Bug 1830098 - Alert ClusterIPTablesStale and NodeIPTablesStale fire continuously on a cluster that has no chanegs
Summary: Alert ClusterIPTablesStale and NodeIPTablesStale fire continuously on a clust...
Keywords:
Status: CLOSED DUPLICATE of bug 1826339
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.5
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 4.5.0
Assignee: Casey Callendrello
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-04-30 20:27 UTC by Clayton Coleman
Modified: 2020-05-06 16:32 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-06 16:32:12 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Clayton Coleman 2020-04-30 20:27:13 UTC 
1. Launch 4.5 cluster
2. Do nothing
3. See ClusterIPTablesStale and NodeIPTablesStale alerts fire

It appears that iptables no longer syncs when no changes happen, which means these alerts will fire when no changes happen OR when the proxy breaks.

The alerts need to be updated or changed (or proxy needs to refresh the timestamp anyway).

Blocks 4.5 GA because we can't ship a product that fires alerts at idle.
Comment 1 Dan Williams 2020-04-30 20:36:09 UTC 
I think Casey had a related upstream PR merge to kube last week: https://github.com/kubernetes/kubernetes/pull/90175
Comment 2 Casey Callendrello 2020-05-06 14:33:29 UTC 
Working on this. Almost done. Needed an upstream change.
Comment 3 Casey Callendrello 2020-05-06 16:32:12 UTC 

*** This bug has been marked as a duplicate of bug 1826339 ***
Note You need to log in before you can comment on or make changes to this bug.