github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
40,053 Commits 1 Branch 31 Tags 1,019 MiB
1552edbf0c
Commit Graph

79 Commits

Author SHA1 Message Date
Chao Xu
bcc783c594 run hack/update-all.sh 2016-11-23 15:53:09 -08:00
Chao Xu
5e1adf91df cmd/kubelet 2016-11-23 15:53:09 -08:00
bprashanth
11638e9ee1 Unittests 2016-10-31 13:05:20 -07:00
bprashanth
aee5b8099c Skip legacy features (hostport, bwshaping) 2016-10-31 13:05:19 -07:00
bprashanth
48db726342 Split network.Host into LegacyHost and NamespaceGetter 2016-10-31 13:05:19 -07:00
bprashanth
37bc34c567 periodically GC pod ips 2016-10-27 22:15:35 -07:00
Mike Danese
3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
Dan Williams
e2c96db72b kubenet: make it more apparent that kubenet ignores PodCIDR updates 
https://github.com/kubernetes/kubernetes/issues/32900
 2016-10-05 11:24:02 -05:00
Kubernetes Submit Queue
9c5bf904c2 Merge pull request #32217 from freehan/kubenetcheck 
Automatic merge from submit-queue

nit fixes

Do not merge yet. Wait till it gets bigger. 

fix included:
1. use golang native util to list dir
 2016-09-24 03:28:28 -07:00
Yifan Gu
5389a74388 kubenet: SyncHostports for both running and ready to run pods. 
This fixes the race that happens in rktnetes when pod B invokes
'kubenet.SetUpPod()' before another pod A becomes actually running.

The second 'kubenet.SetUpPod()' call will not pick up the pod A
and thus overwrite the host port iptable rules that breaks pod A.

This PR fixes the case by listing all 'active pods' (all non-exited
pods) instead of only running pods.
 2016-09-16 17:29:44 -07:00
Minhan Xia
8031c8d97b use golang native util to list dir 2016-09-07 10:42:27 -07:00
Kubernetes Submit Queue
2a7d0df30d Merge pull request #30727 from asalkeld/iptables-caps 
Automatic merge from submit-queue

Clean up IPTables caps i.e.: sed -i "s/Iptables/IPTables/g"

Fixes #30651
 2016-09-06 09:01:27 -07:00
Kubernetes Submit Queue
1e21eda604 Merge pull request #31197 from freehan/kubenethairpin 
Automatic merge from submit-queue

Deprecate the old cbr0 and flannel networking modes

fixes: #19766
 2016-09-02 18:51:05 -07:00
Minhan Xia
fd4c947de9 correct typo in kubenet config 2016-09-02 14:33:34 -07:00
Minhan Xia
20ed879faa kubenet checks required cni plugins are present 2016-09-01 17:16:05 -07:00
Angus Salkeld
f785f3d3ef Clean up IPTables caps i.e.: sed -i "s/Iptables/IPTables/g" 2016-08-29 10:34:42 +10:00
Kubernetes Submit Queue
d3ecad111e Merge pull request #28717 from freehan/ebtable 
Automatic merge from submit-queue

Filter duplicate network packets in promiscuous bridge mode (with ebtables)

also fixes: #30783
 2016-08-25 19:12:09 -07:00
Minhan Xia
c1d3c89cfa fix #30376 that broken cross-build 2016-08-24 13:18:18 -07:00
Minhan Xia
42a554ec0d add ebtables rules to filter duplicate packets 2016-08-24 10:19:29 -07:00
Minhan Xia
950e689637 kubenet set cbr0 mac address 2016-08-24 10:18:48 -07:00
Justin Santa Barbara
902ba4e249 Add network-plugin-mtu option for MTU selection 
MTU selection is difficult, and if there is a transport such as IPSEC in
use may be impossible.  So we allow specification of the MTU with the
network-plugin-mtu flag, and we pass this down into the network
provider.

Currently implemented by kubenet.
 2016-08-23 01:50:58 -04:00
Justin Santa Barbara
2c103af2b6 Create testable implementation of sysctl 
This is so we can test kubenet Init, which calls sysctl
 2016-08-23 01:42:37 -04:00
Wojciech Tyczynski
0459574450 Revert "Use netlink.SetPromiscOn instead of iproute2 command" 2016-08-22 10:28:11 +02:00
Kubernetes Submit Queue
ada5669c7f Merge pull request #30346 from dshulyak/promisc 
Automatic merge from submit-queue

Use netlink.SetPromiscOn instead of iproute2 command

Depends on https://github.com/vishvananda/netlink/pull/157
Related https://github.com/kubernetes/kubernetes/issues/26093
 2016-08-21 23:34:21 -07:00
Minhan Xia
85b2f9047a update godep to pull from containernetworking/cni 2016-08-19 13:31:50 -07:00
Dmitry Shulyak
b79a12c7ce Use netlink.SetPromiscOn instead of iproute2 command 2016-08-14 14:58:14 +03:00
Bryan Boreham
26a53fcd47 Use the CNI bridge plugin to set hairpin mode 
Pass the flag down in kubenet, and disable it in DockerManager
 2016-07-14 17:52:51 +01:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
k8s-merge-robot
8ed6c8eeb8 Merge pull request #27914 from yifan-gu/fix_kubenet_hostport 
Automatic merge from submit-queue

kubenet: Fix host port for rktnetes.

Because rkt pod runs after plugin.SetUpPod() is called, so
getRunningPods() does not return the newly created pod, which
causes the hostport iptable rules to be missing for this new pod.

cc @dcbw @freehan 

A follow up fix for https://github.com/kubernetes/kubernetes/pull/27878#issuecomment-227898936
 2016-06-23 18:48:45 -07:00
Yifan Gu
9140ce07bc kubenet: Fix host port for rktnetes. 
Because rkt pod runs after plugin.SetUpPod() is called, so
getRunningPods() does not return the newly created pod, which
causes the hostport iptable rules to be missing for this new pod.
 2016-06-23 13:17:01 -07:00
Minhan Xia
48169ce736 avoid deleting cbr0 address due to subnet string mismatch 2016-06-22 16:45:04 -07:00
Dan Williams
e47d020cb6 kubelet/kubenet: simplify getting nsenter path 2016-06-22 14:26:11 -05:00
Dan Williams
a657d0587b kubelet/kubenet: Fix getRunningPods() to support rkt pods 
Don't assume there's an infra container.
 2016-06-22 13:45:13 -05:00
Dan Williams
db078dbea4 kubelet/cni/kubenet: use common container IP address functions 2016-06-22 11:36:10 -05:00
Dan Williams
a519e8a403 kubenet: clean up networking when setup errors occur 
Relying on the runtime to later call cleanup is fragile, so make sure
that everything gets nicely cleaned up when setup errors occur.
 2016-06-16 13:53:28 -05:00
Dan Williams
965492fdd0 kubelet/kubenet: split hostport handling into separate module 2016-06-16 13:44:32 -05:00
k8s-merge-robot
805a0aae71 Merge pull request #27141 from freehan/hpfix 
Automatic merge from submit-queue

only handled non host network pods for hostports in kubenet

attempt to fix: #27118
 2016-06-09 22:08:10 -07:00
Minhan Xia
1276a91638 kubenet masqurade for outbound traffic 2016-06-09 18:43:34 -07:00
Minhan Xia
1b2386f1ce only handled non host network pods for hostports in kubenet 2016-06-09 11:32:16 -07:00
Minhan Xia
e9f8c70eaf pass NetworkPluginDir to kubenet 2016-06-03 10:22:49 -07:00
Euan Kemp
c83ad19ae9 kubenet: Fix ipv4 validity check 
The length of an IP can be 4 or 16, and even if 16 it can be a valid
ipv4 address. This check is the more-correct way to handle this, and it
also provides more granular error messages.
 2016-05-27 16:25:14 -07:00
Euan Kemp
93487867ac kubenet: Update empty ip check 
The previous check was incorrect because the `IP.String` method returns
`<nil>` and other non-empty-strings on error conditions.
 2016-05-27 10:47:13 -07:00
Euan Kemp
c4b8959a75 kubenet: Reduce loglevel of spammy message 
When no shaping is enabled, that warning would always be printed.
 2016-05-27 10:47:12 -07:00
Euan Kemp
7e0b9bfa66 kubenet: Fix panic when teardown run before setup 
Teardown can run before Setup when the kubelet is restarted... in that
case, the shaper was nil and thus calling the shaper resulted in a panic

This fixes that by ensuring the shaper is always set... +1 level of
indirection and all that.
 2016-05-27 10:47:12 -07:00
Euan Kemp
2f5e738dc1 kubenet: Fix inconsistent cidr usage/parsing 
Before this change, the podCIDRs map contained both cidrs and ips
depending on which code path entered a container into it.

Specifically, SetUpPod would enter a CIDR while GetPodNetworkStatus
would enter an IP.

This normalizes both of them to always enter just IP addresses.

This also removes the now-redundant cidr parsing that was used to get
the ip before
 2016-05-27 10:47:12 -07:00
Euan Kemp
766eb6f0f7 kubenet: Fix bug where shaper.Reset wasn't called 
The error check was inverse what it should have been, causing
shaper.Reset to only get called with invalid cidrs.
 2016-05-27 10:20:43 -07:00
Alex Robinson
07d9dff83c Merge pull request #26208 from freehan/kubenetteardownfix 
do not return error if TearDownPod is called twice
 2016-05-27 09:59:03 -07:00
Minhan Xia
0834dc489a do not return error if TearDownPod is called twice 2016-05-26 11:57:22 -07:00
Minhan Xia
6a3ad1d66d add hostport support for kubenet 2016-05-22 22:18:58 -07:00
Dan Williams
552b648caf kubenet: implement fake execer for testcases 
When the IP isn't in the internal map, GetPodNetworkStatus() needs
to call the execer for the 'nsenter' program.  That  means the execer
needs to be !nil, which it wasn't before.
 2016-05-18 11:28:05 -05:00