Skip to content

Commit

Permalink
append check for centralized subnet nat process
Browse files Browse the repository at this point in the history
  • Loading branch information
@hongzhen-ma
hongzhen-ma committed Dec 29, 2021
1 parent ee691fb commit 270d28e
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions pkg/daemon/gateway.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -412,12 +412,12 @@ func (c *Controller) setIptables() error {
kubeovnv1.ProtocolIPv6: nodeIPv6,
}

subnetNatips, err := c.getEgressNatIpByNode(c.config.NodeName)
centralGwNatips, err := c.getEgressNatIpByNode(c.config.NodeName)
if err != nil {
klog.Errorf("failed to get centralized subnets nat ips on node %s, %v", c.config.NodeName, err)
return err
}
klog.V(3).Infof("centralized subnets nat ips %v", subnetNatips)
klog.V(3).Infof("centralized subnets nat ips %v", centralGwNatips)

var (
v4AbandonedRules = []util.IPTableRule{
Expand Down Expand Up @@ -490,9 +490,9 @@ func (c *Controller) setIptables() error {
if c.iptable[protocol] == nil {
continue
}
// delete unused iptable rule when nat gw with designative ip has been changed in centralize subnet
if err = c.deleteUnusedIptablesRule(protocol, "nat", "POSTROUTING", subnetNatips); err != nil {
klog.Errorf("failed to delete iptable rule on node %s, maybe can delete manually, %v", c.config.NodeName, err)
// delete unused iptables rule when nat gw with designative ip has been changed in centralized subnet
if err = c.deleteUnusedIptablesRule(protocol, "nat", "POSTROUTING", centralGwNatips); err != nil {
klog.Errorf("failed to delete iptables rule on node %s, maybe can delete manually, %v", c.config.NodeName, err)
return err
}

Expand Down Expand Up @@ -532,8 +532,8 @@ func (c *Controller) setIptables() error {
}
}

// add iptable rule for nat gw with designative ip in centralize subnet
for cidr, natip := range subnetNatips {
// add iptables rule for nat gw with designative ip in centralized subnet
for cidr, natip := range centralGwNatips {
if util.CheckProtocol(cidr) != protocol {
continue
}
Expand Down Expand Up @@ -994,7 +994,7 @@ func (c *Controller) getEgressNatIpByNode(nodeName string) (map[string]string, e
}

for _, subnet := range subnetList {
if subnet.Spec.Vlan != "" || subnet.Spec.GatewayType != kubeovnv1.GWCentralizedType || subnet.Spec.GatewayNode == "" || !util.GatewayContains(subnet.Spec.GatewayNode, nodeName) {
if subnet.Spec.Vlan != "" || subnet.Spec.GatewayType != kubeovnv1.GWCentralizedType || !subnet.Spec.NatOutgoing || subnet.Spec.GatewayNode == "" || !util.GatewayContains(subnet.Spec.GatewayNode, nodeName) {
continue
}

Expand Down

0 comments on commit 270d28e

Please sign in to comment.