From 17d58f648aa2741b34b1b59e69ccceda65867043 Mon Sep 17 00:00:00 2001 From: Congrool Date: Mon, 25 Oct 2021 11:00:47 +0800 Subject: [PATCH] automatically clean dummy interface and iptables rule when yurthub is stopped by k8s --- cmd/yurthub/yurthub.go | 4 ++-- pkg/yurthub/network/iptables.go | 7 +++++++ pkg/yurthub/network/network.go | 5 +++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/cmd/yurthub/yurthub.go b/cmd/yurthub/yurthub.go index f1b7f274dbd..f98b8794d6a 100644 --- a/cmd/yurthub/yurthub.go +++ b/cmd/yurthub/yurthub.go @@ -22,12 +22,12 @@ import ( "time" "github.com/openyurtio/openyurt/cmd/yurthub/app" - "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/apiserver/pkg/server" ) func main() { rand.Seed(time.Now().UnixNano()) - cmd := app.NewCmdStartYurtHub(wait.NeverStop) + cmd := app.NewCmdStartYurtHub(server.SetupSignalHandler()) cmd.Flags().AddGoFlagSet(flag.CommandLine) if err := cmd.Execute(); err != nil { panic(err) diff --git a/pkg/yurthub/network/iptables.go b/pkg/yurthub/network/iptables.go index 5dfd43628cc..7c48a0c1d5d 100644 --- a/pkg/yurthub/network/iptables.go +++ b/pkg/yurthub/network/iptables.go @@ -84,3 +84,10 @@ func (im *IptablesManager) EnsureIptablesRules() error { } return nil } + +func (im *IptablesManager) CleanUpIptablesRules() { + for _, rule := range im.rules { + err := im.iptables.DeleteRule(rule.table, rule.chain, rule.args...) + klog.Errorf("failed to delete iptables rule(%s -t %s %s %s), %v", rule.pos, rule.table, rule.table, strings.Join(rule.args, " "), err) + } +} diff --git a/pkg/yurthub/network/network.go b/pkg/yurthub/network/network.go index b47e610e894..4d6e7ced105 100644 --- a/pkg/yurthub/network/network.go +++ b/pkg/yurthub/network/network.go @@ -76,6 +76,11 @@ func (m *NetworkManager) Run(stopCh <-chan struct{}) { select { case <-stopCh: klog.Infof("exit network manager run goroutine normally") + m.iptablesManager.CleanUpIptablesRules() + err := m.ifController.DeleteDummyInterface(m.dummyIfName) + if err != nil { + klog.Errorf("failed to delete dummy interface %s, %v", m.dummyIfName, err) + } return case <-ticker.C: if err := m.configureNetwork(); err != nil {