New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use /proc/net/nf_conntrack. #57896
Use /proc/net/nf_conntrack. #57896
Conversation
/cc @yguo0905 |
duplicate #56765 |
test/e2e/network/kube_proxy.go
Outdated
@@ -171,16 +171,16 @@ var _ = SIGDescribe("Network", func() { | |||
// If test flakes occur here, then this check should be performed | |||
// in a loop as there may be a race with the client connecting. | |||
framework.IssueSSHCommandWithResult( | |||
fmt.Sprintf("sudo cat /proc/net/ip_conntrack | grep 'dport=%v'", | |||
fmt.Sprintf("sudo cat /proc/net/nf_conntrack | grep 'dport=%v'", | |||
testDaemonTcpPort), | |||
framework.TestContext.Provider, | |||
clientNodeInfo.node) | |||
|
|||
// Timeout in seconds is available as the third column from |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The columns have changed in nf_conntrack
. It should be the 5th one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, it would be the third field for the "conntrack" untility's output.
Perhaps that is an argument towards using it to abstract eventual kernel changes?
Let me know what you think is appropriate here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
conntrack
is not installed on everywhere - cos-63
does not have it. Looks like checking nf_conntrack
is safer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack. I'll update the PR in that sense.
/lgtm |
@bowei, please take a look. Thanks. |
I think the issue fixed by this PR is now breaking the kops e2e tests, likely causing problems for merges. cc @bowei @caseydavenport @kubernetes/sig-network-bugs |
@kubernetes/sig-network-bugs Can you PTAL? |
/approve no-issue |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chrisglass, mikedanese, yguo0905 Associated issue requirement bypassed by: mikedanese The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/retest nfs issues: #58578 |
/retest Review the full test history for this PR. Silence the bot with an |
1 similar comment
/retest Review the full test history for this PR. Silence the bot with an |
please squash fixup commits |
/proc/net/ip_conntrack was finally removed from linux 4.9 onwards, instead we should use /proc/net/nf_conntrack (see commit message at https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=adf0516845bcd0e626323c858ece28ee58c74455) Signed-off-by: Chris Glass <chris.glass@canonical.com>
dae4a18
to
a2a0b9c
Compare
Squashed. |
/test all [submit-queue is verifying that this PR is safe to merge] |
/retest Review the full test history for this PR. Silence the bot with an |
/test all [submit-queue is verifying that this PR is safe to merge] |
/retest Review the full test history for this PR. Silence the bot with an |
/test all [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue (batch tested with PRs 57896, 58070). If you want to cherry-pick this change to another branch, please follow the instructions here. |
/proc/net/ip_conntrack was finally removed from linux 4.9 onwards,
instead we should use /proc/net/nf_conntrack (see commit message at
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=adf0516845bcd0e626323c858ece28ee58c74455)
Signed-off-by: Chris Glass chris.glass@canonical.com
What this PR does / why we need it:
This PR fixes a test failure from linux kernels 4.9 onwards. The alternative interface used in this PR has been available for 10 years, so it is unlikely not to be available.
Special notes for your reviewer:
Release note: