Merge pull request #45343 from akerouanton/overlay-cleanup-iptables-rules

libnet/overlay: clean up iptables rules on network delete
2023-04-20 11:23:47 -07:00 · 2023-04-20 11:23:47 -07:00 · f9ea1dac30
commit f9ea1dac30
parent d0df6c983c 1e1efe1f61
1 changed files with 19 additions and 0 deletions
--- a/libnetwork/drivers/overlay/ov_network.go
+++ b/libnetwork/drivers/overlay/ov_network.go
@ -216,6 +216,25 @@ func (d *driver) DeleteNetwork(nid string) error {
 	doPeerFlush = true
 	delete(d.networks, nid)

+	if n.secure {
+		for _, s := range n.subnets {
+			if err := programMangle(s.vni, false); err != nil {
+				logrus.WithFields(logrus.Fields{
+					logrus.ErrorKey: err,
+					"network_id":    n.id,
+					"subnet":        s.subnetIP,
+				}).Warn("Failed to clean up iptables rules during overlay network deletion")
+			}
+			if err := programInput(s.vni, false); err != nil {
+				logrus.WithFields(logrus.Fields{
+					logrus.ErrorKey: err,
+					"network_id":    n.id,
+					"subnet":        s.subnetIP,
+				}).Warn("Failed to clean up iptables rules during overlay network deletion")
+			}
+		}
+	}
+
 	return nil
 }