From 98be7831e4d1fd52bba396af124fe91d51a6a9dd Mon Sep 17 00:00:00 2001 From: Antonio Ojea Date: Fri, 22 Nov 2019 06:37:42 +0100 Subject: [PATCH] Revert "kube-proxy: check KUBE-MARK-DROP" This reverts commit 1ca0ffeaf2c4401549b82f549f7481313308d4b9. kube-proxy is not recreating the rules associated to the KUBE-MARK-DROP chain, that is created by the kubelet. Is preferrable avoid the dependency between the kubelet and kube-proxy and that each of them handle their own rules. --- pkg/proxy/iptables/proxier.go | 2 +- pkg/proxy/iptables/proxier_test.go | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index 69d5d4adfea..ff11f5ddc6e 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -842,7 +842,7 @@ func (proxier *Proxier) syncProxyRules() { writeLine(proxier.filterChains, utiliptables.MakeChainLine(chainName)) } } - for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeNodePortsChain, kubePostroutingChain, KubeMarkMasqChain, KubeMarkDropChain} { + for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeNodePortsChain, kubePostroutingChain, KubeMarkMasqChain} { if chain, ok := existingNATChains[chainName]; ok { writeBytesLine(proxier.natChains, chain) } else { diff --git a/pkg/proxy/iptables/proxier_test.go b/pkg/proxy/iptables/proxier_test.go index 381b6e1a902..2139e217676 100644 --- a/pkg/proxy/iptables/proxier_test.go +++ b/pkg/proxy/iptables/proxier_test.go @@ -2350,7 +2350,6 @@ COMMIT :KUBE-NODEPORTS - [0:0] :KUBE-POSTROUTING - [0:0] :KUBE-MARK-MASQ - [0:0] -:KUBE-MARK-DROP - [0:0] :KUBE-SVC-AHZNAGK3SCETOS2T - [0:0] :KUBE-SEP-PXD6POUVGD2I37UY - [0:0] :KUBE-SEP-SOKZUIT7SCEVIP33 - [0:0]