Ability to configure wait for the xtables lock #58
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
retr0h
force-pushed
the
iptables-wait-seconds
branch
from
a2cf382
to
32dadc6
Compare
Any invocation of the iptables command results in an xtables lock, which
can lead to the iptables command exiting(4). Racy systems which make
use of inspecting iptables can cause an error.
However, maybe this is ultimately not an issue as kubernetes will retry
failed pods.
> IPTABLES(8):
-w, --wait [seconds]
Wait for the xtables lock. To prevent multiple instances of the
program from running concurrently, an attempt will be made to obtain
an exclusive lock at launch. By default, the program will exit if
the lock cannot be obtained. This option will make the program wait
(indefinitely or for optional seconds) until the exclusive lock can
be obtained.
Signed-off-by: נυαη נυαηѕση <john@dewey.ws>
retr0h
force-pushed
the
iptables-wait-seconds
branch
from
32dadc6
to
d246770
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Any invocation of the iptables command results in an xtables lock, which can lead to the iptables command exiting(4). Racy systems which make use of inspecting iptables can cause an error.
However, maybe this is ultimately not an issue as kubernetes will retry failed pods.