iptables: Read CNI chaining mode from CNI config manager #30766
Merged
Commits on Feb 28, 2024
-
iptables: Read CNI chaining mode from CNI config manager
CNI chaining mode option has been moved to the CNI cell in commit 1254bf4. Since it is not a global config option anymore, iptables manager will not see any change to that value, and its field `CNIChainingMode` will always be an empty string. Thus, with the following config option values: - "enable-endpoint-routes": true - "cni-chaining-mode": "aws-cni" the delivery interface referenced in the rules installed by the manager is "lxc+" instead of "eni+". This commit fixes this adding a CNI config manager reference to the iptables manager parameters, in order to read the current setting for the chaining mode during rules installation. Fixes: 1254bf4 ("daemon / cni: move to Cell, watch for changes") Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.