github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
94,213 Commits 1 Branch 31 Tags 1,019 MiB
15db82234f
Commit Graph

1350 Commits

Author SHA1 Message Date
Amim Knabben
a18e5de51a LockToDefault the ExternalPolicyForExternalIP feature gate 2020-09-16 13:16:33 -04:00
tangwz
a143803066 remove feature gate SupportIPVSProxyMode. 2020-09-10 09:03:00 +08:00
elweb9858
b29379687f Updating winkernel kube-proxy OWNERS file 2020-09-03 14:55:09 -07:00
Kubernetes Prow Robot
b2cba08217
Merge pull request #93979 from dcbw/userspace-proxy-test-waitgroups 
proxy/userspace: use waitgroups instead of sketchy atomic ops in testcases
 2020-09-02 17:05:40 -07:00
Dan Williams
0cb5e55409 proxy/userspace: clean up and consolidate testcase setup 2020-09-02 16:20:13 -05:00
Dan Williams
1372bd94fe proxy/userspace: use waitgroups instead of sketchy atomic ops in testcases 
Instead of relying on atomic ops to increment/decrement at the right time
just use waitgroups to provide hard synchronization points.
 2020-09-02 16:20:13 -05:00
Daniel Smith
a86afc12df update scripts 2020-09-02 10:49:40 -07:00
Daniel Smith
75f835aa08 move port definitions to a common location 2020-09-02 10:48:25 -07:00
Kubernetes Prow Robot
163504e9ae
Merge pull request #94107 from robscott/kube-proxy-source-ranges-fix 
Updating kube-proxy to trim space from loadBalancerSourceRanges
 2020-09-01 18:43:51 -07:00
Kubernetes Prow Robot
6e7086d7ca
Merge pull request #93638 from sbangari/refcountfix3 
Avoid dereferencing same endpoint twice on the deletion or update of a service
 2020-09-01 16:35:06 -07:00
Kubernetes Prow Robot
1364a6028d
Merge pull request #92759 from kumarvin123/master 
Updating the Reviewers / Approvers for WinKernel Proxier
 2020-08-27 00:07:16 -07:00
Rob Scott
c382c79f60
Updating kube-proxy to trim space from loadBalancerSourceRanges 
Before this fix, a Service with a loadBalancerSourceRange value that
included a space would cause kube-proxy to crashloop. This updates
kube-proxy to trim any space from that field.
 2020-08-20 18:19:52 -07:00
Vinod K L Swamy
e9719ebc46
Updating the Reviewers / Approvers for WinKernel Proxier 2020-08-03 17:16:22 -07:00
Sravanth Bangari
b96cebf222 fix the remote endpoint cleanup logic 2020-08-03 14:57:44 -07:00
Jordan Liggitt
f33dc28094 generated: hack/update-hack-tools.sh && hack/update-vendor.sh 2020-07-25 16:45:02 -04:00
Kubernetes Prow Robot
11348a38d7
Merge pull request #92871 from liggitt/kube-features 
Move proxy features to kube_features
 2020-07-11 20:57:22 -07:00
Kubernetes Prow Robot
76e3b255e1
Merge pull request #92836 from aojea/minsyncperiod 
kube-proxy iptables min-sync-period default 1sec
 2020-07-11 20:56:03 -07:00
Rob Scott
8039cf9bb1
Graduating EndpointSliceProxying to beta for Linux 2020-07-07 14:18:03 -07:00
Jordan Liggitt
8d03ace92b Move proxy features to kube_features 2020-07-07 12:34:18 -04:00
Antonio Ojea
f8e64d31f9 kube-proxy iptables min-sync-period default 1sec 
Currently kube-proxy defaults the min-sync-period for
iptables to 0. However, as explained by Dan Winship,

"With minSyncPeriod: 0, you run iptables-restore 100 times.
 With minSyncPeriod: 1s , you run iptables-restore once.
 With minSyncPeriod: 10s , you also run iptables-restore once,
 but you might have to wait 10 seconds first"
 2020-07-07 11:23:00 +02:00
Andrew Sy Kim
de2ecd7e2f proxier/ipvs: check already binded addresses in the IPVS dummy interface 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
Co-authored-by: Laurent Bernaille <laurent.bernaille@gmail.com>
 2020-07-02 15:32:21 -04:00
Kubernetes Prow Robot
4d0ce2e708
Merge pull request #92584 from aojea/ipvsfix 
IPVS: kubelet, kube-proxy: unmark packets before masquerading …
 2020-07-01 23:13:57 -07:00
Kubernetes Prow Robot
8623c26150
Merge pull request #90909 from kumarvin123/feature/WindowsEpSlices 
EndPointSlices implementation for Windows
 2020-07-01 23:12:01 -07:00
Antonio Ojea
c40081b550 kube-proxy ipvs masquerade hairpin traffic 
Masquerade de traffic that loops back to the originator
before they hit the kubernetes-specific postrouting rules

Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2020-07-01 09:16:19 +02:00
Antonio Ojea
c7a29774c9 kube-proxy dual-stack infers IP family from ClusterIP 
when dual-stack kube-proxy infers the service IP family from
the ClusterIP because ipFamily field is going to be deprecated.

Since kube-proxy skip headless and externalname services we
can safely obtain the IPFamily from the ClusterIP field

Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2020-06-30 18:42:19 +02:00
Antonio Ojea
a46e1f0613 kube-proxy ShouldSkipService takes only one argument 
instead of receiving the service name and namespace we
can obtain it from the service object directly.

Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2020-06-30 18:42:15 +02:00
Kubernetes Prow Robot
8a76c27b8d
Merge pull request #88573 from davidstack/master 
the result value of functrion NodeIPS will contain the docker0 ip , update the comment
 2020-06-30 00:01:59 -07:00
Vinod K L Swamy
bbd4a07dec
Changes to WinKernel to support EndpointSlices 2020-06-29 14:31:15 -07:00
Vinod K L Swamy
4505d5b182
Changes to Proxy common code 2020-06-29 14:29:46 -07:00
Damon Wang
b199dd8ee1 update the comment of NodeIPs function 2020-06-29 15:29:16 +08:00
Kubernetes Prow Robot
73fa63a86d
Merge pull request #92035 from danwinship/unmark-before-masq 
kubelet, kube-proxy: unmark packets before masquerading them
 2020-06-16 00:50:03 -07:00
Dan Winship
c12534d8b4 kubelet, kube-proxy: unmark packets before masquerading them 
It seems that if you set the packet mark on a packet and then route
that packet through a kernel VXLAN interface, the VXLAN-encapsulated
packet will still have the mark from the original packet. Since our
NAT rules are based on the packet mark, this was causing us to
double-NAT some packets, which then triggered a kernel checksumming
bug. But even without the checksum bug, there are reasons to avoid
double-NATting, so fix the rules to unmark the packets before
masquerading them.
 2020-06-15 18:45:38 -04:00
Kubernetes Prow Robot
35fc65dc2c
Merge pull request #89998 from Nordix/issue-89923 
Filter nodePortAddresses to proxiers
 2020-06-13 09:39:55 -07:00
Vinod K L Swamy
ac3f87346f
KubeProxy and DockerShim changes for Ipv6 dual stack support on Windows 
Signed-off-by: Vinod K L Swamy <vinodko@microsoft.com>
 2020-06-10 15:36:48 -07:00
Kubernetes Prow Robot
6ac3ca4b17
Merge pull request #91886 from sbangari/fixsourcevip 
Fix access to Kubernetes Service from inside Windows Pod when two ser…
 2020-06-09 14:49:50 -07:00
Kubernetes Prow Robot
b731b2ebbc
Merge pull request #91905 from lo24/master 
fix minor typos in ipvs readme.md
 2020-06-09 03:13:18 -07:00
Kubernetes Prow Robot
86e14157d0
Merge pull request #91706 from sbangari/remoteendpointrefcount 
Fixing refcounting of remote endpoints used across services
 2020-06-08 21:43:34 -07:00
Sravanth Bangari
c3eb69c1f1 Fix access to Kubernetes Service from inside Windows Pod when two services have same NodeIp as backend (Overlay) 2020-06-08 11:20:56 -07:00
lo24
491961e03c fix minor typos in ipvs readme.md 2020-06-08 14:31:39 +00:00
Sravanth Bangari
cd43fc94f7 Fixing refcounting of remote endpoints used across services 2020-06-04 21:59:14 -07:00
Kubernetes Prow Robot
98de6bd142
Merge pull request #91701 from elweb9858/sessionaffinity 
Adding windows implementation for sessionaffinity
 2020-06-03 17:44:43 -07:00
elweb9858
44096b8f71 Adding windows implementation for sessionaffinity 2020-06-03 13:41:59 -07:00
Kubernetes Prow Robot
8f5e8514b3
Merge pull request #90103 from SataQiu/refactor-proxy-20200413 
kube-proxy: move GetNodeAddresses call out of internal loop to avoid repeated computation
 2020-06-02 19:44:17 -07:00
Andrew Sy Kim
18741157ef proxier/ipvs: remove redundant length check for node addresses 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-05-28 11:48:48 -04:00
Andrew Sy Kim
f96d35fc11 proxy utils: GetNodeAddresses should check if matching addresses were found 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-05-26 12:45:32 -04:00
Andrew Sy Kim
a99321c87c proxy utils: check network interfaces only once 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-05-26 12:12:15 -04:00
SataQiu
b68312e688 kube-proxy: move GetNodeAddresses call out of internal loop to avoid repeated computation 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-05-26 15:32:05 +08:00
Davanum Srinivas
07d88617e5
Run hack/update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:27 -04:00
Lars Ekman
f54b8f98b9 Filter nodePortAddresses to the proxiers. 
Log a warning for addresses of wrong family.
 2020-05-15 09:54:33 +02:00