Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete IPTABLES rules for NodePortLocal when nplPortRange is updated #1887

Merged
merged 1 commit into from
Feb 20, 2021
Merged

Delete IPTABLES rules for NodePortLocal when nplPortRange is updated #1887

merged 1 commit into from
Feb 20, 2021

Conversation

monotosh-avi
Copy link
Contributor

If we change nplPortRange and Antrea Agent is rebooted, rules with Node Port outside
current port range are supposed to be deleted. But we face a problem if all rules
have to be deleted from NPL chain. In that case we were skipping IPTABLES update -
because length of allNPLPorts in GetPodsAndGenRules function was getting set to zero.

Removed this length check so that even if all rules have to be deleted, the function
addRulesForNPLPorts is executed.

@monotosh-avi
Delete IPTABLES rules for NodePortLocal when nplPortRange is updated
81bed8a 
If we change nplPortRange and Antrea Agent is rebooted, rules with Node Port outside
current port range are supposed to be deleted. But we face a problem if all rules
have to be deleted from NPL chain. In that case we were skipping IPTABLES update -
because length of allNPLPorts in GetPodsAndGenRules function was getting set to zero.

Removed this length check so that even if all rules have to be deleted, the function
addRulesForNPLPorts is executed.
@antoninbas
Copy link
Contributor

/test-all

@codecov-io
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (main@e2591af). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1887   +/-   ##
=======================================
  Coverage        ?   26.18%           
=======================================
  Files           ?      184           
  Lines           ?    15843           
  Branches        ?        0           
=======================================
  Hits            ?     4149           
  Misses          ?    11147           
  Partials        ?      547
Flag Coverage Δ
e2e-tests 26.18% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

@monotosh-avi
Copy link
Contributor Author

/test-conformance

@antoninbas antoninbas merged commit cdfaeb4 into antrea-io:main Feb 20, 2021
jianjuns pushed a commit to jianjuns/antrea that referenced this pull request Feb 22, 2021
@monotosh-avi @jianjuns
Delete IPTABLES rules for NodePortLocal when nplPortRange is updated (a…
eaae001 
…ntrea-io#1887)

If we change nplPortRange and Antrea Agent is rebooted, rules with Node Port outside
of the new port range are supposed to be deleted. But we face a problem if all rules
have to be deleted from NPL chain. In that case we were skipping IPTABLES update -
because the length of allNPLPorts in GetPodsAndGenRules function was zero.

Removed this length check so that even if all rules have to be deleted, the function
addRulesForNPLPorts is executed.
antoninbas pushed a commit to antoninbas/antrea that referenced this pull request Mar 11, 2021
@monotosh-avi @antoninbas
Delete IPTABLES rules for NodePortLocal when nplPortRange is updated (a…
37c67d3 
…ntrea-io#1887)

If we change nplPortRange and Antrea Agent is rebooted, rules with Node Port outside
of the new port range are supposed to be deleted. But we face a problem if all rules
have to be deleted from NPL chain. In that case we were skipping IPTABLES update -
because the length of allNPLPorts in GetPodsAndGenRules function was zero.

Removed this length check so that even if all rules have to be deleted, the function
addRulesForNPLPorts is executed.
antoninbas pushed a commit that referenced this pull request Mar 12, 2021
@monotosh-avi @antoninbas
Delete IPTABLES rules for NodePortLocal when nplPortRange is updated (#…
e4a251d 
…1887)

If we change nplPortRange and Antrea Agent is rebooted, rules with Node Port outside
of the new port range are supposed to be deleted. But we face a problem if all rules
have to be deleted from NPL chain. In that case we were skipping IPTABLES update -
because the length of allNPLPorts in GetPodsAndGenRules function was zero.

Removed this length check so that even if all rules have to be deleted, the function
addRulesForNPLPorts is executed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jianjuns jianjuns jianjuns approved these changes

@hemantavi hemantavi hemantavi approved these changes

@antoninbas antoninbas antoninbas approved these changes

@tnqn tnqn Awaiting requested review from tnqn

@chauhanshubham chauhanshubham Awaiting requested review from chauhanshubham

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@monotosh-avi @antoninbas @codecov-io @hemantavi @jianjuns @vmwclabot