-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Old network policy iptables rules are not cleared on upgrade #7251
Comments
This is similar to #7244 - it looks like the K3s NPC setup needs to do some cleanup of old rules regardless of whether its enabled or not. |
Validated on 59e573d
Steps To Reproduce: Install k3s with default config Before the upgrade:
After the upgrade:
Validated on 1.26.3 d9f40d4
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environmental Info:
K3s Version:
k3s version v1.25.8+k3s1 (6c5ac02)
Infrastructure
Cloud EC2 instance
Node(s) CPU architecture, OS, and Version:
Ubuntu 20.04
Cluster Configuration:
Single node
Describe the bug:
After upgrade we have a mix of old and new iptables that addresses KUBE-ROUTER
Steps To Reproduce:
curl -fL https://get.k3s.io| INSTALL_K3S_VERSION=v1.25.8+k3s1 sh -s - server
Expected behavior:
On v1.25.8+k3s1:
After upgrade
Actual behavior:
On v1.25.8+k3s1:
After upgrade we have both old and new rules
Workaround:
Run k3s-killall.sh after disabling the network policy controller or during upgrade
Related issue:
#7203
The text was updated successfully, but these errors were encountered: