github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,326 Commits 1 Branch 31 Tags 1,019 MiB
59a28111be
Commit Graph

1298 Commits

Author SHA1 Message Date
Tim Hockin
9551ecb7c3 Cleanup: Change "Ip" to "IP" in func and var names 2020-04-10 15:29:50 -07:00
Tim Hockin
efb24d44c6 Rename iptables IsIpv6 to IsIPv6 2020-04-10 15:29:50 -07:00
Tim Hockin
ef934a2c5e Add Protocol() method to iptables 
Enables simpler printing of which IP family the iptables interface is
managing.
 2020-04-10 15:29:49 -07:00
Tim Hockin
b874f7c626 Encapsulate sysctl test and log 2020-04-10 15:29:49 -07:00
Tim Hockin
341022f8d1 kube-proxy: log service and endpoint updates 2020-04-10 15:29:44 -07:00
Tim Hockin
37da906db2 kube-proxy: more logging at startup 2020-04-10 15:17:46 -07:00
Kubernetes Prow Robot
4a63d95916
Merge pull request #89792 from andrewsykim/remove-redundant-len-check 
proxy: remove redundant length check on local address sets
 2020-04-10 00:31:47 -07:00
Kubernetes Prow Robot
cabf5d1cdc
Merge pull request #89350 from SataQiu/fix-kube-proxy-20200323 
kube-proxy: treat failure to bind to a port as fatal
 2020-04-06 17:47:20 -07:00
louisgong
619f657b15 add loaded module 2020-04-04 08:49:19 +08:00
Andrew Sy Kim
5169ef5fb5 proxy: remove redundant length check on local address set 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-04-02 16:06:51 -04:00
Kubernetes Prow Robot
bbe5594409
Merge pull request #89296 from danwinship/random-emptily 
Don't log whether we're using iptables --random-fully
 2020-04-02 12:42:24 -07:00
Kubernetes Prow Robot
c2ae0bd763
Merge pull request #74073 from Nordix/issue-70020 
Issue #70020; Flush Conntrack entities for SCTP
 2020-04-01 22:14:24 -07:00
SataQiu
871b90ba23 kube-proxy: add '--bind-address-hard-fail' flag to treat failure to bind to a port as fatal 
Signed-off-by: SataQiu <1527062125@qq.com>
 2020-04-02 13:13:10 +08:00
Tim Hockin
15632b10cb Clean up kube-proxy metrics startup 2020-03-30 10:29:14 -07:00
Tim Hockin
8747ba9370 Clean up kube-proxy healthz startup 
Make the healthz package simpler, move retries back to caller.
 2020-03-30 10:29:14 -07:00
Dan Winship
945d5f8d7d Make userspace proxy logging quieter 2020-03-20 08:24:02 -04:00
Dan Winship
8edd656238 Don't log whether we're using iptables --random-fully 2020-03-20 08:06:27 -04:00
Kubernetes Prow Robot
1b3c94b034
Merge pull request #89146 from SataQiu/fix-kube-proxy-20200316 
comment cleanup for kube-proxy
 2020-03-18 22:25:05 -07:00
Kubernetes Prow Robot
42c94f35a7
Merge pull request #88541 from cmluciano/cml/41ipvsfix 
ipvs: only attempt setting of sysctlconnreuse on supported kernels
 2020-03-17 16:21:28 -07:00
SataQiu
64a496e645 kube-proxy: some code cleanup 2020-03-17 21:46:54 +08:00
Minhan Xia
068963fc06 add testing 2020-03-13 14:59:40 -07:00
Minhan Xia
d527a09192 add ExternalTrafficPolicy support for External IPs in ipvs kubeproxy 2020-03-13 14:59:39 -07:00
Minhan Xia
efc4b12186 add ExternalTrafficPolicy support for External IPs in iptables kubeproxy 2020-03-13 14:59:39 -07:00
Christopher M. Luciano
d22e18ad4f
ipvs: only attempt setting of sysctlconnreuse on supported kernels 
This builds on previous work but only sets the sysctlConnReuse value
if the kernel is known to be above 4.19. To avoid calling GetKernelVersion
twice, I store the value from the CanUseIPVS method and then check the version
constraint at time of expected sysctl call.

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-12 13:16:00 -04:00
Lars Ekman
aa8521df66 Issue #70020; Flush Conntrack entities for SCTP 
Signed-off-by: Lars Ekman <lars.g.ekman@est.tech>
 2020-03-11 09:56:54 +01:00
Kubernetes Prow Robot
0ec85a1467
Merge pull request #88934 from aojea/endpointnolog 
Stop flooding the kube-proxy logs on dual-stack because of IPFamily
 2020-03-10 12:43:37 -07:00
Satyadeep Musuvathy
e053fdd08a Add NodeCIDR for detect-local-mode 2020-03-09 13:44:34 -07:00
Antonio Ojea
df58c042a8 metaproxier logging for endpoints ipfamily 
The kube-proxy metaproxier implementations tries to get the IPFamily
from the endpoints, but if the endpoints doesn't contains an IP
address it logs a Warning.

This causes that services without endpoints keep flooding the logs
with warnings.

We log this errors with a level of Verbosity of 4 instead of a Warning
 2020-03-07 11:42:02 +01:00
Antonio Ojea
23d9ffd4c8 Add metaproxier unit tests 2020-03-07 00:33:55 +01:00
Kubernetes Prow Robot
0773f108c7
Merge pull request #88710 from SataQiu/ipvs-readme-20200302 
kube-proxy: small cleanup for ipvs readme
 2020-03-03 12:18:22 -08:00
SataQiu
b60c0b5c24 small cleanup for ipvs readme 2020-03-02 10:56:29 +08:00
chendotjs
e79f49ebba validate configuration of kube-proxy IPVS tcp,tcpfin,udp timeout 2020-03-02 10:28:52 +08:00
Satyadeep Musuvathy
8c6956e5bb Refactor handling of local traffic detection. 2020-02-21 17:57:34 -08:00
Kubernetes Prow Robot
09d78529db
Merge pull request #87792 from ksubrmnn/nodeip 
Allow access to default Kubernetes Service from inside Windows Pod (Overlay)
 2020-02-20 03:07:04 -08:00
Kubernetes Prow Robot
ea5cef1c65
Merge pull request #87870 from tedyu/restore-proxier-updater 
Use ProxierHealthUpdater directly to avoid panic
 2020-02-17 10:13:29 -08:00
Kubernetes Prow Robot
ad68c4a8b5
Merge pull request #87699 from michaelbeaumont/fix_66766 
kube-proxy: Only open ipv4 sockets for ipv4 clusters
 2020-02-13 23:54:18 -08:00
Kubernetes Prow Robot
48434c3677
Merge pull request #87117 from aojea/proxyv6LB 
kube-proxy crash when load balancers use a different IP family
 2020-02-13 22:44:17 -08:00
Kubernetes Prow Robot
b9c57a1aa2
Merge pull request #87353 from aojea/kproxy_dual 
kube-proxy: validate dual-stack cidrs
 2020-02-12 17:54:35 -08:00
Andrew Sy Kim
1653476e3f proxier: use IPSet from k8s.io/utils/net to store local addresses 
This allows the proxier to cache local addresses instead of fetching all
local addresses every time in IsLocalIP.

Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:44:34 -05:00
Andrew Sy Kim
77feb1126e userspace proxy: get local addresses only once per sync loop 
This avoids fetching all local network interfaces everytime we sync an
external IP. For clusters with many external IPs this gets really
expensive. This change caches all local addresses once per sync.

Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:35:49 -05:00
Andrew Sy Kim
126bf5a231 ipvs proxier: use util proxy methods for getting local addresses 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:35:49 -05:00
Andrew Sy Kim
313c3b81e3 iptables proxier: get local addresses only once per sync loop 
This avoids fetching all local network interfaces everytime we sync an
external IP. For clusters with many external IPs this gets really
expensive. This change caches all local addresses once per sync.

Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:35:49 -05:00
Antonio Ojea
11263bb57f
kube-proxy filter Load Balancer Status ingress 
kube-proxy, if is configured with an IP family, filters out the
incorrect IP version of the services.

This commit fix a bug caused by not filtering out the IPs in the
LoadBalancer Status Ingress field.
 2020-02-11 10:25:59 +01:00
Ted Yu
7a0690cd59 Use ProxierHealthUpdater directly to avoid panic 2020-02-10 09:41:09 -08:00
ksubrmnn
378fcc809a Check for node IP 2020-02-05 11:44:26 -08:00
Kubernetes Prow Robot
5caeec8023
Merge pull request #87710 from alena1108/jan30proxy 
Ineffassign fixes for pkg/proxy
 2020-02-02 19:09:20 -08:00
Antonio Ojea
4844b382dc
kube-proxy: validate dual-stack cidrs 
kube-proxy was not validating correctly the clusterCIDRs, if
dual-stack it MAY have 1 or more clusterCIDRs. If it has 2 cidrs and
at least one of each IP family.

It also fixes a bug where validation was not taking into account
the feature gates global state.
 2020-01-31 16:00:17 +01:00
Kubernetes Prow Robot
8be2f8c626
Merge pull request #86144 from tahsinrahman/dont-serialize-internal 
Do not serialize internal types in ComponentConfig tests
 2020-01-30 15:02:19 -08:00
Alena Prokharchyk
43ce2eb1ff Ineffassign fixes for pkg/proxy 2020-01-30 14:34:33 -08:00
Michael Beaumont
3eea0d1405
kube-proxy: Only open ipv4 sockets for ipv4 clusters 2020-01-30 18:54:16 +01:00