1455656 – [3.5] iptables spams the logs with the rules every time iptables-restore is called

Bug 1455656 - [3.5] iptables spams the logs with the rules every time iptables-restore is called

Summary: [3.5] iptables spams the logs with the rules every time iptables-restore is c...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	3.5.0
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	3.5.z
Assignee:	Ben Bennett
QA Contact:	Meng Bo
Docs Contact:
URL:
Whiteboard:
Depends On:	1455655
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-25 17:21 UTC by Ben Bennett
Modified:	2017-08-10 05:25 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: We logged the iptables rules at too low of a log level. Consequence: The logs fill with iptables noise. Fix: Change the level at which they are logged. Result: Much more useful logs.
Clone Of:	1455655
Environment:
Last Closed:	2017-08-10 05:25:32 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift ose pull 765	0	None	None	None	2017-05-25 17:30:10 UTC
Red Hat Product Errata	RHEA-2017:1716	0	normal	SHIPPED_LIVE	Red Hat OpenShift Container Platform 3.6 RPM Release Advisory	2017-08-10 09:02:50 UTC

Description Ben Bennett 2017-05-25 17:21:51 UTC

+++ This bug was initially created as a clone of Bug #1455655 +++

Description of problem:
At log level 3 OpenShift dumps the complete iptables rules to the log.

Version-Release number of selected component (if applicable):
3.5.0

How reproducible:
Every time log level is set to 3 or higher.

Steps to Reproduce:
1. Set the log level to 3
2. Start openshift
3. Watch the logs

Actual results:

Masses of iptables rules printed to the log.

Expected results:

No rules printed at reasonable log levels.

Comment 1 Ben Bennett 2017-05-31 13:44:23 UTC

PR https://github.com/openshift/ose/pull/765

Comment 5 Yan Du 2017-06-02 05:53:59 UTC

Test on OCP 3.5
openshift v3.5.5.21
kubernetes v1.5.2+43a9be4

No iptable rules printed in log when setting log level to 3 and rules printed to the log when log level is 5.

@Ben Could you please move bug to ON_QA, then QE could verify it.

Comment 7 errata-xmlrpc 2017-08-10 05:25:32 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1716

Note You need to log in before you can comment on or make changes to this bug.