microsoft
diff --git a/‎deploy/hubble/manifests/controller/helm/retina/templates/agent/daemonset.yaml‎
Lines changed: 2 additions & 2 deletions b/‎deploy/hubble/manifests/controller/helm/retina/templates/agent/daemonset.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎operator/cilium-crds/k8s/apis/register.go‎
Lines changed: 4 additions & 2 deletions b/‎operator/cilium-crds/k8s/apis/register.go‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎operator/cilium-crds/k8s/fakeresource.go‎ ‎…or/cilium-crds/k8s/fakeresource_linux.go‎operator/cilium-crds/k8s/fakeresource.go renamed to operator/cilium-crds/k8s/fakeresource_linux.go
Lines changed: 1 addition & 2 deletions b/‎operator/cilium-crds/k8s/fakeresource.go‎ ‎…or/cilium-crds/k8s/fakeresource_linux.go‎operator/cilium-crds/k8s/fakeresource.go renamed to operator/cilium-crds/k8s/fakeresource_linux.go
Lines changed: 1 addition & 2 deletions
diff --git a/‎operator/cilium-crds/k8s/resource_ctors.go‎
Lines changed: 0 additions & 62 deletions b/‎operator/cilium-crds/k8s/resource_ctors.go‎
Lines changed: 0 additions & 62 deletions
diff --git a/‎operator/cilium-crds/k8s/resource_ctors_linux.go‎
Lines changed: 18 additions & 0 deletions b/‎operator/cilium-crds/k8s/resource_ctors_linux.go‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎operator/cilium-crds/k8s/resources.go‎ ‎…rator/cilium-crds/k8s/resources_linux.go‎operator/cilium-crds/k8s/resources.go renamed to operator/cilium-crds/k8s/resources_linux.go
Lines changed: 1 addition & 5 deletions b/‎operator/cilium-crds/k8s/resources.go‎ ‎…rator/cilium-crds/k8s/resources_linux.go‎operator/cilium-crds/k8s/resources.go renamed to operator/cilium-crds/k8s/resources_linux.go
Lines changed: 1 addition & 5 deletions
diff --git a/‎operator/cmd/cilium-crds/cells_linux.go‎
Lines changed: 9 additions & 2 deletions b/‎operator/cmd/cilium-crds/cells_linux.go‎
Lines changed: 9 additions & 2 deletions
diff --git a/‎operator/cmd/cilium-crds/flags.go‎
Lines changed: 1 addition & 5 deletions b/‎operator/cmd/cilium-crds/flags.go‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎operator/cmd/cilium-crds/root_linux.go‎
Lines changed: 34 additions & 35 deletions b/‎operator/cmd/cilium-crds/root_linux.go‎
Lines changed: 34 additions & 35 deletions
@@ -124,7 +124,7 @@ spec:
             - name: cilium
               mountPath: /var/run/cilium
             - name: host-os-release
-              mountPath: /etc/os-release  
+              mountPath: /etc/os-release
           {{- if .Values.hubble.tls.enabled }}
             - name: tls
               mountPath: /var/lib/cilium/tls/hubble
@@ -154,7 +154,7 @@ spec:
       - name: host-os-release
         hostPath:
           path: /etc/os-release
-          type: FileOrCreate   
+          type: FileOrCreate
       {{- if .Values.hubble.tls.enabled }}
       - name: tls
         projected:
 
@@ -101,8 +101,10 @@ func createCRD(crdVersionedName, crdMetaName string) func(clientset apiextension
 			clientset,
 			constructV1CRD(crdMetaName, ciliumCRD),
 			crdhelpers.NewDefaultPoller(),
-			k8sconst.CustomResourceDefinitionSchemaVersionKey,
-			versioncheck.MustVersion(k8sconst.CustomResourceDefinitionSchemaVersion),
+			crdhelpers.NeedsUpdateV1Factory(
+				k8sconst.CustomResourceDefinitionSchemaVersionKey,
+				versioncheck.MustVersion(k8sconst.CustomResourceDefinitionSchemaVersion),
+			),
 		)
 		if err != nil {
 			return fmt.Errorf("Unable to create CRD %s: %w", crdMetaName, err)
 
@@ -8,8 +8,7 @@ import (
 	"github.com/cilium/cilium/pkg/k8s/resource"
 )
 
-type fakeresource[T k8sRuntime.Object] struct {
-}
+type fakeresource[T k8sRuntime.Object] struct{}
 
 func (f *fakeresource[T]) Events(ctx context.Context, opts ...resource.EventsOpt) <-chan resource.Event[T] {
 	return make(<-chan resource.Event[T])
 
@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Authors of Retina and Cilium
+
+package k8s
+
+import (
+	operatork8s "github.com/cilium/cilium/operator/k8s"
+)
+
+// Re-export Cilium's operator resource constructors.
+// These live in a _linux file because cilium/operator/k8s transitively
+// imports Linux-only symbols (netns.GetNetNSCookie).
+var (
+	CiliumEndpointResource      = operatork8s.CiliumEndpointResource
+	CiliumEndpointSliceResource = operatork8s.CiliumEndpointSliceResource
+	PodResource                 = operatork8s.PodResource
+	CiliumEndpointIndexIdentity = operatork8s.CiliumEndpointIndexIdentity
+)
@@ -18,10 +18,6 @@ import (
 	"github.com/cilium/hive/cell"
 )
 
-const (
-	CiliumEndpointIndexIdentity = "identity"
-)
-
 // ResourcesCell provides a set of handles to Kubernetes resources used throughout the
 // operator. Each of the resources share a client-go informer and backing store so we only
 // have one watch API call for each resource kind and that we maintain only one copy of each object.
@@ -39,7 +35,7 @@ var ResourcesCell = cell.Module(
 		func() resource.Resource[*cilium_api_v2.CiliumNode] {
 			return &fakeresource[*cilium_api_v2.CiliumNode]{}
 		},
-		k8s.PodResource,
+		PodResource,
 		k8s.NamespaceResource,
 	),
 )
 
@@ -9,11 +9,11 @@ package ciliumcrds
 import (
 	"context"
 	"fmt"
+	"log/slog"
 	"sync/atomic"
 
 	"github.com/microsoft/retina/internal/buildinfo"
 	"github.com/microsoft/retina/pkg/shared/telemetry"
-	"github.com/sirupsen/logrus"
 	k8sruntime "k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
@@ -34,10 +34,12 @@ import (
 	cmtypes "github.com/cilium/cilium/pkg/clustermesh/types"
 	"github.com/cilium/cilium/pkg/controller"
 	k8sClient "github.com/cilium/cilium/pkg/k8s/client"
+	"github.com/cilium/cilium/pkg/kvstore"
 	"github.com/cilium/cilium/pkg/kvstore/store"
 	"github.com/cilium/cilium/pkg/option"
 	"github.com/cilium/cilium/pkg/pprof"
 	"github.com/cilium/hive/cell"
+	"github.com/cilium/statedb"
 )
 
 const operatorK8sNamespace = "kube-system"
@@ -47,7 +49,7 @@ var (
 		"operator",
 		"Retina Operator",
 
-		cell.Invoke(func(l logrus.FieldLogger) {
+		cell.Invoke(func(l *slog.Logger) {
 			// to help prevent user confusion, explain why logs may include lines referencing "cilium" or "cilium operator"
 			// e.g. level=info msg="Cilium Operator  go version go1.21.4 linux/amd64" subsys=retina-operator
 			l.Info("starting hive. Some logs will say 'cilium' since some code is derived from cilium")
@@ -91,6 +93,11 @@ var (
 		// Provides Clientset, API for accessing Kubernetes objects.
 		k8sClient.Cell,
 
+		// Provide in-memory kvstore client for identity GC (not using etcd in Retina)
+		cell.Provide(func(db *statedb.DB) kvstore.Client {
+			return kvstore.NewInMemoryClient(db, "default")
+		}),
+
 		// Provides the modular metrics registry, metric HTTP server and standard metrics cell.
 		// NOTE: no server/metrics are created when --enable-metrics=false (default)
 		operatorMetrics.Cell,
 
@@ -42,10 +42,6 @@ func InitGlobalFlags(cmd *cobra.Command, vp *viper.Viper) {
 	// NOTE: without this the option gets overridden from the default value to the zero value via option.Config.Populate(vp)
 	// specifically, here options.Config.AllocatorListTimeout gets overridden from the default value to 0s
 	flags.Duration(option.AllocatorListTimeoutName, defaults.AllocatorListTimeout, "timeout to list initial allocator state")
-	// similar overriding happens for option.Config.KVstoreConnectivityTimeout
-	flags.Duration(option.KVstoreConnectivityTimeout, defaults.KVstoreConnectivityTimeout, "Time after which an incomplete kvstore operation  is considered failed")
-	// similar overriding happens for option.Config.KVstorePeriodicSync
-	flags.Duration(option.KVstorePeriodicSync, defaults.KVstorePeriodicSync, "Periodic KVstore synchronization interval")
 
 	flags.Duration(operatorOption.EndpointGCInterval, operatorOption.EndpointGCIntervalDefault, "GC interval for cilium endpoints")
 	option.BindEnv(vp, operatorOption.EndpointGCInterval)
@@ -56,7 +52,7 @@ func InitGlobalFlags(cmd *cobra.Command, vp *viper.Viper) {
 	flags.StringSlice(option.LogDriver, []string{}, "Logging endpoints to use for example syslog")
 	option.BindEnv(vp, option.LogDriver)
 
-	flags.Var(option.NewNamedMapOptions(option.LogOpt, &option.Config.LogOpt, nil),
+	flags.Var(option.NewMapOptions(&option.Config.LogOpt),
 		option.LogOpt, `Log driver options for cilium-operator, `+
 			`configmap example for syslog driver: {"syslog.level":"info","syslog.facility":"local4"}`)
 	option.BindEnv(vp, option.LogOpt)
 
@@ -11,6 +11,7 @@ import (
 	"context"
 	"crypto/rand"
 	"fmt"
+	"log/slog"
 	"math/big"
 	"os"
 	"path/filepath"
@@ -19,36 +20,40 @@ import (
 	operatorOption "github.com/cilium/cilium/operator/option"
 	"github.com/cilium/cilium/pkg/hive"
 	k8sClient "github.com/cilium/cilium/pkg/k8s/client"
-	k8sversion "github.com/cilium/cilium/pkg/k8s/version"
 	"github.com/cilium/cilium/pkg/logging"
 	"github.com/cilium/cilium/pkg/logging/logfields"
 	"github.com/cilium/cilium/pkg/metrics"
 	"github.com/cilium/cilium/pkg/option"
 	"github.com/cilium/hive/cell"
 	"github.com/microsoft/retina/internal/buildinfo"
+	"github.com/microsoft/retina/pkg/log"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 	"github.com/spf13/viper"
+	"go.uber.org/zap"
 	"k8s.io/client-go/tools/leaderelection"
 	"k8s.io/client-go/tools/leaderelection/resourcelock"
 )
 
 var (
 	// set logger field: subsys=retina-operator
 	binaryName       = filepath.Base(os.Args[0])
-	logger           = logging.DefaultLogger.WithField(logfields.LogSubsys, binaryName)
+	slogLogger       = logging.DefaultSlogLogger.With(logfields.LogSubsys, binaryName)
 	operatorIDLength = 10
 )
 
 func Execute(h *hive.Hive) {
 	initEnv(h.Viper())
 
-	if err := h.Run(logging.DefaultSlogLogger); err != nil {
-		logger.Fatal(err)
+	// Use zap-backed slog logger for hive (routes to stdout + Application Insights)
+	if err := h.Run(log.SlogLogger()); err != nil {
+		logging.Fatal(slogLogger, err.Error())
 	}
 }
 
-func registerOperatorHooks(l logrus.FieldLogger, lc cell.Lifecycle, llc *LeaderLifecycle, clientset k8sClient.Clientset, shutdowner hive.Shutdowner) {
+func registerOperatorHooks(
+	l *slog.Logger, lc cell.Lifecycle, llc *LeaderLifecycle,
+	clientset k8sClient.Clientset, shutdowner hive.Shutdowner,
+) {
 	var wg sync.WaitGroup
 	lc.Append(cell.Hook{
 		OnStart: func(cell.HookContext) error {
@@ -77,19 +82,28 @@ func initEnv(vp *viper.Viper) {
 	// the default values provided in option.Config or operatorOption.Config respectively.
 	// The values will be overridden to the "zero value".
 	// Maybe could create a cell.Config for these instead?
-	option.Config.Populate(vp)
-	operatorOption.Config.Populate(vp)
+	// slogloggercheck: using default logger for configuration initialization
+	option.Config.Populate(logging.DefaultSlogLogger, vp)
+	operatorOption.Config.Populate(logging.DefaultSlogLogger, vp)
 
-	// add hooks after setting up metrics in the option.Confog
-	logging.DefaultLogger.Hooks.Add(metrics.NewLoggingHook())
+	// add hooks after setting up metrics in the option.Config
+	logging.AddHandlers(metrics.NewLoggingHook())
 
 	// Logging should always be bootstrapped first. Do not add any code above this!
 	if err := logging.SetupLogging(option.Config.LogDriver, logging.LogOptions(option.Config.LogOpt), binaryName, option.Config.Debug); err != nil {
-		logger.Fatal(err)
+		logging.Fatal(slogLogger, err.Error())
 	}
 
-	option.LogRegisteredOptions(vp, logger)
-	logger.Infof("retina operator version: %s", buildinfo.Version)
+	// Set up zap logger with Application Insights telemetry
+	_, _ = log.SetupZapLogger(&log.LogOpts{
+		Level:                 option.Config.LogOpt[logging.LevelOpt],
+		ApplicationInsightsID: buildinfo.ApplicationInsightsID,
+		EnableTelemetry:       buildinfo.ApplicationInsightsID != "",
+	}, zap.String("version", buildinfo.Version))
+	log.SetDefaultSlog()
+
+	option.LogRegisteredSlogOptions(vp, slogLogger)
+	slogLogger.Info("retina operator version", "version", buildinfo.Version)
 }
 
 func doCleanup() {
@@ -103,32 +117,20 @@ func doCleanup() {
 // runOperator implements the logic of leader election for cilium-operator using
 // built-in leader election capability in kubernetes.
 // See: https://github.com/kubernetes/client-go/blob/master/examples/leader-election/main.go
-func runOperator(l logrus.FieldLogger, lc *LeaderLifecycle, clientset k8sClient.Clientset, shutdowner hive.Shutdowner) {
+func runOperator(l *slog.Logger, lc *LeaderLifecycle, clientset k8sClient.Clientset, shutdowner hive.Shutdowner) {
 	isLeader.Store(false)
 
 	leaderElectionCtx, leaderElectionCtxCancel = context.WithCancel(context.Background())
 
-	// We only support Operator in HA mode for Kubernetes Versions having support for
-	// LeasesResourceLock.
-	// See docs on capabilities.LeasesResourceLock for more context.
-	if !k8sversion.Capabilities().LeasesResourceLock {
-		l.Info("Support for coordination.k8s.io/v1 not present, fallback to non HA mode")
-
-		if err := lc.Start(logging.DefaultSlogLogger, leaderElectionCtx); err != nil {
-			l.WithError(err).Fatal("Failed to start leading")
-		}
-		return
-	}
-
 	// Get hostname for identity name of the lease lock holder.
 	// We identify the leader of the operator cluster using hostname.
 	operatorID, err := os.Hostname()
 	if err != nil {
-		l.WithError(err).Fatal("Failed to get hostname when generating lease lock identity")
+		logging.Fatal(l, "Failed to get hostname when generating lease lock identity", logfields.Error, err)
 	}
 	operatorID, err = randomStringWithPrefix(operatorID+"-", operatorIDLength)
 	if err != nil {
-		l.WithError(err).Fatal("Failed to generate random string for lease lock identity")
+		logging.Fatal(l, "Failed to generate random string for lease lock identity", logfields.Error, err)
 	}
 
 	leResourceLock, err := resourcelock.NewFromKubeconfig(
@@ -142,7 +144,7 @@ func runOperator(l logrus.FieldLogger, lc *LeaderLifecycle, clientset k8sClient.
 		clientset.RestConfig(),
 		operatorOption.Config.LeaderElectionRenewDeadline)
 	if err != nil {
-		l.WithError(err).Fatal("Failed to create resource lock for leader election")
+		logging.Fatal(l, "Failed to create resource lock for leader election", logfields.Error, err)
 	}
 
 	// Start the leader election for running cilium-operators
@@ -160,23 +162,20 @@ func runOperator(l logrus.FieldLogger, lc *LeaderLifecycle, clientset k8sClient.
 		Callbacks: leaderelection.LeaderCallbacks{
 			OnStartedLeading: func(ctx context.Context) {
 				if err := lc.Start(logging.DefaultSlogLogger, ctx); err != nil {
-					l.WithError(err).Error("Failed to start when elected leader, shutting down")
+					l.Error("Failed to start when elected leader, shutting down", logfields.Error, err)
 					shutdowner.Shutdown(hive.ShutdownWithError(err))
 				}
 			},
 			OnStoppedLeading: func() {
-				l.WithField("operator-id", operatorID).Info("Leader election lost")
+				l.Info("Leader election lost", "operator-id", operatorID)
 				// Cleanup everything here, and exit.
 				shutdowner.Shutdown(hive.ShutdownWithError(errors.New("Leader election lost")))
 			},
 			OnNewLeader: func(identity string) {
 				if identity == operatorID {
 					l.Info("Leading the operator HA deployment")
 				} else {
-					l.WithFields(logrus.Fields{
-						"newLeader":  identity,
-						"operatorID": operatorID,
-					}).Info("Leader re-election complete")
+					l.Info("Leader re-election complete", "newLeader", identity, "operatorID", operatorID)
 				}
 			},
 		},
Original file line number	Diff line number	Diff line change
`@@ -8,8 +8,7 @@ import (`
`8`	`8`	`"github.com/cilium/cilium/pkg/k8s/resource"`
`9`	`9`	`)`
`10`	`10`
`11`		`-type fakeresource[T k8sRuntime.Object] struct {`
`12`		`-}`
	`11`	`+type fakeresource[T k8sRuntime.Object] struct{}`
`13`	`12`
`14`	`13`	`func (f *fakeresource[T]) Events(ctx context.Context, opts ...resource.EventsOpt) <-chan resource.Event[T] {`
`15`	`14`	`return make(<-chan resource.Event[T])`