Commit Graph

2288 Commits

Author SHA1 Message Date
Antonio Ojea
924553b7ee iptables don't do reverse DNS lookups
the iptables monitor was using iptables -L to list the chains,
without the -n option, so it was trying to do reverse DNS lookups.
A side effect is that it was holding the lock, so other components
could not use it.
We can use -S instead of -L -n to avoid this, since we only want
to check the chain exists.
2020-07-08 18:39:22 +02:00
Kubernetes Prow Robot
94e1c54735
Merge pull request #92655 from BenTheElder/cleanup-some-owners
Cleanup some owners
2020-07-01 23:14:08 -07:00
Benjamin Elder
2abc8afece eparis to emeritus 2020-06-30 09:50:44 -07:00
Kubernetes Prow Robot
a5b0e44196
Merge pull request #92440 from luigibk/ebtables-broutetable-and-deleterule
Add ebtables rule delete function + broute table + brouting chain
2020-06-29 18:34:26 -07:00
Benjamin Elder
d1ec9b3f9c fix pkg/util/coverage staticcheck 2020-06-23 18:30:32 -07:00
Luigi Bitonti
51f788c6dc Add ebtables rule delete function + broute table + brouting chain 2020-06-22 09:07:29 +01:00
Kubernetes Prow Robot
ef198ec7ca
Merge pull request #90316 from tangcong/fix-ipvs-staticheck-err
fix ipvs staticcheck error
2020-05-19 20:34:32 -07:00
Kubernetes Prow Robot
b170451caa
Merge pull request #90183 from dims/update-kubernetes-to-klog-v2
Update kubernetes to klog v2
2020-05-16 18:59:51 -07:00
Kubernetes Prow Robot
9769e0f5da
Merge pull request #90008 from gavinfish/scheduler-utilparsers
Scheduler: remove direct import to /pkg/util/parsers
2020-05-16 07:35:49 -07:00
Davanum Srinivas
07d88617e5
Run hack/update-vendor.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2020-05-16 07:54:27 -04:00
cici37
7f4d19167e Move pkg/util/configz to k8s.io/component-base 2020-04-29 12:17:25 -07:00
drfish
0b715ea690 Scheduler: remove direct import to /pkg/util/parsers 2020-04-26 23:41:52 +08:00
Kubernetes Prow Robot
15ed3b36d1
Merge pull request #90235 from cici37/addflag
Remove CCM dependency pkg/util/flag
2020-04-22 19:22:14 -07:00
Kubernetes Prow Robot
d2dcd6c399
Merge pull request #89896 from carlosedp/fix-89597
Add error messages to IPVS module
2020-04-22 17:02:41 -07:00
Carlos de Paula
b3d84fac52 Add error messages to IPVS module
Signed-off-by: Carlos de Paula <me@carlosedp.com>
2020-04-22 15:21:15 -03:00
cici37
15c844031f Remove CCM dependency pkg/util/flag 2020-04-22 10:06:11 -07:00
Jie Shen
363bb39142
Use utils.net to parse ports instead of atoi (#89120) 2020-04-21 20:55:52 -07:00
tangcong
764b902d72 fix ipvs staticcheck error 2020-04-21 07:25:28 +08:00
Steve Azzopardi
4936cd476b
Fix golint issues for pkg/util/rlimit
pkg/util/rlimit/rlimit_linux.go:25:1: exported function RlimitNumFiles should have comment or be unexported
pkg/util/rlimit/rlimit_linux.go:25:6: func name will be used as rlimit.RlimitNumFiles by other packages, and that stutters; consider calling this NumFiles
pkg/util/rlimit/rlimit_unsupported.go:25:1: exported function RlimitNumFiles should have comment or be unexported
pkg/util/rlimit/rlimit_unsupported.go:25:6: func name will be used as rlimit.RlimitNumFiles by other packages, and that stutters; consider calling this NumFiles

Ref: https://github.com/kubernetes/kubernetes/issues/68026
2020-04-14 21:00:41 +02:00
Tim Hockin
9551ecb7c3 Cleanup: Change "Ip" to "IP" in func and var names 2020-04-10 15:29:50 -07:00
Tim Hockin
efb24d44c6 Rename iptables IsIpv6 to IsIPv6 2020-04-10 15:29:50 -07:00
Tim Hockin
ef934a2c5e Add Protocol() method to iptables
Enables simpler printing of which IP family the iptables interface is
managing.
2020-04-10 15:29:49 -07:00
Kubernetes Prow Robot
ad4bd386eb
Merge pull request #86752 from SataQiu/fix-kubelet-20191231
Add error handler for rlimit.RlimitNumFiles
2020-04-01 22:14:38 -07:00
Kubernetes Prow Robot
c2ae0bd763
Merge pull request #74073 from Nordix/issue-70020
Issue #70020; Flush Conntrack entities for SCTP
2020-04-01 22:14:24 -07:00
Ricardo Pchevuzinske Katz
5c48f209a5 Update ipvs library to the new repo and upgrade library version 2020-03-26 11:20:01 -03:00
Lars Ekman
aa8521df66 Issue #70020; Flush Conntrack entities for SCTP
Signed-off-by: Lars Ekman <lars.g.ekman@est.tech>
2020-03-11 09:56:54 +01:00
Kubernetes Prow Robot
e4e3d72f1c
Merge pull request #83572 from chendotjs/tc-fix
bandwidth: use regexp to handle tc output and add IPv6 support
2020-03-04 13:18:38 -08:00
chenyaqi01
ef5c920325 bandwidth: use regexp to handle tc output
fix newly-added 'chain N' output from 'tc filter show dev XXX'
2020-03-03 20:07:11 +08:00
Clayton Coleman
b252865479
kubelet: Avoid sending no-op patches
In an e2e run, out of 1857 pod status updates executed by the
Kubelet 453 (25%) were no-ops - they only contained the UID of
the pod and no status changes. If the patch is a no-op we can
avoid invoking the server and continue.
2020-02-26 23:06:38 -05:00
Satyadeep Musuvathy
8c6956e5bb Refactor handling of local traffic detection. 2020-02-21 17:57:34 -08:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
2637772298 some manual fixes 2020-02-07 18:17:40 -08:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
Kubernetes Prow Robot
1735f7a2b6
Merge pull request #87377 from gavinfish/pkg-util-netsh
Fix static check errors in pkg/util/netsh
2020-01-21 22:02:35 -08:00
drfish
f19f4e40f9 Fix static check errors in pkg/util/netsh 2020-01-20 13:25:34 +08:00
Guangwen Feng
e2e5bf5e0b Fix golint warning for pkg/util/procfs/procfs_linux.go
Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
2020-01-16 15:16:47 +08:00
SataQiu
51c742c1dd fix staticcheck failures of pkg/util/ipconfig pkg/util/iptables pkg/util/ipvs/testing 2020-01-09 16:05:11 +08:00
SataQiu
2a83443782 add error handler of unix.Setrlimit 2020-01-03 10:49:06 +08:00
Aresforchina
bfc4a7a1c5 fix staticcheck of pkg/util/ebtables 2020-01-02 18:16:50 +08:00
SataQiu
2497a1209b bump k8s.io/utils version 2019-12-21 14:54:44 +08:00
Kubernetes Prow Robot
e1c7112276
Merge pull request #85517 from andrewsykim/ipvs-timeout
support configuration of kube-proxy IPVS tcp,tcpfin,udp timeout
2019-12-17 12:00:43 -08:00
Kubernetes Prow Robot
d0e901807d
Merge pull request #85771 from aojea/iptables_lock
Be more agressive acquiring the iptables lock
2019-12-17 08:32:02 -08:00
Kubernetes Prow Robot
fb0956c234
Merge pull request #85016 from hvaara/fix-golint-pkg-util-sysctl-testing
Fix golint issues in pkg/util/sysctl/testing
2019-12-17 06:18:13 -08:00
Andrew Sy Kim
db2c048db9 support configuration of kube-proxy IPVS tcp,tcpfin,udp timeout
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
2019-12-17 04:35:08 -05:00
Jordan Liggitt
a65d8aeb76 Add UID precondition to kubelet pod status patch updates 2019-12-16 14:27:32 -05:00
Antonio Ojea
51814ae189
Be more agressive acquiring the iptables lock
iptables has two options to modify the behaviour trying to
acquire the lock.

--wait  -w [seconds]    maximum wait to acquire xtables lock
                        before give up
--wait-interval -W [usecs]  wait time to try to acquire xtables
                            lock
                            interval to wait for xtables lock
                            default is 1 second

Kubernetes uses -w 5 that means that wait 5 seconds to try to
acquire the lock. If we are not able to acquire it, kube-proxy
fails and retries in 30 seconds, that is an important penalty
on sensitive applications.
We can be a bit more aggresive and try to acquire the lock every
100 msec, that means that we have to fail 50 times to not being
able to succeed.
2019-12-03 17:38:13 +01:00
Kubernetes Prow Robot
c58b63267c
Merge pull request #85562 from gkarthiks/master
golint fixes for /pkg/util/iptables/testing
2019-11-27 10:46:45 -08:00
Kubernetes Prow Robot
7ed5eb6dcc
Merge pull request #81880 from MikeSpreitzer/fix81879
Bumped the number of times a node tries to lookup itself
2019-11-27 03:07:20 -08:00
gkarthiks
c38e79e76d refactor: incorporated the review comments
Signed-off-by: gkarthiks <github.gkarthiks@gmail.com>
2019-11-24 11:46:57 -08:00