in controllers/daemon/staticgatewayconfiguration_controller.go [323:374]
func (r *StaticGatewayConfigurationReconciler) ensureDeleteLink(ctx context.Context, gwns ns.NetNS, link netlink.Link) error {
log := log.FromContext(ctx)
linkName := link.Attrs().Name
if err := gwns.Do(func(nn ns.NetNS) error {
log.Info("Deleting link", "link", link.Attrs().Name)
err := r.Netlink.LinkDel(link)
if err != nil {
return fmt.Errorf("failed to delete link %s: %w", linkName, err)
}
mark, err := getPacketMark(linkName)
if err != nil {
return err
}
log.Info("Removing iptables rules", "mark", mark)
if err := r.removeIPTablesChains(
ctx,
utiliptables.TableNAT,
[]utiliptables.Chain{
utiliptables.Chain(fmt.Sprintf("EGRESS-GATEWAY-MARK-%d", mark)),
utiliptables.Chain(fmt.Sprintf("EGRESS-GATEWAY-SNAT-%d", mark)),
}, // target chain
[]utiliptables.Chain{
utiliptables.ChainPrerouting,
utiliptables.ChainPostrouting,
}, // source chain
[]string{
fmt.Sprintf("kube-egress-gateway mark packets from gateway link %s", linkName),
fmt.Sprintf("kube-egress-gateway sNAT packets from gateway link %s", linkName),
},
); err != nil {
return fmt.Errorf("failed to cleanup iptables rules for link %s and mark %d: %w", linkName, mark, err)
}
return nil
}); err != nil {
return err
}
// update gateway status
gwStatus := egressgatewayv1alpha1.GatewayConfiguration{
InterfaceName: link.Attrs().Name,
}
if err := r.updateGatewayNodeStatus(ctx, gwStatus, false /* add */); err != nil {
return err
}
if err := r.LBProbeServer.RemoveGateway(link.Attrs().Alias); err != nil {
return err
}
return nil
}