending on $GOARCH.
push time in 5 days
Pull request review commentsyncthing/syncthing
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix
func copyRangeIoctl(src, dst basicFile, srcOffset, dstOffset, size int64) error if srcOffset == 0 && dstOffset == 0 && size == 0 { // Optimization for whole file copies.- var errNo syscall.Errno _, err := withFileDescriptors(src, dst, func(srcFd, dstFd uintptr) (int, error) {- _, _, errNo = syscall.Syscall(syscall.SYS_IOCTL, dstFd, FICLONE, srcFd)- return 0, nil+ return 0, unix.IoctlFileClone(int(dstFd), int(srcFd)) }) // Failure in withFileDescriptors if err != nil { return err }
Good point, done.
comment created time in 5 days
push eventisovalent/clustermesh-apiserver
commit sha 4812f74ba83e5614b9de634c354be0790beaf027
Update Cilium to 1.8.3 1. Vendor github.com/cilium/cilium using: go get github.com/cilium/cilium@v1.8.3 go mod tidy && go mod vendor 2. Update the "replace" section in go.mod with the values from go.mod at github.com/cilium/cilium@v1.8.3 3. Then adjust any APIs which changed. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 5aa1b1c2a6c50c7bc624308a7f366aac83689fe3
Dockerfile: use golang 1.15.2 for builder and alpine 3.12.0 for certs Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 2339a0dbc2cba0c8046576102d7b5674751054f7
README.md: fix command formatting Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 114347e24c382c50426b2122d6163e916a64b1ad
Update cilium/.heartbeat Add go routine that updates 'cilium.heartbeat' every kvstore.HeartbeatWriteInterval. This is required when Cilium agent is configured to connect to etcd of clustermesh-apiserver as the main kvstore. Co-authored-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 5 days
create barnchisovalent/clustermesh-apiserver
created branch time in 5 days
Pull request review commentsyncthing/syncthing
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix
func copyRangeIoctl(src, dst basicFile, srcOffset, dstOffset, size int64) error if srcOffset == 0 && dstOffset == 0 && size == 0 { // Optimization for whole file copies.- var errNo syscall.Errno+ var innerErr error _, err := withFileDescriptors(src, dst, func(srcFd, dstFd uintptr) (int, error) {- _, _, errNo = syscall.Syscall(syscall.SYS_IOCTL, dstFd, FICLONE, srcFd)+ innerErr = unix.IoctlFileClone(int(dstFd), int(srcFd)) return 0, nil }) // Failure in withFileDescriptors if err != nil { return err }- if errNo != 0 {- return errNo+ if innerErr != nil {+ return innerErr } return nil } - var errNo syscall.Errno+ var innerErr error _, err = withFileDescriptors(src, dst, func(srcFd, dstFd uintptr) (int, error) {- params := fileCloneRange{- srcFd: int64(srcFd),- srcOffset: uint64(srcOffset),- srcLength: uint64(size),- dstOffset: uint64(dstOffset),+ params := unix.FileCloneRange{+ Src_fd: int64(srcFd),+ Src_offset: uint64(srcOffset),+ Src_length: uint64(size),+ Dest_offset: uint64(dstOffset), }- _, _, errNo = syscall.Syscall(syscall.SYS_IOCTL, dstFd, FICLONERANGE, uintptr(unsafe.Pointer(¶ms)))+ innerErr = unix.IoctlFileCloneRange(int(dstFd), ¶ms) return 0, nil }) // Failure in withFileDescriptors if err != nil { return err }- if errNo != 0 {- return errNo+ if innerErr != nil {+ return innerErr
Done, thanks for the review.
comment created time in 5 days
push eventtklauser/syncthing
commit sha 801db5e98247757dbf5780068163e7c0a26ffd85
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix Use the IoctlFileClone and IoctlFileCloneRange ioctl wrappers and the FileCloneRange type provided by golang.org/x/sys/unix instead of locally implementing them. This also allows to re-enable the code for ppc/ppc64/ppc64le again (see commit 758a1a6a3729 ("lib/fs: Disable ioctl on ppc (fixes #6898) (#6901)")) since golang.org/x/sys/unix internally uses the correct FICLONE and FICLONERANGE values depending on $GOARCH.
push time in 5 days
push eventtklauser/clustermesh-apiserver
commit sha 4812f74ba83e5614b9de634c354be0790beaf027
Update Cilium to 1.8.3 1. Vendor github.com/cilium/cilium using: go get github.com/cilium/cilium@v1.8.3 go mod tidy && go mod vendor 2. Update the "replace" section in go.mod with the values from go.mod at github.com/cilium/cilium@v1.8.3 3. Then adjust any APIs which changed. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 5aa1b1c2a6c50c7bc624308a7f366aac83689fe3
Dockerfile: use golang 1.15.2 for builder and alpine 3.12.0 for certs Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 2339a0dbc2cba0c8046576102d7b5674751054f7
README.md: fix command formatting Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 114347e24c382c50426b2122d6163e916a64b1ad
Update cilium/.heartbeat Add go routine that updates 'cilium.heartbeat' every kvstore.HeartbeatWriteInterval. This is required when Cilium agent is configured to connect to etcd of clustermesh-apiserver as the main kvstore. Co-authored-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 5 days
delete branch tklauser/clustermesh-apiserver
delete branch : pr/gke-fixes-rebased
delete time in 5 days
create barnchtklauser/clustermesh-apiserver
created branch time in 5 days
pull request commentgit-lfs/git-lfs
tools: use IoctlFileClone from golang.org/x/sys/unix
Hey,
Thanks for the patch, and welcome to Git LFS! I agree this is a good improvement to make.
Thanks.
I have just one request: can you rebase this onto the latest version of
master, where I've just fixed CI, so we can get this green and make sure everything's working before we merge it?
Sure, just pushed the rebased version of this PR. I was wondering about the CI failures and I'm glad they weren't this PR's fault :)
comment created time in 5 days
push eventtklauser/git-lfs
commit sha 69553c99481bde12742864c27f94e437862d2709
ci: don't reinstall openssl with Homebrew GitHub Actions ships its own version of the openssl Homebrew package that fails to reinstall with an EPERM error. Since the reason we did these contortions was to relink gettext and we finally gave up and disabled gettext, let's just go back to a brew link --force and stop trying to reinstall.
commit sha 6785eede411e3c941b1480bd9a39b0ed7769b802
Merge pull request #4260 from git-lfs/ci-brew ci: don't reinstall openssl with Homebrew
commit sha ff9775905754069b9e1136a34e5505affd8299cf
tools: use IoctlFileClone from golang.org/x/sys/unix Use the IoctlFileClone ioctl wrapper provided by golang.org/x/sys/unix instead of locally implementing it. This also fixes the ioctl on GOARCHes where the value of FICLONE is different from the currently used ioctlFiClone value (e.g. mips64/mips64le and ppc64/ppc64le). This PR also bumps the version of golang.org/x/sys to get IoctlFileClone and updates its vendored version by running `go get golang.org/x/sys@latest && go mod tidy && go mod vendor`.
push time in 5 days
pull request commentmoby/sys
Add support for OpenBSD in addition to FreeBSD
Just noticed that #36 might conflict with this. x/sys/unix provides the MNT_* flags for OpenBSD as well, so it should be easy to adjust either of the PRs, depending on which one gets merged first.
comment created time in 5 days
PR opened moby/sys
Bump golang.org/x/sys/unix to the latest version and use the MNT_*
constants defined there instead of getting them from sys/mount.h using
cgo.
Full diff for the golang.org/x/sys/unix bump: https://github.com/golang/sys/compare/d5e6a3e2c0ae...aee5d888a86055dc6ab0342f9cdc7b53aaeaec62
pr created time in 5 days
delete branch tklauser/clustermesh-apiserver
delete branch : pr/tklauser/update-cilium-1.8.3
delete time in 5 days
delete branch tklauser/clustermesh-apiserver
delete branch : pr/tklauser/dockerfile-base
delete time in 5 days
delete branch tklauser/clustermesh-apiserver
delete branch : pr/tklauser/readme-formatting
delete time in 5 days
PR opened cilium/clustermesh-apiserver
Add go routine that updates 'cilium.heartbeat' every kvstore.HeartbeatWriteInterval. This is required when Cilium agent is configured to connect to etcd of clustermesh-apiserver as the main kvstore.
Co-authored-by: Jarno Rajahalme jarno@covalent.io Signed-off-by: Jarno Rajahalme jarno@covalent.io Signed-off-by: Tobias Klauser tklauser@distanz.ch
pr created time in 5 days
push eventtklauser/git-lfs
commit sha bba076b54b3242819e0560f27869294a083ad2ed
tools: use IoctlFileClone from golang.org/x/sys/unix Use the IoctlFileClone ioctl wrapper provided by golang.org/x/sys/unix instead of locally implementing it. This also fixes the ioctl on GOARCHes where the value of FICLONE is different from the currently used ioctlFiClone value (e.g. mips64/mips64le and ppc64/ppc64le). This PR also bumps the version of golang.org/x/sys to get IoctlFileClone and updates its vendored version by running `go get golang.org/x/sys@latest && go mod tidy && go mod vendor`.
push time in 5 days
push eventtklauser/git-lfs
commit sha d891ffc56c33891d0c708cedb893062452b6cf22
tools: use IoctlFileClone from golang.org/x/sys/unix Use the IoctlFileClone ioctl wrapper provided by golang.org/x/sys/unix instead of locally implementing it. This also fixes the ioctl on GOARCHes where the value of FICLONE is different from the currently used ioctlFiClone value (e.g. mips64/mips64le and ppc64/ppc64le). This PR also bumps the version of golang.org/x/sys to get IoctlFileClone and updates its vendored version by running `go get golang.org/x/sys@latest && go mod tidy && go mod vendor`.
push time in 5 days
PR opened git-lfs/git-lfs
Use the IoctlFileClone ioctl wrapper provided by golang.org/x/sys/unix
instead of locally implementing it. This also fixes the ioctl on
GOARCHes where the value of FICLONE is different from the currently used
ioctlFiClone value (e.g. mips64/mips64le and ppc64/ppc64le).
This PR also bumps the version of golang.org/x/sys to get
IoctlFileClone.
pr created time in 5 days
push eventtklauser/git-lfs
commit sha 056a9113c8310ebdac2e86fa0adb7a9f8482bc0a
tools: use IoctlFileClone from golang.org/x/sys/unix Use the IoctlFileClone ioctl wrapper provided by golang.org/x/sys/unix instead of locally implementing it. This also fixes the ioctl on GOARCHes where the value of FICLONE is different from the currently used ioctlFiClone value (e.g. mips64/mips64le and ppc64/ppc64le). This PR also bumps the version of golang.org/x/sys to get IoctlFileClone.
push time in 5 days
push eventtklauser/syncthing
commit sha 2691c8fb2254d5c2fb3db451f34dfb7d5acf4910
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix Use the IoctlFileClone and IoctlFileCloneRange ioctl wrappers and the FileCloneRange type provided by golang.org/x/sys/unix instead of locally implementing them. This also allows to re-enable the code for ppc/ppc64/ppc64le again (see commit 758a1a6a3729 ("lib/fs: Disable ioctl on ppc (fixes #6898) (#6901)")) since golang.org/x/sys/unix internally uses the correct FICLONE and FICLONERANGE values depending on $GOARCH.
push time in 5 days
push eventtklauser/syncthing
commit sha ed104444c19484833a7afd7cfb73ebc402a0be92
build: bump golang.org/x/sys to latest version Updated by running `go get golang.org/x/sys@latest && go mod tidy`
commit sha 8b374f85779940b86791757c6b0b8d06273c21f2
lib/fs: use file clone ioctl wrappers and types from golang.org/x/sys/unix Use the IoctlFileClone and IoctlFileCloneRange ioctl wrappers and the FileCloneRange type provided by golang.org/x/sys/unix instead of locally implementing them. This also allows to re-enable the code for ppc/ppc64/ppc64le again (see commit 758a1a6a3729 ("lib/fs: Disable ioctl on ppc (fixes #6898) (#6901)")) since the golang.org/x/sys/unix internally uses the correct FICLONE and FICLONERANGE values depending on $GOARCH.
push time in 5 days
PR opened syncthing/syncthing
Purpose
Use the IoctlFileClone and IoctlFileCloneRange ioctl wrappers and the
FileCloneRange type provided by golang.org/x/sys/unix instead of
locally implementing them. This also allows to re-enable the code for
ppc/ppc64/ppc64le again since the golang.org/x/sys/unix internally uses
the correct FICLONE and FICLONERANGE values depending on $GOARCH.
This PR also bumps the version of golang.org/x/sys
Testing
Ran unit tests in lib/fs using go test -v ./lib/fs
pr created time in 5 days
Pull request review commentcilium/cilium
Fix typo in UpdateEC2AdapterLimitViaAPI command line flag
func init() { operatorOption.ENITags, "ENI tags in the form of k1=v1 (multiple k/v pairs can be passed by repeating the CLI flag)") option.BindEnv(operatorOption.ENITags) - flags.Bool(operatorOption.UpdateEC2AdapterLimitViaAPI, false, "Use the EC2 API to update the instance type to adapter limits")+ flags.Bool(operatorOption.UpdateEC2AdapterLimitViaAPI, false, fmt.Sprintf("Use the EC2 API to update the instance type to adapter limits. Deprecated in favor of %s", operatorOption.UpdateEC2AdapterLimitViaAPIv2)) option.BindEnv(operatorOption.UpdateEC2AdapterLimitViaAPI)+ flags.MarkDeprecated(operatorOption.UpdateEC2AdapterLimitViaAPI, "This option will be removed in v1.10")+ flags.Bool(operatorOption.UpdateEC2AdapterLimitViaAPIv2, false, "Use the EC2 API to update the instance type to adapter limits")+ option.BindEnv(operatorOption.UpdateEC2AdapterLimitViaAPIv2)
And here:
flags.Bool(operatorOption.UpdateEC2AdapterLimitViaAPIDeprecated, false, fmt.Sprintf("Use the EC2 API to update the instance type to adapter limits. Deprecated in favor of %s", operatorOption.UpdateEC2AdapterLimitViaAPI))
option.BindEnv(operatorOption.UpdateEC2AdapterLimitViaAPIDeprecated)
flags.MarkDeprecated(operatorOption.UpdateEC2AdapterLimitViaAPIDeprecated, "This option will be removed in v1.10")
flags.Bool(operatorOption.UpdateEC2AdapterLimitViaAPI, false, "Use the EC2 API to update the instance type to adapter limits")
option.BindEnv(operatorOption.UpdateEC2AdapterLimitViaAPI)
comment created time in 5 days
Pull request review commentcilium/cilium
Fix typo in UpdateEC2AdapterLimitViaAPI command line flag
func (c *OperatorConfig) Populate() { // AWS options c.AWSReleaseExcessIPs = viper.GetBool(AWSReleaseExcessIPs)- c.UpdateEC2AdapterLimitViaAPI = viper.GetBool(UpdateEC2AdapterLimitViaAPI)+ c.UpdateEC2AdapterLimitViaAPI = viper.GetBool(UpdateEC2AdapterLimitViaAPI) ||+ viper.GetBool(UpdateEC2AdapterLimitViaAPIv2)
Given the above change, this would then be:
c.UpdateEC2AdapterLimitViaAPI = viper.GetBool(UpdateEC2AdapterLimitViaAPIDeprecated) ||
viper.GetBool(UpdateEC2AdapterLimitViaAPI)
comment created time in 5 days
Pull request review commentcilium/cilium
Fix typo in UpdateEC2AdapterLimitViaAPI command line flag
const ( // API to fill out the instancetype to adapter limit mapping. UpdateEC2AdapterLimitViaAPI = "update-ec2-apdater-limit-via-api" + // UpdateEC2AdapterLimitViaAPIv2 configures the operator to use the EC2+ // API to fill out the instancetype to adapter limit mapping.+ UpdateEC2AdapterLimitViaAPIv2 = "update-ec2-adapter-limit-via-api"+
I'd rename this const and re-use the name for the "new option" to better reflect that the misspelledoption is deprecated and so we don't forget to remove it in 1.10:
UpdateEC2AdapterLimitViaAPIDeprecated = "update-ec2-apdater-limit-via-api"
// UpdateEC2AdapterLimitViaAPI configures the operator to use the EC2
// API to fill out the instancetype to adapter limit mapping.
UpdateEC2AdapterLimitViaAPI = "update-ec2-adapter-limit-via-api"
comment created time in 5 days
Pull request review commentcilium/cilium
const ( AllPorts = uint16(0) ) +type policyFlag uint8++const (+ policyFlagDeny = 1 << 0+)++type PolicyEntryFlags uint8++// UInt8 returns the UInt8 representation of the PolicyEntryFlags.+func (pef PolicyEntryFlags) UInt8() uint8 {+ return uint8(pef)+}++func (pef PolicyEntryFlags) is(pf policyFlag) bool {+ return uint8(pef)&uint8(pf) != 0+}++func (pef PolicyEntryFlags) IsDeny() bool {+ return pef.is(policyFlagDeny)+}++// String returns the string implementation of ServiceFlags.
// String returns the string implementation of PolicyEntryFlags.
comment created time in 5 days
Pull request review commentcilium/cilium
Add NodePortAddresses as KP-free command line option
type NodeAddressingFamily interface { // on the node AllocationCIDR() *cidr.CIDR - // LocalAddresses lists all local addresses- LocalAddresses() ([]net.IP, error)+ // MapLocalAddresses lists all local addresses
Nit: this godoc comment probably needs to be adjusted to reflect the map behavior, e.g.
// MapLocalAddresses applies a function to each local address.
or similar.
comment created time in 5 days
PR opened moby/moby
Vendor the latest version of golang.org/x/sys/unix (full diff: https://github.com/golang/sys/compare/196b9ba8737a10c9253b04174f25881e562da5b8...aee5d888a86055dc6ab0342f9cdc7b53aaeaec62) to get unix.IoctlClone and use it in copyRegular. This allows to drop the cgo-based implementation.
pr created time in 6 days
push eventcilium/packer-ci-build
commit sha 705188a9cc47a009560f2298132b866079abe54c
provision: update Go to 1.15.2 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
commit sha 355cd529ae436c3c47d2c30260dc61b81d4341da
provision: update golangci-lint to 1.13.0 Follow cilium/cilium#13245 Suggested-by: Tam Mach <sayboras@yahoo.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
push time in 6 days
Pull request review commentcilium/cilium
EKS: improve rules for asymmetric routing (multi-node NodePort)
func writePreFilterHeader(preFilter *prefilter.PreFilter, dir string) error { return fw.Flush() } +type setting struct {+ name string+ val string+ ignoreErr bool+}++func addENIRules(sysSettings []setting) ([]setting, error) {+ // AWS ENI mode requires symmetric routing, see+ // iptables.addCiliumENIRules().+ // The default AWS daemonset installs the following rules that are used+ // for NodePort traffic between nodes:+ //+ // # sysctl -w net.ipv4.conf.eth0.rp_filter=2+ // # iptables -t mangle -A PREROUTING -i eth0 -m comment --comment "AWS, primary ENI" -m addrtype --dst-type LOCAL --limit-iface-in -j CONNMARK --set-xmark 0x80/0x80+ // # iptables -t mangle -A PREROUTING -i eni+ -m comment --comment "AWS, primary ENI" -j CONNMARK --restore-mark --nfmask 0x80 --ctmask 0x80+ // # ip rule add fwmark 0x80/0x80 lookup main+ //+ // It marks packets coming from another node through eth0, and restores+ // the mark on the return path to force a lookup into the main routing+ // table. Without these rules, the "ip rules" set by the cilium-cni+ // plugin tell the host to lookup into the table related to the VPC for+ // which the CIDR used by the endpoint has been configured.+ //+ // We want to reproduce equivalent rules to ensure correct routing.+ if !option.Config.EnableIPv4 {+ return nil, nil
I think we should return setting here in order to keep the existing ones.
return setting, nil
comment created time in 6 days
pull request commentcilium/packer-ci-build
build-next-please
comment created time in 6 days
Pull request review commentcilium/cilium
const ( AllPorts = uint16(0) ) +type policyFlag uint8++const (+ policyFlagDeny = 1 << 0+)++type PolicyEntryFlags uint8++// UInt8 returns the UInt8 representation of the ServiceFlags.
Nit:
// UInt8 returns the UInt8 representation of the PolicyEntryFlags.
comment created time in 6 days
Pull request review commentcilium/cilium
func (e *EgressRule) CreateDerivative(ctx context.Context) (*EgressRule, error) e.SetAggregatedSelectors() return newRule, nil }++// CreateDerivative will return a new rule based on the data gathered by the+// rules that creates a new derivative policy.+// In the case of ToGroups will call outside using the groups callback and this+// function can take a bit of time.+func (e *EgressDenyRule) CreateDerivative(ctx context.Context) (*EgressDenyRule, error) {+ newRule := e.DeepCopy()+ if !e.RequiresDerivative() {+ return newRule, nil+ }+ newRule.ToCIDRSet = CIDRRuleSlice{}
nit: preallocate the slice
newRule.ToCIDRSet = make(CIDRRuleSlice, 0, len(e.ToGroups)
comment created time in 6 days
Pull request review commentcilium/cilium
const ( AllPorts = uint16(0) ) +type policyFlag uint8++const (+ policyFlagDeny = 1 << 0+)++type PolicyEntryFlags uint8++// UInt8 returns the UInt8 representation of the ServiceFlags.+func (pef PolicyEntryFlags) UInt8() uint8 {+ return uint8(pef)+}++func (pef PolicyEntryFlags) is(pf policyFlag) bool {+ return uint8(pef)&uint8(pf) != 0+}++func (pef PolicyEntryFlags) IsDeny() bool {+ return pef.is(policyFlagDeny)+}++// String returns the string implementation of ServiceFlags.+func (pef PolicyEntryFlags) String() string {+ var str []string++ if pef.IsDeny() {+ str = append(str, "Deny")+ } else {+ str = append(str, "Allow")+ }++ return strings.Join(str, ", ")+}
I think this can be simplified to:
func (pef PolicyEntryFlags) String() string {
if pef.IsDeny() {
return "Deny"
}
return "Allow"
}
comment created time in 6 days
Pull request review commentcilium/cilium
struct policy_key { struct policy_entry { __be16 proxy_port;- __u16 pad0;+ __u8 deny:1,
Looks like this change ended up in the wrong commit (cilium/cmd: dump policy deny maps). It should probably be part of bpf: add deny policy enforcement?
comment created time in 6 days