The iptables rules added in allserverspostdeployment don't persist over reboot.
In particular, this has caused private-routers on worker-infra nodes to become inaccessible when it is rebooted. When only only worker-infra is rebooted, this makes the environment prone to losing private-router connectivity when one worker-infra dies.
At this time it looks like the only option is to run iptables-save.
The iptables rules added in allserverspostdeployment don't persist over reboot.
In particular, this has caused private-routers on worker-infra nodes to become inaccessible when it is rebooted. When only only worker-infra is rebooted, this makes the environment prone to losing private-router connectivity when one worker-infra dies.
At this time it looks like the only option is to run iptables-save.