Why iptables rules are not cleaned up by kubeproxy when the pods are terminated/rolling update?

Solution Verified - Updated -

Issue

  • While performing the rolling update, kubeproxy does not clean the iptable rules for the old pods immediately and on average it takes ~10 minutes to clean up those rules.

Environment

  • Openshift v3.11.318 and before
  • Rolling strategy as below
 rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content