Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release 1.25] Update Kube-router ACCEPT rule insertion and install script to clean rules before start #7276

Merged
merged 2 commits into from Apr 12, 2023
Merged

[Release 1.25] Update Kube-router ACCEPT rule insertion and install script to clean rules before start #7276

merged 2 commits into from Apr 12, 2023

Conversation

rbrtbnfgl
Copy link
Contributor

Proposed Changes

Backport for #7274

Types of Changes

Verification

Testing

Linked Issues

#7219

User-Facing Change

The embedded kube-router controller has been updated to fix a regression that caused traffic from pods to be blocked by any default drop/deny rules present on the host. Users should still confirm that any externally-managed firewall rules explicitly allow traffic to/from pod and service networks, but this returns the old behavior that was relied upon by some users.

Further Comments

@rbrtbnfgl
Update kube-router to insert iptables rules right after kubernetes ones
196d8b2 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
@rbrtbnfgl
Update install script to clean iptables rules before start
c994a53 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
@rbrtbnfgl rbrtbnfgl requested a review from a team as a code owner April 12, 2023 09:36
@rbrtbnfgl rbrtbnfgl merged commit 59e573d into k3s-io:release-1.25 Apr 12, 2023
10 checks passed
@rbrtbnfgl rbrtbnfgl deleted the kube-router-iptables1.25 branch April 12, 2023 20:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandond brandond brandond approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rbrtbnfgl @brandond