From e0cd834f4e55cec7f43561bc87c340c062eca509 Mon Sep 17 00:00:00 2001 From: Roberto Bonafiglia Date: Wed, 12 Apr 2023 11:16:55 +0200 Subject: [PATCH 1/2] Update kube-router to insert iptables rules right after kubernetes ones Signed-off-by: Roberto Bonafiglia --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 44b661c256d4..46b58c9c2723 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.19 replace ( github.com/Microsoft/hcsshim => github.com/Microsoft/hcsshim v0.8.22 github.com/Mirantis/cri-dockerd => github.com/k3s-io/cri-dockerd v0.3.2-0.20230123224936-bcd78c2d21d8 // k3s/release-1.26 - github.com/cloudnativelabs/kube-router/v2 => github.com/k3s-io/kube-router/v2 v2.0.1-0.20230405162624-e18008d495ef + github.com/cloudnativelabs/kube-router/v2 => github.com/k3s-io/kube-router/v2 v2.0.1-0.20230411195838-cced939a8ba1 github.com/containerd/cgroups => github.com/containerd/cgroups v1.0.1 github.com/containerd/containerd => github.com/k3s-io/containerd v1.5.18-k3s1 github.com/containerd/stargz-snapshotter => github.com/k3s-io/stargz-snapshotter v0.13.0-k3s1 diff --git a/go.sum b/go.sum index dcfa883bc105..20a8285e77a9 100644 --- a/go.sum +++ b/go.sum @@ -596,8 +596,8 @@ github.com/k3s-io/klog v1.0.0-k3s2 h1:yyvD2bQbxG7m85/pvNctLX2bUDmva5kOBvuZ77tTGB github.com/k3s-io/klog v1.0.0-k3s2/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= github.com/k3s-io/klog/v2 v2.80.1-k3s1 h1:mGMXURxxmabQurmtRhXuQTJ9jC0pvIhESSxRSymepS8= github.com/k3s-io/klog/v2 v2.80.1-k3s1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -github.com/k3s-io/kube-router/v2 v2.0.1-0.20230405162624-e18008d495ef h1:2bTqV/V8rvkijGZ3CBQ05GLFl2XTqbKdMnaxqonvrus= -github.com/k3s-io/kube-router/v2 v2.0.1-0.20230405162624-e18008d495ef/go.mod h1:zhLSRTL1M+0BqeDTRzT42ZtlFJH/d9xaGvXGQR4c2Gc= +github.com/k3s-io/kube-router/v2 v2.0.1-0.20230411195838-cced939a8ba1 h1:TyefGfus6NkbJKWmEBft0NSb3/D7dYGx9cMkERjdQxc= +github.com/k3s-io/kube-router/v2 v2.0.1-0.20230411195838-cced939a8ba1/go.mod h1:zhLSRTL1M+0BqeDTRzT42ZtlFJH/d9xaGvXGQR4c2Gc= github.com/k3s-io/kubernetes v1.26.3-k3s1 h1:TGJRkXakMp9i6Xx9c2i0ZTth5W9QVebyONJq0Ifgj00= github.com/k3s-io/kubernetes v1.26.3-k3s1/go.mod h1:NxzR7U7mS+OGa3J/qweI86Pek//mlfHqDgt6NNGdz8g= github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.26.3-k3s1 h1:Ss3lqvwEnFnlCfFOtV7jg71dC1TAGXldOzgY5W5cnTk= From d8a23e46799aa6bca756c4ea60ae61f04819f677 Mon Sep 17 00:00:00 2001 From: Roberto Bonafiglia Date: Wed, 12 Apr 2023 11:17:36 +0200 Subject: [PATCH 2/2] Update install script to clean iptables rules before start Signed-off-by: Roberto Bonafiglia --- install.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/install.sh b/install.sh index 520f39513631..b3d718e1a157 100755 --- a/install.sh +++ b/install.sh @@ -967,6 +967,15 @@ service_enable_and_start() { return fi + if command -v iptables-save &> /dev/null && command -v iptables-restore &> /dev/null + then + $SUDO iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | $SUDO iptables-restore + fi + if command -v ip6tables-save &> /dev/null && command -v ip6tables-restore &> /dev/null + then + $SUDO ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | $SUDO ip6tables-restore + fi + [ "${HAS_SYSTEMD}" = true ] && systemd_start [ "${HAS_OPENRC}" = true ] && openrc_start return 0