Ensure needFullSync is set at iptables proxy startup

The unit tests were broken with MinimizeIPTablesRestore enabled because syncProxyRules() assumed that needFullSync would be set on the first (post-setInitialized()) run, but the unit tests didn't ensure that. (In fact, there was a race condition in the real Proxier case as well; theoretically syncProxyRules() could be run by the BoundedFrequencyRunner after OnServiceSynced() called setInitialized() but before it called forceSyncProxyRules(), thus causing the first real sync to try to do a partial sync and fail. This is now fixed as well.)
2025-07-23 19:56:01 +00:00 · 2023-01-18 10:45:18 -05:00 · 2023-01-18 10:45:18 -05:00 · b9bc0e5ac8
commit b9bc0e5ac8
parent b01afdca66
2 changed files with 4 additions and 2 deletions
--- a/pkg/proxy/iptables/proxier.go
+++ b/pkg/proxy/iptables/proxier.go
@ -265,6 +265,7 @@ func NewProxier(ipFamily v1.IPFamily,
 		serviceChanges:           proxy.NewServiceChangeTracker(newServiceInfo, ipFamily, recorder, nil),
 		endpointsMap:             make(proxy.EndpointsMap),
 		endpointsChanges:         proxy.NewEndpointChangeTracker(hostname, newEndpointInfo, ipFamily, recorder, nil),
+		needFullSync:             true,
 		syncPeriod:               syncPeriod,
 		iptables:                 ipt,
 		masqueradeAll:            masqueradeAll,
@ -538,7 +539,7 @@ func (proxier *Proxier) OnServiceSynced() {
 	proxier.mu.Unlock()

 	// Sync unconditionally - this is called once per lifetime.
-	proxier.forceSyncProxyRules()
+	proxier.syncProxyRules()
 }

 // OnEndpointSliceAdd is called whenever creation of a new endpoint slice object
@ -574,7 +575,7 @@ func (proxier *Proxier) OnEndpointSlicesSynced() {
 	proxier.mu.Unlock()

 	// Sync unconditionally - this is called once per lifetime.
-	proxier.forceSyncProxyRules()
+	proxier.syncProxyRules()
 }

 // OnNodeAdd is called whenever creation of new node object
--- a/pkg/proxy/iptables/proxier_test.go
+++ b/pkg/proxy/iptables/proxier_test.go
@ -408,6 +408,7 @@ func NewFakeProxier(ipt utiliptables.Interface) *Proxier {
 		serviceChanges:           proxy.NewServiceChangeTracker(newServiceInfo, ipfamily, nil, nil),
 		endpointsMap:             make(proxy.EndpointsMap),
 		endpointsChanges:         proxy.NewEndpointChangeTracker(testHostname, newEndpointInfo, ipfamily, nil, nil),
+		needFullSync:             true,
 		iptables:                 ipt,
 		masqueradeMark:           "0x4000",
 		localDetector:            detectLocal,