rectified95
diff --git a/‎pkg/clustermesh/cell.go‎
Lines changed: 2 additions & 1 deletion b/‎pkg/clustermesh/cell.go‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎pkg/clustermesh/ipsetsyncer.go‎
Lines changed: 0 additions & 39 deletions b/‎pkg/clustermesh/ipsetsyncer.go‎
Lines changed: 0 additions & 39 deletions
diff --git a/‎pkg/clustermesh/notifier.go‎
Lines changed: 56 additions & 0 deletions b/‎pkg/clustermesh/notifier.go‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎pkg/datapath/linux/node.go‎
Lines changed: 6 additions & 1 deletion b/‎pkg/datapath/linux/node.go‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎pkg/node/manager/cell.go‎
Lines changed: 2 additions & 0 deletions b/‎pkg/node/manager/cell.go‎
Lines changed: 2 additions & 0 deletions
@@ -36,5 +36,6 @@ var Cell = cell.Module(
 	metrics.Metric(NewMetrics),
 	metrics.Metric(common.MetricsProvider(subsystem)),
 
-	cell.Invoke(ipsetSyncer),
+	cell.Invoke(ipsetNotifier),
+	cell.Invoke(nodeManagerNotifier),
 )
@@ -0,0 +1,56 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Authors of Cilium
+
+package clustermesh
+
+import (
+	"context"
+
+	"github.com/cilium/hive/cell"
+	"github.com/cilium/hive/job"
+
+	"github.com/cilium/cilium/pkg/datapath/iptables/ipset"
+	nodeManager "github.com/cilium/cilium/pkg/node/manager"
+)
+
+func ipsetNotifier(
+	jg job.Group,
+	cm *ClusterMesh,
+	ipsetMgr ipset.Manager,
+) {
+	if cm == nil {
+		return
+	}
+
+	initializer := ipsetMgr.NewInitializer()
+
+	jg.Add(job.OneShot("clustermesh-ipset-notifier", func(ctx context.Context, _ cell.Health) error {
+		// wait for initial nodes listing from all remote clusters
+		// before allowing stale ipset entries deletion
+		if err := cm.NodesSynced(ctx); err != nil {
+			return err
+		}
+		initializer.InitDone()
+		return nil
+	}))
+}
+
+func nodeManagerNotifier(
+	jg job.Group,
+	cm *ClusterMesh,
+	nodeMgr nodeManager.NodeManager,
+) {
+	if cm == nil {
+		return
+	}
+
+	jg.Add(job.OneShot("clustermesh-nodemanager-notifier", func(ctx context.Context, _ cell.Health) error {
+		// wait for initial nodes listing from all remote clusters
+		// before allowing stale node deletion
+		if err := cm.NodesSynced(ctx); err != nil {
+			return err
+		}
+		nodeMgr.MeshNodeSync()
+		return nil
+	}))
+}
@@ -40,6 +40,7 @@ import (
 	"github.com/cilium/cilium/pkg/node/manager"
 	nodeTypes "github.com/cilium/cilium/pkg/node/types"
 	"github.com/cilium/cilium/pkg/option"
+	"github.com/cilium/cilium/pkg/source"
 	"github.com/cilium/cilium/pkg/time"
 )
 
@@ -1086,9 +1087,13 @@ func (n *linuxNodeHandler) NodeDelete(oldNode nodeTypes.Node) error {
 	defer n.mutex.Unlock()
 
 	nodeIdentity := oldNode.Identity()
-	if oldCachedNode, nodeExists := n.nodes[nodeIdentity]; nodeExists {
+	if oldCachedNode, nodeExists := n.nodes[nodeIdentity]; nodeExists || oldNode.Source == source.Restored {
 		delete(n.nodes, nodeIdentity)
 
+		if oldNode.Source == source.Restored {
+			oldCachedNode = &oldNode
+		}
+
 		if n.isInitialized {
 			return n.nodeDelete(oldCachedNode)
 		}
 
@@ -59,6 +59,8 @@ type NodeManager interface {
 
 	// NodeSync is called when the store completes the initial nodes listing
 	NodeSync()
+	// MeshNodeSync is called when the store completes the initial nodes listing including meshed nodes
+	MeshNodeSync()
 
 	// ClusterSizeDependantInterval returns a time.Duration that is dependent on
 	// the cluster size, i.e. the number of nodes that have been discovered. This
Original file line number	Diff line number	Diff line change
`@@ -36,5 +36,6 @@ var Cell = cell.Module(`
`36`	`36`	`metrics.Metric(NewMetrics),`
`37`	`37`	`metrics.Metric(common.MetricsProvider(subsystem)),`
`38`	`38`
`39`		`- cell.Invoke(ipsetSyncer),`
	`39`	`+ cell.Invoke(ipsetNotifier),`
	`40`	`+ cell.Invoke(nodeManagerNotifier),`
`40`	`41`	`)`