@@ -605,6 +605,7 @@ func (c *Controller) gcPortGroup() error {
605605 klog .Info ("start to gc network policy" )
606606
607607 npNames := strset .New ()
608+ delPgNames := strset .New ()
608609
609610 if c .config .EnableNP {
610611 nps , err := c .npsLister .List (labels .Everything ())
@@ -622,53 +623,66 @@ func (c *Controller) gcPortGroup() error {
622623
623624 npNames .Add (fmt .Sprintf ("%s/%s" , np .Namespace , npName ))
624625 }
626+ }
625627
626- // append node port group to npNames to avoid gc node port group
627- nodes , err := c .nodesLister .List (labels .Everything ())
628- if err != nil {
629- klog .Errorf ("failed to list nodes, %v" , err )
630- return err
631- }
628+ // append node port group to npNames to avoid gc node port group
629+ nodes , err := c .nodesLister .List (labels .Everything ())
630+ if err != nil {
631+ klog .Errorf ("failed to list nodes, %v" , err )
632+ return err
633+ }
632634
633- for _ , node := range nodes {
634- npNames .Add (fmt .Sprintf ("%s/%s" , "node" , node .Name ))
635- }
635+ for _ , node := range nodes {
636+ npNames .Add (fmt .Sprintf ("%s/%s" , "node" , node .Name ))
637+ }
636638
637- // append overlay subnets port group to npNames to avoid gc distributed subnets port group
638- subnets , err := c .subnetsLister .List (labels .Everything ())
639- if err != nil {
640- klog .Errorf ("failed to list subnets %v" , err )
641- return err
639+ // append overlay subnets port group to npNames to avoid gc distributed subnets port group
640+ subnets , err := c .subnetsLister .List (labels .Everything ())
641+ if err != nil {
642+ klog .Errorf ("failed to list subnets %v" , err )
643+ return err
644+ }
645+ for _ , subnet := range subnets {
646+ if subnet .Spec .Vpc != c .config .ClusterRouter || (subnet .Spec .Vlan != "" && ! subnet .Spec .LogicalGateway ) || subnet .Name == c .config .NodeSwitch || subnet .Spec .GatewayType != kubeovnv1 .GWDistributedType {
647+ continue
642648 }
643- for _ , subnet := range subnets {
644- if subnet .Spec .Vpc != c .config .ClusterRouter || (subnet .Spec .Vlan != "" && ! subnet .Spec .LogicalGateway ) || subnet .Name == c .config .NodeSwitch || subnet .Spec .GatewayType != kubeovnv1 .GWDistributedType {
645- continue
646- }
647649
648- for _ , node := range nodes {
649- npNames .Add (fmt .Sprintf ("%s/%s" , subnet .Name , node .Name ))
650- }
650+ for _ , node := range nodes {
651+ npNames .Add (fmt .Sprintf ("%s/%s" , subnet .Name , node .Name ))
651652 }
653+ }
652654
653- // list all np port groups which externalIDs[np]!=""
654- pgs , err := c .OVNNbClient .ListPortGroups (map [string ]string {networkPolicyKey : "" })
655- if err != nil {
656- klog .Errorf ("list np port group: %v" , err )
657- return err
658- }
655+ // list all np port groups which externalIDs[np]!=""
656+ pgs , err := c .OVNNbClient .ListPortGroups (map [string ]string {networkPolicyKey : "" })
657+ if err != nil {
658+ klog .Errorf ("list np port group: %v" , err )
659+ return err
660+ }
659661
660- for _ , pg := range pgs {
661- np := strings .Split (pg .ExternalIDs [networkPolicyKey ], "/" )
662- if len (np ) != 2 {
663- // not np port group
664- continue
665- }
666- if ! npNames .Has (pg .ExternalIDs [networkPolicyKey ]) {
667- klog .Infof ("gc port group '%s' network policy '%s'" , pg .Name , pg .ExternalIDs [networkPolicyKey ])
662+ for _ , pg := range pgs {
663+ np := strings .Split (pg .ExternalIDs [networkPolicyKey ], "/" )
664+ if len (np ) != 2 {
665+ // not np port group
666+ continue
667+ }
668+ if ! npNames .Has (pg .ExternalIDs [networkPolicyKey ]) {
669+ klog .Infof ("gc port group '%s' network policy '%s'" , pg .Name , pg .ExternalIDs [networkPolicyKey ])
670+ delPgNames .Add (pg .Name )
671+ if c .config .EnableNP {
668672 c .deleteNpQueue .Add (pg .ExternalIDs [networkPolicyKey ])
669673 }
670674 }
671675 }
676+ // gc port group
677+ // the pgName in the network policy is generated differently from the node/subnet pgName
678+ // so processes port group gc separately
679+ // ensure that the port group can be correctly gc
680+ delPgNames .Each (func (item string ) bool {
681+ if err := c .OVNNbClient .DeletePortGroup (item ); err != nil {
682+ klog .Errorf ("failed to gc port group %s: %v" , item , err )
683+ }
684+ return true
685+ })
672686
673687 return nil
674688}
0 commit comments