Skip to content

Issues: cilium/cilium

Dependency Dashboard
#33550 opened Jul 3, 2024 by cilium-renovate bot
Open
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
46 Open 831 Closed
46 Open 831 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

bpf: wireguard: improve the handling for proxy traffic area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/wireguard Relates to Cilium's Wireguard feature release-note/misc This PR makes changes that have no direct user impact. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#38087 opened Mar 8, 2025 by julianwiedmann Draft
1
proxy: modularize proxy access logger area/modularization area/monitor Impacts monitoring, access logging, flow logging, visibility of datapath traffic. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/cleanup This includes no functional changes. release-note/misc This PR makes changes that have no direct user impact. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#38009 opened Mar 5, 2025 by mhofstetter Loading…
3
L7 policy for HTTP breaks IPv6 connectivity to world area/ipam Impacts IP address management functionality. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/ipv6 Relates to IPv6 protocol support kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. needs/triage This issue requires triaging to establish severity and next steps. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#37932 opened Feb 28, 2025 by gentoo-root
2 of 3 tasks
2
envoy: extract envoyL7RulesTranslator component from xds server area/modularization area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/cleanup This includes no functional changes. release-note/misc This PR makes changes that have no direct user impact. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#37894 opened Feb 27, 2025 by mhofstetter Loading…
1
[v1.16] CI: Cilium E2E Upgrade - Detected restart of Cilium Envoy area/CI Continuous Integration testing issue or flake area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. ci/flake This is a known failure that occurs in the tree. Please investigate me!
#37870 opened Feb 26, 2025 by giorio94
proxyports: Enable debug for tests area/CI Continuous Integration testing issue or flake area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. dont-merge/blocked Another PR must be merged before this one. release-note/misc This PR makes changes that have no direct user impact.
#37668 opened Feb 16, 2025 by jrajahalme Loading…
3
datapath: transport source identity in MARK_MAGIC_PROXY_TO_WORLD area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/enhancement This would improve or streamline existing functionality. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#37166 opened Jan 22, 2025 by julianwiedmann
No IPv6 connectivity with IPSec + L7 proxy + In/Egress policies (key rotation with different size affects MTU) area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. area/mtu Relates to MTU management in Cilium. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/ipsec Relates to Cilium's IPsec feature feature/ipv6 Relates to IPv6 protocol support kind/bug This is a bug in the Cilium logic. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#37051 opened Jan 17, 2025 by smagnani96
1
10
Pod-to-Pod Communication '192-168-X-X.cilium-envoy.kube-system.svc.cluster.local' or '192-168-X-X.hubble-peer.kube-system.svc.cluster.local' area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. needs/triage This issue requires triaging to establish severity and next steps.
#37038 opened Jan 17, 2025 by sungik8221
2 of 3 tasks
Ensure IPsec works with L7 proxy's idle TCP sockets area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/ipsec Relates to Cilium's IPsec feature sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#37009 opened Jan 16, 2025 by jschwinger233
With Cilium Network Policy Client IP is lost area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. needs/triage This issue requires triaging to establish severity and next steps.
#36718 opened Dec 19, 2024 by rushi47
2 of 3 tasks
5
CI: Warning took longer than 100ms to update network policy area/CI Continuous Integration testing issue or flake area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. pinned These issues are not marked stale by our issue bot. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#36067 opened Nov 20, 2024 by pchaigno
5
iptables: don't require net.ipv4.ip_early_demux=0 for IPsec with L7 proxy area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/ipsec Relates to Cilium's IPsec feature kind/enhancement This would improve or streamline existing functionality. kind/performance There is a performance impact of this. kind/tech-debt Technical debt pinned These issues are not marked stale by our issue bot.
#35579 opened Oct 28, 2024 by julianwiedmann
1
Agent deadlocks on startup when L7 DNS proxy for nodes is enabled and kube-apiserver is a FQDN area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. sig/agent Cilium agent related.
#35433 opened Oct 19, 2024 by atykhyy
2 of 3 tasks
5
CiliumNetworkPolicy ingress.fromCIDR doesn't work when traffic ingresses the cluster via Envoy (Kubernetes Ingress, Gateway API) area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/ipv6 Relates to IPv6 protocol support info-completed The GH issue has received a reply from the author kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. needs/triage This issue requires triaging to establish severity and next steps. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#34786 opened Sep 9, 2024 by bernardgut
2 of 3 tasks
10
L7 Envoy service mesh - Cannot reach the service with multiple ports area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. area/servicemesh GH issues or PRs regarding servicemesh info-completed The GH issue has received a reply from the author kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. sig/agent Cilium agent related.
#31941 opened Apr 13, 2024 by khacminh
3 tasks done
11
Requests to GatewayAPI and L2 backed service times out area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/k8s-gateway-api kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. sig/agent Cilium agent related.
#30510 opened Jan 29, 2024 by ekarlso
2 tasks done
23
Per-endpoint-routes masquerades client IP with L7 policy area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#28812 opened Oct 26, 2023 by gandro
2 tasks done
9
CFP: Enhanced HTTPS Observability: Capturing Server Name Indication (SNI) in hubble without Traffic Decryption area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. help-wanted Please volunteer for this by adding yourself as an assignee! kind/cfp kind/feature This introduces new functionality. pinned These issues are not marked stale by our issue bot. sig/agent Cilium agent related. sig/hubble Impacts hubble server or relay
#28513 opened Oct 11, 2023 by m-yosefpor
3
CFP: http/3 QUIC support area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. feature/k8s-gateway-api help-wanted Please volunteer for this by adding yourself as an assignee! kind/cfp kind/enhancement This would improve or streamline existing functionality. kind/feature This introduces new functionality. pinned These issues are not marked stale by our issue bot.
#28497 opened Oct 10, 2023 by artyom-p
5
l7 envoy service mesh does not use matching port and targetPort if multiple are defined area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. area/servicemesh GH issues or PRs regarding servicemesh kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. sig/agent Cilium agent related.
#27516 opened Aug 15, 2023 by tvonhacht-apple
2 tasks done
@jrajahalme
1
Define and use new trigger reason for FQDN policies / identity updates area/daemon Impacts operation of the Cilium daemon. area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/enhancement This would improve or streamline existing functionality. sig/agent Cilium agent related. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#25395 opened May 11, 2023 by christarazi
11
Cilium HTTP L7 policies break HTTP proxy (CONNECT) connections area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. pinned These issues are not marked stale by our issue bot. sig/agent Cilium agent related. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
#24276 opened Mar 10, 2023 by chancez
2 tasks done
4
Intermittent 503 errors from cilium-envoy when testing the performance of cilium service mesh area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. kind/performance There is a performance impact of this. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
#22552 opened Dec 5, 2022 by Echo-Van
2 tasks done
3
hubble does not set drop reason description field for L7 drop events area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. good-first-issue Good starting point for new developers, which requires minimal understanding of Cilium. kind/bug This is a bug in the Cilium logic. kind/community-report This was reported by a user in the Cilium community, eg via Slack. sig/agent Cilium agent related. sig/hubble Impacts hubble server or relay
#22402 opened Nov 28, 2022 by michi-covalent
2 tasks done
1
2
ProTip! Adding no:label will show everything without a label.