Skip to content

refactor(dp): remove readiness TCP fallback#16174

Draft
Automaat wants to merge 7 commits intomasterfrom
synapse/remove-kuma-dp-readiness-reporter-08d26c47
Draft

refactor(dp): remove readiness TCP fallback#16174
Automaat wants to merge 7 commits intomasterfrom
synapse/remove-kuma-dp-readiness-reporter-08d26c47

Conversation

@Automaat
Copy link
Copy Markdown
Contributor

@Automaat Automaat commented Apr 8, 2026

Motivation

Unix socket is the default readiness reporter mode since v2.9.0. Remove the TCP fallback (ReadinessUnixSocketDisabled, ReadinessPort) and the feature flag (FeatureReadinessUnixSocket) that guarded it. Unix socket is now the only mode.

Implementation information

  • Remove ReadinessUnixSocketDisabled and ReadinessPort from Dataplane config and bootstrap request
  • Remove FeatureReadinessUnixSocket feature flag constant
  • Remove FieldDataplaneReadinessPort metadata field and GetReadinessPort()
  • admin_proxy_generator now unconditionally uses unix socket endpoint for readiness cluster
  • Readiness component always starts unix socket listener; TCP path deleted
  • K8s injector no longer excludes TCP readiness port from iptables; PostStart hook uses --unix-socket when envoyAdminUnixSocket=true
  • Ingress/egress helm charts: replaced KUMA_READINESS_UNIX_SOCKET_DISABLED + KUMA_READINESS_PORT with KUMA_DATAPLANE_RUNTIME_SOCKET_DIR

Changelog: refactor(dp): remove readiness TCP fallback

Closes #14039

Remove ReadinessUnixSocketDisabled, FeatureReadinessUnixSocket, and
ReadinessPort. Unix socket is now the only readiness reporter mode.

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 8, 2026

Reviewer Checklist

🔍 Each of these sections need to be checked by the reviewer of the PR 🔍:
If something doesn't apply please check the box and add a justification if the reason is non obvious.

  • Is the PR title satisfactory? Is this part of a larger feature and should be grouped using > Changelog?
  • PR description is clear and complete. It Links to relevant issue as well as docs and UI issues
  • This will not break child repos: it doesn't hardcode values (.e.g "kumahq" as an image registry)
  • IPv6 is taken into account (.e.g: no string concatenation of host port)
  • Tests (Unit test, E2E tests, manual test on universal and k8s)
    • Don't forget ci/ labels to run additional/fewer tests
  • Does this contain a change that needs to be notified to users? In this case, UPGRADE.md should be updated.
  • Does it need to be backported according to the backporting policy? (this GH action will add "backport" label based on these file globs, if you want to prevent it from adding the "backport" label use no-backport-autolabel label)

Automaat and others added 5 commits April 8, 2026 18:51
When KUMA_DATAPLANE_RUNTIME_SOCKET_DIR is set to a custom path
(e.g. /tmp/kuma-dp), the directory was never created in run.go.
Components starting concurrently (access-log streamer) tried to
create FIFOs inside the missing directory, causing a startup crash.

Create SocketDir early, before components are launched.

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Port 9902 (TCP readiness reporter) was removed but e2e test framework
still port-forwarded to 9902 for Envoy admin access. Fix by:

- Adding wildcard '/' route on non-TLS admin listener (9901) when
  Envoy admin is on UDS, routing through readiness reporter proxy
- Changing EnvoyAdminDefaultSpec from 9902 to 9901
- Updating all hardcoded RemotePort: 9902 in env.go files to 9901
- Fixing inside-pod localhost:9902 access in locality LB test

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

remove kuma-dp readiness reporter ReadinessUnixSocketDisabled flag

1 participant