Browse Source

Merge "Fix: Workaround kube-proxy keeping stale IPs"

Zuul 6 months ago
parent
commit
2d171acd89
1 changed files with 11 additions and 0 deletions
  1. 11
    0
      charts/proxy/templates/bin/_liveness-probe.sh.tpl

+ 11
- 0
charts/proxy/templates/bin/_liveness-probe.sh.tpl View File

@@ -21,6 +21,17 @@ if [[ $(iptables-save {{- if .Values.livenessProbe.whitelist }} | grep -Ev "${WH
21 21
     FAILURE=1
22 22
 fi
23 23
 
24
+
25
+IPTABLES_IPS=$(iptables-save | grep -E 'KUBE-SEP.*to-destination' | sed 's/.*to-destination \(.*\):.*/\1/' | sort -u)
26
+KUBECTL_IPS=$(kubectl get --all-namespaces -o json endpoints | jq -r '.items | arrays | .[] | objects | .subsets | arrays | .[] | objects | .addresses | arrays | .[] | objects | .ip' | sort -u)
27
+
28
+if [[ $(comm -23 <(echo "${IPTABLES_IPS}") <(echo "${KUBECTL_IPS}")) ]]; then
29
+    FAILURE=1
30
+    echo "Found non-current Pod IPs in iptables rules:"
31
+    comm -23 <(echo "${IPTABLES_IPS}") <(echo "${KUBECTL_IPS}")
32
+fi
33
+
34
+
24 35
 if [[ "${FAILURE}" == "1" ]]; then
25 36
     exit 1
26 37
 fi

Loading…
Cancel
Save