Description of problem:
When applying iptables rules for an egress IP, sometimes the following error messages are shown and the rules are not applied
March 22nd 2021, 19:00:00.335 E0322 19:00:00.335303 5323 egressip.go:120] Error assigning Egress IP "10.x.x.x": could not add egress IP iptables rule: error appending rule: exit status 4: iptables: Resource temporarily unavailable.
Version-Release number of selected component (if applicable):
Only in customer environment
Steps to Reproduce:
Customer reproduces it by restarting node or docker, but it might be reproducible by other means.
iptables rules for egress IPs not added, although OVS flows and other things are added.
iptables rules added as well
If I try to acquire a lock on xtables manually and then release it, I cannot reproduce this issue, because the iptables invocations from sdn are done with -w, so it just waits until I release the lock.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.