Open
Conversation
…tion (#453) * feat(): add custom ns labels/annotations to appns user defined CR labels/annotations config is fetched from cluster CR and configmap "namespace-config-labels" is created this configmap is used to apply labels/annotations to any slice appns When a slice appns undergoes unbinding, the custom labels/annotations are also removed vendor/ changes will be updated with apis repo tag when changes are approved Signed-off-by: gourishkb <104021126+gourishkb@users.noreply.github.com> * Revert "feat(): add custom ns labels/annotations to appns" This reverts commit 254111a. * fix(): Add validation and retry logic for VPN key rotation race condition This fix addresses a race condition during concurrent VPN key rotation and gateway certificate recycling operations that caused ~129 errors per rotation. Root Cause: - VPN key rotation triggered FSM before gateway pods finished reloading certificates - GetPeerGwPodName() was called when pod status was incomplete - Result: gRPC marshaling errors, tunnel failures, and connection context issues Changes: 1. Enhanced GetPeerGwPodName() with detailed error messages 2. Added ValidateGatewayPodReadiness() to check pod readiness before FSM trigger - Validates pod exists in gateway status - Ensures tunnel is UP and TUN interface is configured - Verifies peer pod information is available 3. Modified reconciler to validate all pods before triggering FSM 4. Added retry logic with appropriate delays for transient errors Fixes all 5 error types: - gRPC Marshal nil errors (~35 per rotation) - TUN interface not found errors (~50 per rotation) - Tunnel not up errors (~20 per rotation) - Connection context failures (~15 per rotation) - RouteAdd file exists errors (~9 per rotation) Testing: - Added 7 unit tests for ValidateGatewayPodReadiness() - All tests passing --------- Signed-off-by: gourishkb <104021126+gourishkb@users.noreply.github.com> Co-authored-by: gourishkb <104021126+gourishkb@users.noreply.github.com> Co-authored-by: Rajendra <rajendra@Rajendras-MacBook-Pro.local>
Signed-off-by: gourishkb <gourish@aveshasystems.com>
latency/txrate status changes should not trigger reconciliation Signed-off-by: gourishkb <gourish@aveshasystems.com>
gourishkb
requested review from
Rahul-D78,
bharath-avesha and
richiesebastian
as code owners
gourishkb
requested review from
rajendra-avesha
and removed request for
Rahul-D78,
bharath-avesha and
richiesebastian
Rahul-D78
approved these changes
Feb 17, 2026
rajendra-avesha
approved these changes
Feb 17, 2026
Signed-off-by: gourishkb <gourish@aveshasystems.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Fixes #
How Has This Been Tested?
Checklist:
go fmtDoes this PR introduce a breaking change?