From 2fd42dee9526a580d2873b4780ac743fca1cebd5 Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Tue, 1 Oct 2019 17:40:00 -0400 Subject: [PATCH] If an iptables proxier sync fails, retry after iptablesSyncPeriod --- pkg/proxy/iptables/proxier.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index 2dd0389dc55..28a48940304 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -189,6 +189,7 @@ type Proxier struct { servicesSynced bool initialized int32 syncRunner *async.BoundedFrequencyRunner // governs calls to syncProxyRules + syncPeriod time.Duration // These are effectively const and do not need the mutex to be held. iptables utiliptables.Interface @@ -301,6 +302,7 @@ func NewProxier(ipt utiliptables.Interface, serviceChanges: proxy.NewServiceChangeTracker(newServiceInfo, &isIPv6, recorder), endpointsMap: make(proxy.EndpointsMap), endpointsChanges: proxy.NewEndpointChangeTracker(hostname, newEndpointInfo, &isIPv6, recorder, endpointSlicesEnabled), + syncPeriod: syncPeriod, iptables: ipt, masqueradeAll: masqueradeAll, masqueradeMark: masqueradeMark, @@ -722,6 +724,14 @@ func (proxier *Proxier) syncProxyRules() { klog.V(3).Info("Syncing iptables rules") + success := false + defer func() { + if !success { + klog.Infof("Sync failed; retrying in %s", proxier.syncPeriod) + proxier.syncRunner.RetryAfter(proxier.syncPeriod) + } + }() + // Create and link the kube chains. for _, jump := range iptablesJumpChains { if _, err := proxier.iptables.EnsureChain(jump.table, jump.dstChain); err != nil { @@ -1437,6 +1447,8 @@ func (proxier *Proxier) syncProxyRules() { utilproxy.RevertPorts(replacementPortsMap, proxier.portsMap) return } + success = true + for name, lastChangeTriggerTimes := range endpointUpdateResult.LastChangeTriggerTimes { for _, lastChangeTriggerTime := range lastChangeTriggerTimes { latency := metrics.SinceInSeconds(lastChangeTriggerTime)