Run IPsec service on the container #2544
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: pperiyasamy The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The libreswan 4.9 is having a regression issue which causes intermittent traffic failure between ipsec tunnels. So let us make ipsec service to run on the container which would help to change libreswan back into 4.5 as an intermeditate solution. Signed-off-by: Periyasamy Palanisamy <[email protected]>
pperiyasamy
force-pushed
the
container-ipsec-fallback
branch
from
062c9b8 to
93694df
Compare
|
/assign @jcaamano @huiran0826 @anuragthehatter |
| @@ -30,6 +30,7 @@ var cloudProviderConfig = types.NamespacedName{ | |||
| var ( | |||
| masterRoleMachineConfigLabel = map[string]string{"machineconfiguration.openshift.io/role": "master"} | |||
| workerRoleMachineConfigLabel = map[string]string{"machineconfiguration.openshift.io/role": "worker"} | |||
| EWIPsecOnly = true | |||
There was a problem hiding this comment.
Why can't this be a constant?
Also add a comment explaining what this does and intentions. I guess you are doing it this way to have an easy way to revert in the future. But I am only guessing, it would be nice to have a comment explaining.
|
@pperiyasamy: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
The libreswan 4.9 is having a regression issue which causes intermittent traffic failure between ipsec tunnels. So let us make ipsec service to run on the container which would help to change libreswan back into 4.5 as an intermeditate solution.