Merge pull request #121814 from danwinship/kubemark-iptables
Remove --use-real-proxier support from kubemark
This commit is contained in:
Kubernetes Prow Robot
@@ -18,7 +18,6 @@ package app
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
|
||||||
goflag "flag"
|
goflag "flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
@@ -42,7 +41,6 @@ import (
|
|||||||
_ "k8s.io/component-base/metrics/prometheus/version" // for version metric registration
|
_ "k8s.io/component-base/metrics/prometheus/version" // for version metric registration
|
||||||
"k8s.io/component-base/version"
|
"k8s.io/component-base/version"
|
||||||
"k8s.io/component-base/version/verflag"
|
"k8s.io/component-base/version/verflag"
|
||||||
fakesysctl "k8s.io/component-helpers/node/util/sysctl/testing"
|
|
||||||
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
||||||
"k8s.io/kubernetes/pkg/cluster/ports"
|
"k8s.io/kubernetes/pkg/cluster/ports"
|
||||||
cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
|
cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
|
||||||
@@ -53,8 +51,6 @@ import (
|
|||||||
"k8s.io/kubernetes/pkg/kubemark"
|
"k8s.io/kubernetes/pkg/kubemark"
|
||||||
kubemarkproxy "k8s.io/kubernetes/pkg/proxy/kubemark"
|
kubemarkproxy "k8s.io/kubernetes/pkg/proxy/kubemark"
|
||||||
utilflag "k8s.io/kubernetes/pkg/util/flag"
|
utilflag "k8s.io/kubernetes/pkg/util/flag"
|
||||||
fakeiptables "k8s.io/kubernetes/pkg/util/iptables/testing"
|
|
||||||
fakeexec "k8s.io/utils/exec/testing"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type hollowNodeConfig struct {
|
type hollowNodeConfig struct {
|
||||||
@@ -67,14 +63,16 @@ type hollowNodeConfig struct {
|
|||||||
NodeName string
|
NodeName string
|
||||||
ServerPort int
|
ServerPort int
|
||||||
ContentType string
|
ContentType string
|
||||||
UseRealProxier bool
|
|
||||||
ProxierSyncPeriod time.Duration
|
|
||||||
ProxierMinSyncPeriod time.Duration
|
|
||||||
NodeLabels map[string]string
|
NodeLabels map[string]string
|
||||||
RegisterWithTaints []v1.Taint
|
RegisterWithTaints []v1.Taint
|
||||||
MaxPods int
|
MaxPods int
|
||||||
ExtendedResources map[string]string
|
ExtendedResources map[string]string
|
||||||
UseHostImageService bool
|
UseHostImageService bool
|
||||||
|
|
||||||
|
// Deprecated config; remove these with the corresponding flags
|
||||||
|
UseRealProxier bool
|
||||||
|
ProxierSyncPeriod time.Duration
|
||||||
|
ProxierMinSyncPeriod time.Duration
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@@ -96,9 +94,6 @@ func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) {
|
|||||||
fs.IntVar(&c.ServerPort, "api-server-port", 443, "Port on which API server is listening.")
|
fs.IntVar(&c.ServerPort, "api-server-port", 443, "Port on which API server is listening.")
|
||||||
fs.StringVar(&c.Morph, "morph", "", fmt.Sprintf("Specifies into which Hollow component this binary should morph. Allowed values: %v", knownMorphs.List()))
|
fs.StringVar(&c.Morph, "morph", "", fmt.Sprintf("Specifies into which Hollow component this binary should morph. Allowed values: %v", knownMorphs.List()))
|
||||||
fs.StringVar(&c.ContentType, "kube-api-content-type", "application/vnd.kubernetes.protobuf", "ContentType of requests sent to apiserver.")
|
fs.StringVar(&c.ContentType, "kube-api-content-type", "application/vnd.kubernetes.protobuf", "ContentType of requests sent to apiserver.")
|
||||||
fs.BoolVar(&c.UseRealProxier, "use-real-proxier", true, "Set to true if you want to use real proxier inside hollow-proxy.")
|
|
||||||
fs.DurationVar(&c.ProxierSyncPeriod, "proxier-sync-period", 30*time.Second, "Period that proxy rules are refreshed in hollow-proxy.")
|
|
||||||
fs.DurationVar(&c.ProxierMinSyncPeriod, "proxier-min-sync-period", 0, "Minimum period that proxy rules are refreshed in hollow-proxy.")
|
|
||||||
bindableNodeLabels := cliflag.ConfigurationMap(c.NodeLabels)
|
bindableNodeLabels := cliflag.ConfigurationMap(c.NodeLabels)
|
||||||
fs.Var(&bindableNodeLabels, "node-labels", "Additional node labels")
|
fs.Var(&bindableNodeLabels, "node-labels", "Additional node labels")
|
||||||
fs.Var(utilflag.RegisterWithTaintsVar{Value: &c.RegisterWithTaints}, "register-with-taints", "Register the node with the given list of taints (comma separated \"<key>=<value>:<effect>\"). No-op if register-node is false.")
|
fs.Var(utilflag.RegisterWithTaintsVar{Value: &c.RegisterWithTaints}, "register-with-taints", "Register the node with the given list of taints (comma separated \"<key>=<value>:<effect>\"). No-op if register-node is false.")
|
||||||
@@ -106,6 +101,13 @@ func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) {
|
|||||||
bindableExtendedResources := cliflag.ConfigurationMap(c.ExtendedResources)
|
bindableExtendedResources := cliflag.ConfigurationMap(c.ExtendedResources)
|
||||||
fs.Var(&bindableExtendedResources, "extended-resources", "Register the node with extended resources (comma separated \"<name>=<quantity>\")")
|
fs.Var(&bindableExtendedResources, "extended-resources", "Register the node with extended resources (comma separated \"<name>=<quantity>\")")
|
||||||
fs.BoolVar(&c.UseHostImageService, "use-host-image-service", true, "Set to true if the hollow-kubelet should use the host image service. If set to false the fake image service will be used")
|
fs.BoolVar(&c.UseHostImageService, "use-host-image-service", true, "Set to true if the hollow-kubelet should use the host image service. If set to false the fake image service will be used")
|
||||||
|
|
||||||
|
fs.BoolVar(&c.UseRealProxier, "use-real-proxier", true, "Has no effect.")
|
||||||
|
_ = fs.MarkDeprecated("use-real-proxier", "This flag is deprecated and will be removed in a future release.")
|
||||||
|
fs.DurationVar(&c.ProxierSyncPeriod, "proxier-sync-period", 30*time.Second, "Has no effect.")
|
||||||
|
_ = fs.MarkDeprecated("proxier-sync-period", "This flag is deprecated and will be removed in a future release.")
|
||||||
|
fs.DurationVar(&c.ProxierMinSyncPeriod, "proxier-min-sync-period", 0, "Has no effect.")
|
||||||
|
_ = fs.MarkDeprecated("proxier-min-sync-period", "This flag is deprecated and will be removed in a future release.")
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *hollowNodeConfig) createClientConfigFromFile() (*restclient.Config, error) {
|
func (c *hollowNodeConfig) createClientConfigFromFile() (*restclient.Config, error) {
|
||||||
@@ -272,30 +274,16 @@ func run(config *hollowNodeConfig) error {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Failed to create API Server client, error: %w", err)
|
return fmt.Errorf("Failed to create API Server client, error: %w", err)
|
||||||
}
|
}
|
||||||
iptInterface := fakeiptables.NewFake()
|
|
||||||
sysctl := fakesysctl.NewFake()
|
|
||||||
execer := &fakeexec.FakeExec{
|
|
||||||
LookPathFunc: func(_ string) (string, error) { return "", errors.New("fake execer") },
|
|
||||||
}
|
|
||||||
eventBroadcaster := events.NewBroadcaster(&events.EventSinkImpl{Interface: client.EventsV1()})
|
eventBroadcaster := events.NewBroadcaster(&events.EventSinkImpl{Interface: client.EventsV1()})
|
||||||
recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, "kube-proxy")
|
recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, "kube-proxy")
|
||||||
|
|
||||||
hollowProxy, err := kubemarkproxy.NewHollowProxyOrDie(
|
hollowProxy := kubemarkproxy.NewHollowProxy(
|
||||||
config.NodeName,
|
config.NodeName,
|
||||||
client,
|
client,
|
||||||
client.CoreV1(),
|
client.CoreV1(),
|
||||||
iptInterface,
|
|
||||||
sysctl,
|
|
||||||
execer,
|
|
||||||
eventBroadcaster,
|
eventBroadcaster,
|
||||||
recorder,
|
recorder,
|
||||||
config.UseRealProxier,
|
|
||||||
config.ProxierSyncPeriod,
|
|
||||||
config.ProxierMinSyncPeriod,
|
|
||||||
)
|
)
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("Failed to create hollowProxy instance, error: %w", err)
|
|
||||||
}
|
|
||||||
return hollowProxy.Run()
|
return hollowProxy.Run()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -27,20 +27,10 @@ import (
|
|||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
|
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
|
||||||
"k8s.io/client-go/tools/events"
|
"k8s.io/client-go/tools/events"
|
||||||
utilsysctl "k8s.io/component-helpers/node/util/sysctl"
|
|
||||||
proxyapp "k8s.io/kubernetes/cmd/kube-proxy/app"
|
proxyapp "k8s.io/kubernetes/cmd/kube-proxy/app"
|
||||||
"k8s.io/kubernetes/pkg/proxy"
|
|
||||||
proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config"
|
proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config"
|
||||||
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
||||||
"k8s.io/kubernetes/pkg/proxy/iptables"
|
|
||||||
proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables"
|
|
||||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
|
||||||
utilnode "k8s.io/kubernetes/pkg/util/node"
|
|
||||||
utilexec "k8s.io/utils/exec"
|
|
||||||
netutils "k8s.io/utils/net"
|
|
||||||
"k8s.io/utils/ptr"
|
"k8s.io/utils/ptr"
|
||||||
|
|
||||||
"k8s.io/klog/v2"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type HollowProxy struct {
|
type HollowProxy struct {
|
||||||
@@ -64,67 +54,13 @@ func (*FakeProxier) OnEndpointSliceUpdate(oldSlice, slice *discoveryv1.EndpointS
|
|||||||
func (*FakeProxier) OnEndpointSliceDelete(slice *discoveryv1.EndpointSlice) {}
|
func (*FakeProxier) OnEndpointSliceDelete(slice *discoveryv1.EndpointSlice) {}
|
||||||
func (*FakeProxier) OnEndpointSlicesSynced() {}
|
func (*FakeProxier) OnEndpointSlicesSynced() {}
|
||||||
|
|
||||||
func NewHollowProxyOrDie(
|
func NewHollowProxy(
|
||||||
nodeName string,
|
nodeName string,
|
||||||
client clientset.Interface,
|
client clientset.Interface,
|
||||||
eventClient v1core.EventsGetter,
|
eventClient v1core.EventsGetter,
|
||||||
iptInterface utiliptables.Interface,
|
|
||||||
sysctl utilsysctl.Interface,
|
|
||||||
execer utilexec.Interface,
|
|
||||||
broadcaster events.EventBroadcaster,
|
broadcaster events.EventBroadcaster,
|
||||||
recorder events.EventRecorder,
|
recorder events.EventRecorder,
|
||||||
useRealProxier bool,
|
) *HollowProxy {
|
||||||
proxierSyncPeriod time.Duration,
|
|
||||||
proxierMinSyncPeriod time.Duration,
|
|
||||||
) (*HollowProxy, error) {
|
|
||||||
// Create proxier and service/endpoint handlers.
|
|
||||||
var proxier proxy.Provider
|
|
||||||
var err error
|
|
||||||
|
|
||||||
if useRealProxier {
|
|
||||||
nodeIP := utilnode.GetNodeIP(client, nodeName)
|
|
||||||
if nodeIP == nil {
|
|
||||||
klog.InfoS("Can't determine this node's IP, assuming 127.0.0.1")
|
|
||||||
nodeIP = netutils.ParseIPSloppy("127.0.0.1")
|
|
||||||
}
|
|
||||||
family := v1.IPv4Protocol
|
|
||||||
if iptInterface.IsIPv6() {
|
|
||||||
family = v1.IPv6Protocol
|
|
||||||
}
|
|
||||||
// Real proxier with fake iptables, sysctl, etc underneath it.
|
|
||||||
//var err error
|
|
||||||
proxier, err = iptables.NewProxier(
|
|
||||||
family,
|
|
||||||
iptInterface,
|
|
||||||
sysctl,
|
|
||||||
execer,
|
|
||||||
proxierSyncPeriod,
|
|
||||||
proxierMinSyncPeriod,
|
|
||||||
false,
|
|
||||||
false,
|
|
||||||
0,
|
|
||||||
proxyutiliptables.NewNoOpLocalDetector(),
|
|
||||||
nodeName,
|
|
||||||
nodeIP,
|
|
||||||
recorder,
|
|
||||||
nil,
|
|
||||||
[]string{},
|
|
||||||
false,
|
|
||||||
)
|
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("unable to create proxier: %v", err)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
proxier = &FakeProxier{}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create a Hollow Proxy instance.
|
|
||||||
nodeRef := &v1.ObjectReference{
|
|
||||||
Kind: "Node",
|
|
||||||
Name: nodeName,
|
|
||||||
UID: types.UID(nodeName),
|
|
||||||
Namespace: "",
|
|
||||||
}
|
|
||||||
return &HollowProxy{
|
return &HollowProxy{
|
||||||
ProxyServer: &proxyapp.ProxyServer{
|
ProxyServer: &proxyapp.ProxyServer{
|
||||||
Config: &proxyconfigapi.KubeProxyConfiguration{
|
Config: &proxyconfigapi.KubeProxyConfiguration{
|
||||||
@@ -134,12 +70,17 @@ func NewHollowProxyOrDie(
|
|||||||
},
|
},
|
||||||
|
|
||||||
Client: client,
|
Client: client,
|
||||||
Proxier: proxier,
|
Proxier: &FakeProxier{},
|
||||||
Broadcaster: broadcaster,
|
Broadcaster: broadcaster,
|
||||||
Recorder: recorder,
|
Recorder: recorder,
|
||||||
NodeRef: nodeRef,
|
NodeRef: &v1.ObjectReference{
|
||||||
|
Kind: "Node",
|
||||||
|
Name: nodeName,
|
||||||
|
UID: types.UID(nodeName),
|
||||||
|
Namespace: "",
|
||||||
},
|
},
|
||||||
}, nil
|
},
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hp *HollowProxy) Run() error {
|
func (hp *HollowProxy) Run() error {
|
||||||
|
|||||||
1
vendor/modules.txt
vendored
1
vendor/modules.txt
vendored
@@ -2067,7 +2067,6 @@ k8s.io/component-helpers/auth/rbac/validation
|
|||||||
k8s.io/component-helpers/node/topology
|
k8s.io/component-helpers/node/topology
|
||||||
k8s.io/component-helpers/node/util
|
k8s.io/component-helpers/node/util
|
||||||
k8s.io/component-helpers/node/util/sysctl
|
k8s.io/component-helpers/node/util/sysctl
|
||||||
k8s.io/component-helpers/node/util/sysctl/testing
|
|
||||||
k8s.io/component-helpers/scheduling/corev1
|
k8s.io/component-helpers/scheduling/corev1
|
||||||
k8s.io/component-helpers/scheduling/corev1/nodeaffinity
|
k8s.io/component-helpers/scheduling/corev1/nodeaffinity
|
||||||
k8s.io/component-helpers/storage/ephemeral
|
k8s.io/component-helpers/storage/ephemeral
|
||||||
|
|||||||
Reference in New Issue
Block a user