Bug 1822351 - fix hybrid proxier to not force constant resyncing
Summary: fix hybrid proxier to not force constant resyncing
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.5.0
Assignee: Dan Winship
QA Contact: Weibin Liang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-04-08 19:22 UTC by Dan Winship
Modified: 2020-07-13 17:27 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-13 17:26:34 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift sdn pull 127 0 None closed Bug 1822351: Fix hybrid proxier for iptables.Monitor 2020-06-23 09:54:25 UTC
Red Hat Product Errata RHBA-2020:2409 0 None None None 2020-07-13 17:27:03 UTC

Description Dan Winship 2020-04-08 19:22:21 UTC
We did a bunch of patches upstream to make kube-proxy not do constant unnecessary iptables resyncs but then didn't notice that our hybrid proxier code was forcing unnecessary resyncs anyway.

Acceptance criteria:
- Cluster still works
- Services still work, still reflect new/changed/deleted endpoints promptly
- Service idling/unidling still works, still changes state promptly
- Monitoring the kubeproxy_sync_proxy_rules_last_timestamp_seconds metric on the sdn pod shows that it only changes when there are actual changes to services/endpoints, rather than automatically being updated every 30 seconds.

Comment 4 errata-xmlrpc 2020-07-13 17:26:34 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409


Note You need to log in before you can comment on or make changes to this bug.