From cfdad70de9d625e2ac6817cb9bcea1868a06257c Mon Sep 17 00:00:00 2001
From: Pavithra Ramesh <pavithrar@google.com>
Date: Thu, 23 Jul 2020 09:26:25 -0700
Subject: [PATCH] Delete ILB FR in case of changes to port/proto.

---
 .../gce/gce_loadbalancer_internal.go          | 29 ++++++++++++++-----
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go b/staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go
index ef285b308ec..cf35e1a3426 100644
--- a/staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go
+++ b/staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go
@@ -173,12 +173,6 @@ func (g *Cloud) ensureInternalLoadBalancer(clusterName, clusterID string, svc *v
 		return nil, err
 	}
 
-	bsDescription := makeBackendServiceDescription(nm, sharedBackend)
-	err = g.ensureInternalBackendService(backendServiceName, bsDescription, svc.Spec.SessionAffinity, scheme, protocol, igLinks, hc.SelfLink)
-	if err != nil {
-		return nil, err
-	}
-
 	fwdRuleDescription := &forwardingRuleDescription{ServiceName: nm.String()}
 	fwdRuleDescriptionString, err := fwdRuleDescription.marshal()
 	if err != nil {
@@ -200,10 +194,31 @@ func (g *Cloud) ensureInternalLoadBalancer(clusterName, clusterID string, svc *v
 	if options.AllowGlobalAccess {
 		newFwdRule.AllowGlobalAccess = options.AllowGlobalAccess
 	}
-	if err := g.ensureInternalForwardingRule(existingFwdRule, newFwdRule); err != nil {
+
+	fwdRuleDeleted := false
+	if existingFwdRule != nil && !forwardingRulesEqual(existingFwdRule, newFwdRule) {
+		// Delete existing forwarding rule before making changes to the backend service. For example - changing protocol
+		// of backend service without first deleting forwarding rule will throw an error since the linked forwarding
+		// rule would show the old protocol.
+		klog.V(2).Infof("ensureInternalLoadBalancer(%v): deleting existing forwarding rule with IP address %v", loadBalancerName, existingFwdRule.IPAddress)
+		if err = ignoreNotFound(g.DeleteRegionForwardingRule(loadBalancerName, g.region)); err != nil {
+			return nil, err
+		}
+		fwdRuleDeleted = true
+	}
+
+	bsDescription := makeBackendServiceDescription(nm, sharedBackend)
+	err = g.ensureInternalBackendService(backendServiceName, bsDescription, svc.Spec.SessionAffinity, scheme, protocol, igLinks, hc.SelfLink)
+	if err != nil {
 		return nil, err
 	}
 
+	if fwdRuleDeleted || existingFwdRule == nil {
+		if err := g.ensureInternalForwardingRule(existingFwdRule, newFwdRule); err != nil {
+			return nil, err
+		}
+	}
+
 	// Delete the previous internal load balancer resources if necessary
 	if existingBackendService != nil {
 		g.clearPreviousInternalResources(svc, loadBalancerName, existingBackendService, backendServiceName, hcName)