[DOCS#2082] Documents configurations for CNI policy-setup timeouts

[aaaaaaaalex]

Product Version(s):
OSS 3.28 (EE 3.19 EP2 to come at a later date)

Issue:
https://tigera.atlassian.net/browse/DOCS-2082

Link to docs preview:
https://deploy-preview-1373--calico-docs-preview-next.netlify.app/calico/next/reference/configure-cni-plugins#enabling-policy-setup-timeout

https://deploy-preview-1373--calico-docs-preview-next.netlify.app/calico/next/reference/felix/configuration (See manifest section -> EndpointStatusPathPrefix field)

https://deploy-preview-1373--calico-docs-preview-next.netlify.app/calico/next/reference/resources/felixconfig similar to previous link

SME review:

• An SME has approved this change.

DOCS review:

• A member of the docs team has approved this change.

Additional information:

Merge checklist:

• Deploy preview inspected wherever changes were made
• Build completed successfully
• Test have passed

[netlify]

✅ Deploy Preview succeeded!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	eca5361
🔍 Latest deploy log	https://app.netlify.com/sites/tigera/deploys/65f4384e12bfeb00081b125c
😎 Deploy Preview	https://deploy-preview-1373--tigera.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 73 (🟢 up 24 from production) Accessibility: 93 (no change from production) Best Practices: 83 (no change from production) SEO: 86 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for calico-docs-preview-next ready!

Name	Link
🔨 Latest commit	eca5361
🔍 Latest deploy log	https://app.netlify.com/sites/calico-docs-preview-next/deploys/65f4384eb914c500082add92
😎 Deploy Preview	https://deploy-preview-1373--calico-docs-preview-next.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 55 (🔴 down 11 from production) Accessibility: 93 (no change from production) Best Practices: 92 (no change from production) SEO: 79 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[ctauchen]

Thanks for this @aaaaaaaalex. A few comments and suggestions for you.

[ctauchen]

we can ignore this Vale error for now.

[ctauchen]

I'm not sure what this note adds that isn't clear from the idea of setting it to 0 seconds. Am I missing something? Can we get rid of this?

[aaaaaaaalex]

Not missing anything, over verbose on my part 😄

[ctauchen]

Let's move this to the intro text, without the note formatting. (I've added to comment above.)

[ctauchen]

I think with different phrasing of the intro text, this idea is clear. Let me know what you think.

[ctauchen]

Suggested change

	### Enabling Policy Setup Timeout
	### Enabling policy setup timeout

• We use sentence case for title and headings.

I'm not 100% clear on the distinction in this document between generic and kubernetes-specific configuration. Just want to check this is in the right place. Is the idea that this doesn't apply, for example, to an OpenStack deployment?

[aaaaaaaalex]

Correct - this functionality lives in the k8s portion of our CNI 👍

[ctauchen]

Some new copy, based partly on the previous sections and incorporating the idea of a note you have below:

The `policy_setup_timeout_seconds` option makes the CNI plugin wait to start a new pod until one of the following conditions occurs:

* The pod's policy has finished being programmed.
* A specified amount of time has elapsed.

By setting this option, you can avoid errors that can occur when a pod tries to start before the pod's policy is programmed.

Example CNI config:

[aaaaaaaalex]

Brilliant, thanks!

[ctauchen]

LGTM! Ready to merge?

[aaaaaaaalex]

Thanks @ctauchen , yes I think we're good to merge 🚀