github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43,427 Commits 1 Branch 31 Tags 1,019 MiB
572e3bebcc
Commit Graph

91 Commits

Author SHA1 Message Date
Minhan Xia
572e3bebcc fix healthcheck update problem introduced by #41223 2017-02-13 12:18:42 -08:00
Minhan Xia
87fe4dca5e skip iptables sync if no endpoint changes 2017-02-10 10:03:23 -08:00
Klaus Ma
f6aa8bbb8f Updated NodeRef to clientv1.ObjectReference. 2017-02-07 06:27:06 +08:00
deads2k
8a12000402 move client/record 2017-01-31 19:14:13 -05:00
Dr. Stefan Schimanski
a6b2ebb50c pkg/flag: make feature gate extensible and split between generic and kube 2017-01-24 20:56:03 +01:00
Dr. Stefan Schimanski
56d60cfae6 pkg/util: move flags from pkg/util/config to pkg/util/flags 2017-01-24 20:56:03 +01:00
deads2k
5a8f075197 move authoritative client-go utils out of pkg 2017-01-24 08:59:18 -05:00
deads2k
c47717134b move utils used in restclient to client-go 2017-01-19 07:55:14 -05:00
Dan Williams
5907639140 proxy/iptables: clean up service map creation 
Instead of copying the map, like OnServicesUpdate() used to do and which
was copied into buildServiceMap() to preserve semantics while creating
testcases, start with a new empty map and do deletion checking later.
 2017-01-11 15:17:55 -06:00
Dan Williams
6aa784e6f2 proxy/iptables: don't sync proxy rules if services map didn't change 2017-01-11 14:46:12 -06:00
Dan Williams
433f6830f8 proxy/iptables: don't proxy ExternalName services 
The API docs say:

	// ServiceTypeExternalName means a service consists of only a reference to
	// an external name that kubedns or equivalent will return as a CNAME
	// record, with no exposing or proxying of any pods involved.

which implies that ExternalName services should be ignored for proxy
purposes.
 2017-01-11 14:46:12 -06:00
Dan Williams
eae2b8e9ba proxy/iptables: split out service map creation and add testcases 2017-01-11 14:46:12 -06:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Klaus Ma
b0dfa4ad47 Add event when failed to open local port. 2016-12-23 04:51:12 +08:00
Dan Winship
d95181fa1e Port iptables code to pkg/util/version, don't use semvers 2016-12-13 08:53:04 -05:00
Kubernetes Submit Queue
4fb21c8409 Merge pull request #37429 from andrewsykim/fix-kube-proxy-node-ip-warning 
Automatic merge from submit-queue (batch tested with PRs 35884, 37305, 37369, 37429, 35679)

fix mixleading warning message regarding kube-proxy nodeIP initializa…

The current warning message implies that the operator should restart kube-proxy with some flag related to node IP which can be very misleading.
 2016-12-08 03:55:17 -08:00
Kubernetes Submit Queue
6abb472357 Merge pull request #37720 from freehan/lb-src-update 
Automatic merge from submit-queue

Fix Service Update on LoadBalancerSourceRanges Field

Fixes: https://github.com/kubernetes/kubernetes/issues/33033
Also expands: https://github.com/kubernetes/kubernetes/pull/32748
 2016-12-01 18:21:39 -08:00
Lukasz Zajaczkowski
dc54a8d46e Bug fix. Incoming UDP packets not reach newly deployed services 2016-12-01 08:52:30 +01:00
Minhan Xia
1c2c0c1f63 support service loadBalancerSourceRange update 2016-11-30 15:27:34 -08:00
andrewsykim
439ab5a487 fix mixleading warning message regarding kube-proxy nodeIP initialization 2016-11-24 01:35:45 -05:00
Kubernetes Submit Queue
ddf5888da4 Merge pull request #35681 from vincentheet/issue-35677 
Automatic merge from submit-queue

Change stickyMaxAge from seconds to minutes, fixes issue #35677

**What this PR does / why we need it**: Increases the service sessionAfinity time from 180 seconds to 180 minutes for proxy mode iptables which was a bug introduced in a refactor.

**Which issue this PR fixes**: fixes #35677

**Special notes for your reviewer**: 

**Release note**:

``` release-note
Fixed wrong service sessionAffinity stickiness time from 180 sec to 180 minutes in proxy mode iptables.
```

Since there is no test for the sessionAffinity feature at the moment I wanted to create one but I don't know how.
 2016-11-22 10:35:36 -08:00
Mandar U Jog
3fdc343a98 Handle Empty clusterCIDR 
Empty clusterCIDR causes invalid rules generation.
Fixes issue #36652
 2016-11-15 14:34:25 -08:00
Zihong Zheng
55f75c37f7 Default to the old behavior for proxier sync. 2016-11-06 22:45:53 -08:00
Timothy St. Clair
2b012e822a Add minimum iptables sync period to the proxy, default is 2/sec 2016-11-04 00:38:35 -05:00
Vincent Heet
528bc97dd3 Change stickyMaxAge from seconds to minutes, fixes issue #35677 2016-10-27 09:56:17 +02:00
bprashanth
a46a849b9e Promote source ip annotations to beta 2016-10-19 13:39:37 -07:00
bprashanth
5cb8e8e1d6 Fix health check node port leak 2016-10-19 13:39:37 -07:00
bprashanth
06cbb36a1f Proxier unittests 2016-09-29 17:35:43 -07:00
bprashanth
93f9b54cab NodePorts understand OnlyLocal 2016-09-29 17:35:43 -07:00
Girish Kalele
d3a1510e02 Fix kube-proxy logic to change iptables chains when ESIPP is turned on or off 2016-09-06 11:04:36 -07:00
Angus Salkeld
f785f3d3ef Clean up IPTables caps i.e.: sed -i "s/Iptables/IPTables/g" 2016-08-29 10:34:42 +10:00
Kubernetes Submit Queue
189a870ec8 Merge pull request #30376 from justinsb/kubenet_mtu 
Automatic merge from submit-queue

Add kubelet --network-plugin-mtu flag for MTU selection

* Add network-plugin-mtu option which lets us pass down a MTU to a network provider (currently processed by kubenet)
* Add a test, and thus make sysctl testable
 2016-08-23 21:54:50 -07:00
Girish Kalele
b82c028f77 GCE Cloud provider changes for ESIPP 
Add feature gate (ExternalTrafficLocalOnly) for alpha feature
 2016-08-23 16:16:39 -07:00
Justin Santa Barbara
2c103af2b6 Create testable implementation of sysctl 
This is so we can test kubenet Init, which calls sysctl
 2016-08-23 01:42:37 -04:00
Minhan Xia
ec5699e451 clean up oldIptablesMasqueradeMark 2016-08-22 15:05:13 -07:00
Minhan Xia
392a92c9fa change KUBE-XLB back to KUBE-FW 2016-08-18 10:19:59 -07:00
Minhan Xia
b31874fe82 bug fixes and nits 2016-08-18 10:19:59 -07:00
Minhan Xia
1acaa1db09 Revert "Revert "syncNetworkUtil in kubelet and fix loadbalancerSourceRange on GCE"" 2016-08-18 10:19:48 -07:00
Daniel Smith
2aa0bb2dfc Revert "syncNetworkUtil in kubelet and fix loadbalancerSourceRange on GCE" 2016-08-16 18:12:28 -07:00
Minhan Xia
643fc3803b add firewall chain to filter request based on loadbalancer source range 2016-08-15 17:42:41 -07:00
Girish Kalele
5d6abf59ff kube-proxy: Propagate hostname to iptables proxier 2016-08-09 10:05:29 -07:00
Tim Hockin
04d60ddab0 Remove br_netfilter warning in kube-proxy 
Many distros have this module linked in, generating a spurious error.
 2016-07-03 09:54:26 -07:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
Minhan Xia
6a3ad1d66d add hostport support for kubenet 2016-05-22 22:18:58 -07:00
Clayton Coleman
fdb110c859
Fix the rest of the code 2016-04-29 17:12:10 -04:00
Minhan Xia
56ad718008 only close new ports upon iptables-restore failure 2016-04-26 14:23:06 -07:00
goltermann
dddc6cb6c8 Fix a few spellings. 2016-04-21 15:16:42 -07:00
CJ Cullen
760568796f Masquerade traffic from off-cluster going through kube-proxy. 2016-04-19 21:39:34 -07:00
Minhan Xia
ad8c67723a add test for udp connection flush 2016-04-18 14:58:08 -07:00
Minhan Xia
4fa6f3841a fixing dead endpoint black hole udp traffic 2016-04-13 10:20:02 -07:00