Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

portmap should not perform deletions if not portMapping config received #509

Merged
merged 1 commit into from
Jul 15, 2020
Merged

portmap should not perform deletions if not portMapping config received #509

merged 1 commit into from
Jul 15, 2020

Conversation

aojea
Copy link
Contributor

@aojea aojea commented Jul 13, 2020
edited
Loading

The portmap plugin, once receives a DEL, tries to delete as much as possible.

This causes issues on busy environment, because all DEL command are going to be processed by the portmap plugin, that will perform iptables operations holding the lock despite it doesn't have anything to delete.

portmap should only try to delete if it receives portMap parameters from the runtimeConfig.

xref: kubernetes/kubernetes#92811 (comment)

Fixes: #510

Signed-off-by: Antonio Ojea [email protected]

@aojea
Copy link
Contributor Author

aojea commented Jul 13, 2020

/assign @dcbw @bboreham
/cc @BenTheElder

@aojea aojea changed the title portmap should not perform deletions if not runtimeConfig present portmap should not perform deletions if not portMapping config received Jul 13, 2020
portmap DEL noop if no portMappings present
877602d 
if the runtime is not passing portMappings in the runtimeConfig,
then DEL is a noop.

This solves performance issues, when the portmap plugin is
executed multiple times, holding the iptables lock, despite
it does not have anything to delete.

Signed-off-by: Antonio Ojea <[email protected]>
This was referenced Jul 13, 2020
Closed
Closed
aojea pushed a commit to aojea/kind that referenced this pull request Jul 13, 2020
test new portmap plugin
e8881cc 
clone containernetworking/plugins#509
./build

docker build

FROM kindest/base:v20200707-e647846b
COPY bin/portmap /opt/cni/bin/portmap
aojea pushed a commit to aojea/kind that referenced this pull request Jul 13, 2020
test new portmap plugin
6731ef4 
clone containernetworking/plugins#509
./build

docker build

FROM kindest/base:v20200707-e647846b
COPY bin/portmap /opt/cni/bin/portmap
aojea pushed a commit to aojea/kind that referenced this pull request Jul 14, 2020
test new portmap plugin
66fdc2a 
clone containernetworking/plugins#509
./build

docker build

FROM kindest/base:v20200707-e647846b
COPY bin/portmap /opt/cni/bin/portmap
@aojea aojea mentioned this pull request Jul 15, 2020
Merged
bboreham
bboreham approved these changes Jul 15, 2020
View reviewed changes
Copy link
Contributor

@bboreham bboreham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

This makes it more important that the caller supply matching parameters between ADD and DEL, but the spec does require that so should be fine.

@bboreham bboreham merged commit 6eb8e31 into containernetworking:master Jul 15, 2020
@BenTheElder BenTheElder mentioned this pull request Jul 24, 2020
Closed
@Oats87 Oats87 mentioned this pull request Jul 27, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthewdupre matthewdupre matthewdupre approved these changes

@bboreham bboreham bboreham approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

portmap plugin is causing performance problems in Kubernetes due to iptables lock
3 participants
@aojea @bboreham @matthewdupre