From 253e2d3253165d58665509cd3cb4e0bdb20df5da Mon Sep 17 00:00:00 2001 From: Bruno Rodriguez Date: Thu, 21 Sep 2023 10:45:11 +0200 Subject: [PATCH] B #6299: Increase delay before ipset destroy This will give kernel some more time to clean up before attemting to destroy the associated ipsets. Otherwise it may fail with: "Set cannot be destroyed: it is in use by a kernel component" --- src/vnm_mad/remotes/lib/security_groups_iptables.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/vnm_mad/remotes/lib/security_groups_iptables.rb b/src/vnm_mad/remotes/lib/security_groups_iptables.rb index e115366b059..0a906fbe12a 100644 --- a/src/vnm_mad/remotes/lib/security_groups_iptables.rb +++ b/src/vnm_mad/remotes/lib/security_groups_iptables.rb @@ -616,7 +616,7 @@ def self.nic_deactivate(vm, nic) remove_chains_6.each {|c| commands.add :ip6tables, "-X #{c}" } # delay to allow kernel to clean up - commands.add 'sleep', '0.1' + commands.add 'sleep', '0.5' ipset_list.lines.each do |line| if line.match(/^#{chain}(-|$)/)