Implements Service Internal Traffic Policy

1. Add API definitions; 2. Add feature gate and drops the field when feature gate is not on; 3. Set default values for the field; 4. Add API Validation 5. add kube-proxy iptables and ipvs implementations 6. add tests
2020-11-15 23:59:58 -08:00
parent 9a9a9b014c
commit 7ed2f1d94d
28 changed files with 3463 additions and 58 deletions
--- a/staging/src/k8s.io/api/core/v1/types.go
+++ b/staging/src/k8s.io/api/core/v1/types.go
@@ -3940,6 +3940,19 @@ const (
 	ServiceTypeExternalName ServiceType = "ExternalName"
 )

+// ServiceInternalTrafficPolicyType describes the type of traffic routing for
+// internal traffic
+type ServiceInternalTrafficPolicyType string
+
+const (
+	// ServiceInternalTrafficPolicyCluster routes traffic to all endpoints
+	ServiceInternalTrafficPolicyCluster ServiceInternalTrafficPolicyType = "Cluster"
+
+	// ServiceInternalTrafficPolicyLocal only routes to node-local
+	// endpoints, otherwise drops the traffic
+	ServiceInternalTrafficPolicyLocal ServiceInternalTrafficPolicyType = "Local"
+)
+
 // Service External Traffic Policy Type string
 type ServiceExternalTrafficPolicyType string

@@ -4272,9 +4285,19 @@ type ServiceSpec struct {
 	// implementation (e.g. cloud providers) should ignore Services that set this field.
 	// This field can only be set when creating or updating a Service to type 'LoadBalancer'.
 	// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.
-	// featureGate=LoadBalancerClass
+	// +featureGate=LoadBalancerClass
 	// +optional
 	LoadBalancerClass *string `json:"loadBalancerClass,omitempty" protobuf:"bytes,21,opt,name=loadBalancerClass"`
+
+	// InternalTrafficPolicy specifies if the cluster internal traffic
+	// should be routed to all endpoints or node-local endpoints only.
+	// "Cluster" routes internal traffic to a Service to all endpoints.
+	// "Local" routes traffic to node-local endpoints only, traffic is
+	// dropped if no node-local endpoints are ready.
+	// The default value is "Cluster".
+	// +featureGate=ServiceInternalTrafficPolicy
+	// +optional
+	InternalTrafficPolicy *ServiceInternalTrafficPolicyType `json:"internalTrafficPolicy,omitempty" protobuf:"bytes,22,opt,name=internalTrafficPolicy"`
 }

 // ServicePort contains information on service's port.
--- a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go
+++ b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go
@@ -2258,6 +2258,7 @@ var map_ServiceSpec = map[string]string{
 	"ipFamilyPolicy":                "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service, and is gated by the \"IPv6DualStack\" feature gate.  If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field.  This field will be wiped when updating a service to type ExternalName.",
 	"allocateLoadBalancerNodePorts": "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer.  Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. allocateLoadBalancerNodePorts may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. This field is alpha-level and is only honored by servers that enable the ServiceLBNodePortControl feature.",
 	"loadBalancerClass":             "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. featureGate=LoadBalancerClass",
+	"internalTrafficPolicy":         "InternalTrafficPolicy specifies if the cluster internal traffic should be routed to all endpoints or node-local endpoints only. \"Cluster\" routes internal traffic to a Service to all endpoints. \"Local\" routes traffic to node-local endpoints only, traffic is dropped if no node-local endpoints are ready. featureGate=ServiceInternalTrafficPolicy",
 }

 func (ServiceSpec) SwaggerDoc() map[string]string {
--- a/staging/src/k8s.io/api/core/v1/zz_generated.deepcopy.go
+++ b/staging/src/k8s.io/api/core/v1/zz_generated.deepcopy.go
@@ -5350,6 +5350,11 @@ func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) {
 		*out = new(string)
 		**out = **in
 	}
+	if in.InternalTrafficPolicy != nil {
+		in, out := &in.InternalTrafficPolicy, &out.InternalTrafficPolicy
+		*out = new(ServiceInternalTrafficPolicyType)
+		**out = **in
+	}
 	return
 }

--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.json
@@ -84,7 +84,8 @@
    ],
    "ipFamilyPolicy": "9ȫŚ",
    "allocateLoadBalancerNodePorts": true,
-    "loadBalancerClass": "31"
+    "loadBalancerClass": "31",
+    "internalTrafficPolicy": ""
  },
  "status": {
    "loadBalancer": {
@@ -94,8 +95,8 @@
          "hostname": "33",
          "ports": [
            {
-              "port": -907310967,
-              "protocol": "喂ƈ斎AO6",
+              "port": 684408190,
+              "protocol": "ƈ斎AO6ĴC浔Ű",
              "error": "34"
            }
          ]
@@ -105,9 +106,9 @@
    "conditions": [
      {
        "type": "35",
-        "status": "C",
-        "observedGeneration": -2492120148461555858,
-        "lastTransitionTime": "2392-12-09T15:37:55Z",
+        "status": "ž(-譵",
+        "observedGeneration": -8651056334266075769,
+        "lastTransitionTime": "2404-01-10T11:35:42Z",
        "reason": "36",
        "message": "37"
      }
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Service.yaml
@@ -39,6 +39,7 @@ spec:
  externalName: "29"
  externalTrafficPolicy: ƏS$+½H牗洝尿
  healthCheckNodePort: -1965738697
+  internalTrafficPolicy: ""
  ipFamilies:
  - 斬³;Ơ歿:狞夌碕ʂɭîcP$Iņɖ
  ipFamilyPolicy: 9ȫŚ
@@ -65,11 +66,11 @@ spec:
  type: 鮽ort昍řČ扷5ƗǸƢ6/ʕVŚ(Ŀ
 status:
  conditions:
-  - lastTransitionTime: "2392-12-09T15:37:55Z"
+  - lastTransitionTime: "2404-01-10T11:35:42Z"
    message: "37"
-    observedGeneration: -2492120148461555858
+    observedGeneration: -8651056334266075769
    reason: "36"
-    status: C
+    status: ž(-譵
    type: "35"
  loadBalancer:
    ingress:
@@ -77,5 +78,5 @@ status:
      ip: "32"
      ports:
      - error: "34"
-        port: -907310967
-        protocol: 喂ƈ斎AO6
+        port: 684408190
+        protocol: ƈ斎AO6ĴC浔Ű
--- a/staging/src/k8s.io/client-go/applyconfigurations/core/v1/servicespec.go
+++ b/staging/src/k8s.io/client-go/applyconfigurations/core/v1/servicespec.go
@@ -44,6 +44,7 @@ type ServiceSpecApplyConfiguration struct {
 	IPFamilyPolicy                *corev1.IPFamilyPolicyType               `json:"ipFamilyPolicy,omitempty"`
 	AllocateLoadBalancerNodePorts *bool                                    `json:"allocateLoadBalancerNodePorts,omitempty"`
 	LoadBalancerClass             *string                                  `json:"loadBalancerClass,omitempty"`
+	InternalTrafficPolicy         *corev1.ServiceInternalTrafficPolicyType `json:"internalTrafficPolicy,omitempty"`
 }

 // ServiceSpecApplyConfiguration constructs an declarative configuration of the ServiceSpec type for use with
@@ -224,3 +225,11 @@ func (b *ServiceSpecApplyConfiguration) WithLoadBalancerClass(value string) *Ser
 	b.LoadBalancerClass = &value
 	return b
 }
+
+// WithInternalTrafficPolicy sets the InternalTrafficPolicy field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the InternalTrafficPolicy field is set to the value of the last call.
+func (b *ServiceSpecApplyConfiguration) WithInternalTrafficPolicy(value corev1.ServiceInternalTrafficPolicyType) *ServiceSpecApplyConfiguration {
+	b.InternalTrafficPolicy = &value
+	return b
+}