Merge pull request #17098 from pravisankar/remove-code-post3.7

Automatic merge from submit-queue.

Remove pre CNI docker cleanup code from openshift SDN

It's been few releases that we moved to CNI interfaces.
Previous release migrations should have done the pre CNI cleanup if needed.
So we no longer need this dead code.

Author: openshift-merge-robot

pkg/network/node/node.go

@@ -7,7 +7,6 @@ import (
 	"io/ioutil"
 	"net"
 	"os"
-	osexec "os/exec"
 	"path/filepath"
 	"strings"
 	"sync"
@@ -32,7 +31,6 @@ import (
 	kinternalinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	kubeletapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
 	kruntimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
-	dockertools "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 	knetwork "k8s.io/kubernetes/pkg/kubelet/network"
 	ktypes "k8s.io/kubernetes/pkg/kubelet/types"
 	kexec "k8s.io/kubernetes/pkg/util/exec"
@@ -109,8 +107,6 @@ type OsdnNode struct {
 	host             knetwork.Host
 	kubeletCniPlugin knetwork.NetworkPlugin
 
-	clearLbr0IptablesRule bool
-
 	kubeInformers kinternalinformers.SharedInformerFactory
 
 	// Holds runtime endpoint shim to make SDN <-> runtime communication
@@ -187,10 +183,6 @@ func New(c *OsdnNodeConfig) (network.NodeInterface, error) {
 		runtimeService: nil,
 	}
 
-	if err := plugin.dockerPreCNICleanup(); err != nil {
-		return nil, err
-	}
-
 	RegisterMetrics()
 
 	return plugin, nil
@@ -263,74 +255,6 @@ func GetLinkDetails(ip string) (netlink.Link, *net.IPNet, error) {
 	return nil, nil, ErrorNetworkInterfaceNotFound
 }
 
-// Detect whether we are upgrading from a pre-CNI openshift and clean up
-// interfaces and iptables rules that are no longer required
-func (node *OsdnNode) dockerPreCNICleanup() error {
-	l, err := netlink.LinkByName("lbr0")
-	if err != nil {
-		// no cleanup required
-		return nil
-	}
-	_ = netlink.LinkSetDown(l)
-
-	node.clearLbr0IptablesRule = true
-
-	// Restart docker to kill old pods and make it use docker0 again.
-	// "systemctl restart" will bail out (unnecessarily) in the
-	// OpenShift-in-a-container case, so we work around that by sending
-	// the messages by hand.
-	if _, err := osexec.Command("dbus-send", "--system", "--print-reply", "--reply-timeout=2000", "--type=method_call", "--dest=org.freedesktop.systemd1", "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager.Reload").CombinedOutput(); err != nil {
-		glog.Error(err)
-	}
-	if _, err := osexec.Command("dbus-send", "--system", "--print-reply", "--reply-timeout=2000", "--type=method_call", "--dest=org.freedesktop.systemd1", "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager.RestartUnit", "string:'docker.service' string:'replace'").CombinedOutput(); err != nil {
-		glog.Error(err)
-	}
-
-	// Delete pre-CNI interfaces
-	for _, intf := range []string{"lbr0", "vovsbr", "vlinuxbr"} {
-		l, err = netlink.LinkByName(intf)
-		if err != nil {
-			_ = netlink.LinkDel(l)
-		}
-	}
-
-	// Wait until docker has restarted since kubelet will exit if docker isn't running
-	if _, err := ensureDockerClient(); err != nil {
-		return err
-	}
-
-	glog.Infof("Cleaned up left-over openshift-sdn docker bridge and interfaces")
-
-	return nil
-}
-
-func ensureDockerClient() (dockertools.Interface, error) {
-	endpoint := os.Getenv("DOCKER_HOST")
-	if endpoint == "" {
-		endpoint = "unix:///var/run/docker.sock"
-	}
-	dockerClient := dockertools.ConnectToDockerOrDie(endpoint, time.Minute, time.Minute)
-
-	// Wait until docker has restarted since kubelet will exit it docker isn't running
-	err := kwait.ExponentialBackoff(
-		kwait.Backoff{
-			Duration: 100 * time.Millisecond,
-			Factor:   1.2,
-			Steps:    6,
-		},
-		func() (bool, error) {
-			if _, err := dockerClient.Version(); err != nil {
-				// wait longer
-				return false, nil
-			}
-			return true, nil
-		})
-	if err != nil {
-		return nil, fmt.Errorf("failed to connect to docker: %v", err)
-	}
-	return dockerClient, nil
-}
-
 func (node *OsdnNode) killUpdateFailedPods(pods []kapi.Pod) error {
 	for _, pod := range pods {
 		// Get the sandbox ID for this pod from the runtime

pkg/network/node/sdn_controller.go

@@ -18,9 +18,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	utilwait "k8s.io/apimachinery/pkg/util/wait"
 	kapi "k8s.io/kubernetes/pkg/api"
-	utildbus "k8s.io/kubernetes/pkg/util/dbus"
-	kexec "k8s.io/kubernetes/pkg/util/exec"
-	"k8s.io/kubernetes/pkg/util/iptables"
 	"k8s.io/kubernetes/pkg/util/sysctl"
 
 	"github.com/vishvananda/netlink"
@@ -167,16 +164,6 @@ func (plugin *OsdnNode) SetupSDN() (bool, error) {
 
 	glog.V(5).Infof("[SDN setup] node pod subnet %s gateway %s", ipnet.String(), localSubnetGateway)
 
-	exec := kexec.New()
-
-	if plugin.clearLbr0IptablesRule {
-		// Delete docker's left-over lbr0 rule; cannot do this from
-		// NewNodePlugin (where docker is cleaned up) because we need
-		// localSubnetCIDR which is only valid after plugin start
-		ipt := iptables.New(exec, utildbus.New(), iptables.ProtocolIpv4)
-		ipt.DeleteRule(iptables.TableNAT, iptables.ChainPostrouting, "-s", localSubnetCIDR, "!", "-o", "lbr0", "-j", "MASQUERADE")
-	}
-
 	gwCIDR := fmt.Sprintf("%s/%d", localSubnetGateway, localSubnetMaskLength)
 
 	if err := waitForOVS(ovsDialDefaultNetwork, ovsDialDefaultAddress); err != nil {