From b9bc0e5ac8032bb63298a407c287e6055ef073de Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Wed, 18 Jan 2023 10:45:18 -0500 Subject: [PATCH] Ensure needFullSync is set at iptables proxy startup The unit tests were broken with MinimizeIPTablesRestore enabled because syncProxyRules() assumed that needFullSync would be set on the first (post-setInitialized()) run, but the unit tests didn't ensure that. (In fact, there was a race condition in the real Proxier case as well; theoretically syncProxyRules() could be run by the BoundedFrequencyRunner after OnServiceSynced() called setInitialized() but before it called forceSyncProxyRules(), thus causing the first real sync to try to do a partial sync and fail. This is now fixed as well.) --- pkg/proxy/iptables/proxier.go | 5 +++-- pkg/proxy/iptables/proxier_test.go | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index fbde2f8db8b..846a7ec6ff3 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -265,6 +265,7 @@ func NewProxier(ipFamily v1.IPFamily, serviceChanges: proxy.NewServiceChangeTracker(newServiceInfo, ipFamily, recorder, nil), endpointsMap: make(proxy.EndpointsMap), endpointsChanges: proxy.NewEndpointChangeTracker(hostname, newEndpointInfo, ipFamily, recorder, nil), + needFullSync: true, syncPeriod: syncPeriod, iptables: ipt, masqueradeAll: masqueradeAll, @@ -538,7 +539,7 @@ func (proxier *Proxier) OnServiceSynced() { proxier.mu.Unlock() // Sync unconditionally - this is called once per lifetime. - proxier.forceSyncProxyRules() + proxier.syncProxyRules() } // OnEndpointSliceAdd is called whenever creation of a new endpoint slice object @@ -574,7 +575,7 @@ func (proxier *Proxier) OnEndpointSlicesSynced() { proxier.mu.Unlock() // Sync unconditionally - this is called once per lifetime. - proxier.forceSyncProxyRules() + proxier.syncProxyRules() } // OnNodeAdd is called whenever creation of new node object diff --git a/pkg/proxy/iptables/proxier_test.go b/pkg/proxy/iptables/proxier_test.go index 6b050a14713..18590faf914 100644 --- a/pkg/proxy/iptables/proxier_test.go +++ b/pkg/proxy/iptables/proxier_test.go @@ -408,6 +408,7 @@ func NewFakeProxier(ipt utiliptables.Interface) *Proxier { serviceChanges: proxy.NewServiceChangeTracker(newServiceInfo, ipfamily, nil, nil), endpointsMap: make(proxy.EndpointsMap), endpointsChanges: proxy.NewEndpointChangeTracker(testHostname, newEndpointInfo, ipfamily, nil, nil), + needFullSync: true, iptables: ipt, masqueradeMark: "0x4000", localDetector: detectLocal,