Change to use mountPath: /host

Change iptables chain names to not conflict with existing workaround(s) Signed-off-by: Michael Cambria <mcambria@redhat.com> (cherry picked from commit 32d72e5)
openshift · Jul 30, 2021 · e9c97d1 · e9c97d1
1 parent ccf43e2
commit e9c97d1
Showing 1 changed file with 13 additions and 13 deletions.
diff --git a/bindata/network/openshift-sdn/sdn.yaml b/bindata/network/openshift-sdn/sdn.yaml
@@ -250,33 +250,33 @@ spec:
                exit 0
           fi
           echo "Adding ICMP drop rule for '$3' "
-          if iptables -C CHECK_ICMP_SOURCE -p icmp -s $3 -j ICMP_ACTION
+          if iptables -C AZURE_CHECK_ICMP_SOURCE -p icmp -s $3 -j AZURE_ICMP_ACTION
           then
                echo "iptables already set for $3"
           else
-               iptables -A CHECK_ICMP_SOURCE -p icmp -s $3 -j ICMP_ACTION
+               iptables -A AZURE_CHECK_ICMP_SOURCE -p icmp -s $3 -j AZURE_ICMP_ACTION
           fi
           EOF
 
           echo "I$(date "+%m%d %H:%M:%S.%N") - drop-icmp - start drop-icmp ${K8S_NODE}"
-          iptables -X CHECK_ICMP_SOURCE || true
-          iptables -N CHECK_ICMP_SOURCE || true
-          iptables -F CHECK_ICMP_SOURCE
-          iptables -D INPUT -p icmp --icmp-type fragmentation-needed -j CHECK_ICMP_SOURCE || true
-          iptables -I INPUT -p icmp --icmp-type fragmentation-needed -j CHECK_ICMP_SOURCE
-          iptables -N ICMP_ACTION || true
-          iptables -F ICMP_ACTION
-          iptables -A ICMP_ACTION -j LOG
-          iptables -A ICMP_ACTION -j DROP
-          oc observe pods -n openshift-sdn -l app=sdn -a '{ .status.hostIP }' -- /var/run/add_iptables.sh
+          iptables -X AZURE_CHECK_ICMP_SOURCE || true
+          iptables -N AZURE_CHECK_ICMP_SOURCE || true
+          iptables -F AZURE_CHECK_ICMP_SOURCE
+          iptables -D INPUT -p icmp --icmp-type fragmentation-needed -j AZURE_CHECK_ICMP_SOURCE || true
+          iptables -I INPUT -p icmp --icmp-type fragmentation-needed -j AZURE_CHECK_ICMP_SOURCE
+          iptables -N AZURE_ICMP_ACTION || true
+          iptables -F AZURE_ICMP_ACTION
+          iptables -A AZURE_ICMP_ACTION -j LOG
+          iptables -A AZURE_ICMP_ACTION -j DROP
+          /host/usr/bin/oc observe pods -n openshift-sdn -l app=sdn -a '{ .status.hostIP }' -- /var/run/add_iptables.sh
         lifecycle:
           preStop:
             exec:
               command: ["/bin/bash", "-c", "echo drop-icmp done"]
         securityContext:
           privileged: true
         volumeMounts:
-        - mountPath: /
+        - mountPath: /host
           name: host-slash
         resources:
           requests: