Skip to content

Commit

Permalink
install: Remove AWS-CONNMARK-CHAIN iptables
Browse files Browse the repository at this point in the history 
We were missing some AWS-specific iptable rules that need to be deleted
when running in ENI mode.

Signed-off-by: Maciej Kwiek <maciej@isovalent.com>
  • Loading branch information
@nebril @joestringer
nebril authored and joestringer committed Oct 18, 2023
1 parent 356d9fa commit 8c86d07
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion install/kubernetes/cilium/files/agent/poststart-eni.bash
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@ set -o nounset
if [[ "$(iptables-save | grep -c AWS-SNAT-CHAIN)" != "0" ]];
then
echo 'Deleting iptables rules created by the AWS CNI VPC plugin'
iptables-save | grep -v AWS-SNAT-CHAIN | iptables-restore
iptables-save | grep -v 'AWS-SNAT-CHAIN|AWS-CONNMARK-CHAIN' | iptables-restore
fi
echo 'Done!'

0 comments on commit 8c86d07

Please sign in to comment.