github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

proxy/iptables: Don't create unused chains, and enable the unit test for that

Browse Source
This commit is contained in:
Dan Winship
2022-01-07 14:17:11 -05:00
parent ef4324eaf5
commit 37ada4b04f
2 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/iptables/proxier.go
View File

@@ -1101,7 +1101,7 @@ func (proxier *Proxier) syncProxyRules() {
}
svcXlbChain := svcInfo.serviceLBChainName
if svcInfo.NodeLocalExternal() {
if hasEndpoints && svcInfo.NodeLocalExternal() {
// Only for services request OnlyLocal traffic
// create the per-service LB chain, retaining counters if possible.
if lbChain, ok := existingNATChains[svcXlbChain]; ok {