Skip to content

[NPM] fix: Update Iptables to Legacy #3782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 10, 2025
Merged

[NPM] fix: Update Iptables to Legacy #3782

merged 4 commits into from
Jul 10, 2025

Conversation

rayaisaiah
Copy link
Contributor

@rayaisaiah rayaisaiah commented Jul 10, 2025
edited
Loading

Reason for Change:
Updates iptables to legacy fix crashloopbackoffs in CBL-Mariner/Linux nodepools.

Issue Fixed:
NPM's Ubuntu base image was recently updated to 24.04 from 20.04 as the older version was EOL (see: #3743). There was a behavioral change between the 2 Ubuntu versions that required NPM to specify legacy for its Iptables.

Error: failed to create dataplane with error Operation [BootupDataplane] failed with error code [999], full cmd [], full error failed to reset policy dataplane: Operation [BootupPolicyManager] failed with error code [999], full cmd [], full error failed to bootup policy manager: failed to detect iptables version: unable to locate which iptables version kube proxy is using

Requirements:

Notes:

@Copilot Copilot AI review requested due to automatic review settings July 10, 2025 02:48
@rayaisaiah rayaisaiah requested review from a team as code owners July 10, 2025 02:48
@rayaisaiah rayaisaiah requested a review from vakalapa July 10, 2025 02:48
@rayaisaiah rayaisaiah added npm Related to NPM. linux labels Jul 10, 2025
Copilot
Copilot AI reviewed Jul 10, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates iptables configuration to use legacy mode and upgrades the base Ubuntu image from 20.04 to 24.04. The changes address compatibility issues by switching from standard iptables commands to their legacy variants and updating dependencies accordingly.

  • Updates iptables constants to use legacy variants (iptables-legacy, iptables-legacy-save, etc.)
  • Upgrades Docker base image from Ubuntu 20.04 to 24.04 with specific package versions
  • Updates development configuration and dependency versions

Reviewed Changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.

File Description
npm/util/const.go Updates iptables command constants to use legacy variants
npm/linux.Dockerfile Upgrades base image to Ubuntu 24.04 and pins specific package versions
hack/aks/Makefile Changes IP tag from test to non-production environment
go.mod Updates mapstructure dependency to v2.3.0
Comments suppressed due to low confidence (1)

npm/util/const.go:39

  • The constant name 'IptablesRestoreNft' suggests NFT functionality, but the value 'iptables-legacy-nft-restore' mixes legacy and NFT concepts. Consider renaming to 'IptablesRestoreLegacyNft' to clarify this is the legacy version of the NFT restore command.
	IptablesRestoreNft         string = "iptables-legacy-nft-restore"

@rayaisaiah rayaisaiah changed the base branch from master to release/v1.6 July 10, 2025 02:49
vakalapa
vakalapa previously approved these changes Jul 10, 2025
View reviewed changes
neaggarwMS
neaggarwMS previously approved these changes Jul 10, 2025
View reviewed changes
@rayaisaiah
Copy link
Contributor Author

/azp run Azure Container Networking PR

@rayaisaiah
Copy link
Contributor Author

/azp run NPM Conformance Tests

@rayaisaiah
Copy link
Contributor Author

/azp run NPM Scale Test

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

2 similar comments
@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@vakalapa vakalapa enabled auto-merge (squash) July 10, 2025 03:22
@rayaisaiah rayaisaiah dismissed stale reviews from neaggarwMS and vakalapa via 59f1f4d July 10, 2025 03:37
@anubhabMajumdar anubhabMajumdar disabled auto-merge July 10, 2025 03:40
@vakalapa vakalapa enabled auto-merge (squash) July 10, 2025 03:55
@mereta mereta mentioned this pull request Jul 10, 2025
Closed
4 tasks
@vakalapa vakalapa merged commit 3243ee6 into release/v1.6 Jul 10, 2025
26 of 55 checks passed
@vakalapa vakalapa deleted the isaiahraya/fix-iptables-legacy-with-ubuntu2404 branch July 10, 2025 11:18
rayaisaiah added a commit that referenced this pull request Jul 17, 2025
@rayaisaiah
[NPM] fix: Update Iptables to Legacy (#3782)
2f4ccf6 
* added legacy

* typo

* updated tests

* updated for all tests
@rayaisaiah rayaisaiah mentioned this pull request Jul 17, 2025
Merged
4 tasks
github-merge-queue bot pushed a commit that referenced this pull request Jul 18, 2025
@rayaisaiah
[Forwardport] [NPM] fix: Update Iptables to Legacy (#3782) (#3842)
f2d2be5 
[NPM] fix: Update Iptables to Legacy (#3782)

* added legacy

* typo

* updated tests

* updated for all tests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@vakalapa vakalapa vakalapa approved these changes

@anubhabMajumdar anubhabMajumdar anubhabMajumdar approved these changes

@mereta mereta mereta approved these changes

@snguyen64 snguyen64 snguyen64 approved these changes

@neaggarwMS neaggarwMS neaggarwMS left review comments

Assignees
No one assigned
Labels
linux npm Related to NPM.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@rayaisaiah @vakalapa @anubhabMajumdar @mereta @snguyen64 @neaggarwMS