github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,326 Commits 1 Branch 31 Tags 1,019 MiB
59a28111be
Commit Graph

385 Commits

Author SHA1 Message Date
Tim Hockin
9551ecb7c3 Cleanup: Change "Ip" to "IP" in func and var names 2020-04-10 15:29:50 -07:00
Tim Hockin
efb24d44c6 Rename iptables IsIpv6 to IsIPv6 2020-04-10 15:29:50 -07:00
Tim Hockin
ef934a2c5e Add Protocol() method to iptables 
Enables simpler printing of which IP family the iptables interface is
managing.
 2020-04-10 15:29:49 -07:00
Tim Hockin
b874f7c626 Encapsulate sysctl test and log 2020-04-10 15:29:49 -07:00
Tim Hockin
37da906db2 kube-proxy: more logging at startup 2020-04-10 15:17:46 -07:00
Kubernetes Prow Robot
4a63d95916
Merge pull request #89792 from andrewsykim/remove-redundant-len-check 
proxy: remove redundant length check on local address sets
 2020-04-10 00:31:47 -07:00
louisgong
619f657b15 add loaded module 2020-04-04 08:49:19 +08:00
Andrew Sy Kim
5169ef5fb5 proxy: remove redundant length check on local address set 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-04-02 16:06:51 -04:00
Kubernetes Prow Robot
bbe5594409
Merge pull request #89296 from danwinship/random-emptily 
Don't log whether we're using iptables --random-fully
 2020-04-02 12:42:24 -07:00
Kubernetes Prow Robot
c2ae0bd763
Merge pull request #74073 from Nordix/issue-70020 
Issue #70020; Flush Conntrack entities for SCTP
 2020-04-01 22:14:24 -07:00
Dan Winship
8edd656238 Don't log whether we're using iptables --random-fully 2020-03-20 08:06:27 -04:00
Kubernetes Prow Robot
1b3c94b034
Merge pull request #89146 from SataQiu/fix-kube-proxy-20200316 
comment cleanup for kube-proxy
 2020-03-18 22:25:05 -07:00
Kubernetes Prow Robot
42c94f35a7
Merge pull request #88541 from cmluciano/cml/41ipvsfix 
ipvs: only attempt setting of sysctlconnreuse on supported kernels
 2020-03-17 16:21:28 -07:00
SataQiu
64a496e645 kube-proxy: some code cleanup 2020-03-17 21:46:54 +08:00
Minhan Xia
068963fc06 add testing 2020-03-13 14:59:40 -07:00
Minhan Xia
d527a09192 add ExternalTrafficPolicy support for External IPs in ipvs kubeproxy 2020-03-13 14:59:39 -07:00
Christopher M. Luciano
d22e18ad4f
ipvs: only attempt setting of sysctlconnreuse on supported kernels 
This builds on previous work but only sets the sysctlConnReuse value
if the kernel is known to be above 4.19. To avoid calling GetKernelVersion
twice, I store the value from the CanUseIPVS method and then check the version
constraint at time of expected sysctl call.

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-03-12 13:16:00 -04:00
Lars Ekman
aa8521df66 Issue #70020; Flush Conntrack entities for SCTP 
Signed-off-by: Lars Ekman <lars.g.ekman@est.tech>
 2020-03-11 09:56:54 +01:00
SataQiu
b60c0b5c24 small cleanup for ipvs readme 2020-03-02 10:56:29 +08:00
Satyadeep Musuvathy
8c6956e5bb Refactor handling of local traffic detection. 2020-02-21 17:57:34 -08:00
Kubernetes Prow Robot
ad68c4a8b5
Merge pull request #87699 from michaelbeaumont/fix_66766 
kube-proxy: Only open ipv4 sockets for ipv4 clusters
 2020-02-13 23:54:18 -08:00
Andrew Sy Kim
1653476e3f proxier: use IPSet from k8s.io/utils/net to store local addresses 
This allows the proxier to cache local addresses instead of fetching all
local addresses every time in IsLocalIP.

Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:44:34 -05:00
Andrew Sy Kim
126bf5a231 ipvs proxier: use util proxy methods for getting local addresses 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2020-02-11 16:35:49 -05:00
Michael Beaumont
3eea0d1405
kube-proxy: Only open ipv4 sockets for ipv4 clusters 2020-01-30 18:54:16 +01:00
Rob Scott
47b2593d59
Creating new EndpointSliceProxying feature gate for kube-proxy 
This creates a new EndpointSliceProxying feature gate to cover EndpointSlice
consumption (kube-proxy) and allow the existing EndpointSlice feature gate to
focus on EndpointSlice production only. Along with that addition, this enables
the EndpointSlice feature gate by default, now only affecting the controller.

The rationale here is that it's really difficult to guarantee all EndpointSlices
are created in a cluster upgrade process before kube-proxy attempts to consume
them. Although masters are generally upgraded before nodes, and in most cases,
the controller would have enough time to create EndpointSlices before a new node
with kube-proxy spun up, there are plenty of edge cases where that might not be
the case. The primary limitation on EndpointSlice creation is the API rate limit
of 20QPS. In clusters with a lot of endpoints and/or with a lot of other API
requests, it could be difficult to create all the EndpointSlices before a new
node with kube-proxy targeting EndpointSlices spun up.

Separating this into 2 feature gates allows for a more gradual rollout with the
EndpointSlice controller being enabled by default in 1.18, and EndpointSlices
for kube-proxy being enabled by default in the next release.
 2020-01-17 16:17:40 -08:00
Kubernetes Prow Robot
6278df2a97
Merge pull request #82223 from rikatz/issue77493 
Check first if ipvs module is builtin
 2020-01-17 03:52:56 -08:00
Kubernetes Prow Robot
f4db8212be
Merge pull request #76496 from danielqsj/metrics-2 
Clean deprecated metrics
 2020-01-13 20:53:09 -08:00
danielqsj
a8f2feaeb5 remove deprecated metrics of proxy 2020-01-10 17:05:38 +08:00
chenyaqi01
f893486191 ipvs proxier README: fix typo 2020-01-09 15:12:05 +08:00
Kubernetes Prow Robot
5373fa3f59
Merge pull request #82462 from vllry/dualstack-iptables 
Dualstack support for kube-proxy iptables mode
 2020-01-07 04:38:20 -08:00
SataQiu
2497a1209b bump k8s.io/utils version 2019-12-21 14:54:44 +08:00
Andrew Sy Kim
db2c048db9 support configuration of kube-proxy IPVS tcp,tcpfin,udp timeout 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-12-17 04:35:08 -05:00
Vallery Lancey
23957a6b28 Allow kube-proxy iptables mode to support dual-stack, with the meta-proxier. 2019-12-16 22:50:25 -08:00
Andrew Sy Kim
884582d892 proxier: improve node topology event handler logic 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-11-15 08:53:56 -05:00
Roc Chan
31d623b4d7 Autogenerated files 2019-11-15 14:37:44 +08:00
Roc Chan
80c6524cd0 kube-proxy: sync rules when current node labels change detected 2019-11-15 13:36:43 +08:00
Roc Chan
c9cf3f5b72 Service Topology implementation 
* Implement Service Topology for ipvs and iptables proxier
* Add test files
* API validation
 2019-11-15 13:36:43 +08:00
Kubernetes Prow Robot
27067540ff
Merge pull request #85246 from robscott/endpointslice-dualstack-proxy 
Updating kube-proxy to support new EndpointSlice address types
 2019-11-14 13:31:58 -08:00
Rob Scott
2a021d02c9
Updating kube-proxy to support new EndpointSlice address types 
This includes IPv4 and IPv6 address types and IPVS dual stack support.
Importantly this ensures that EndpointSlices with a FQDN address type
are not processed by kube-proxy.
 2019-11-13 19:50:41 -08:00
Rob Scott
a7e589a8c6
Promoting EndpointSlices to beta 2019-11-13 14:20:19 -08:00
Kubernetes Prow Robot
c5609071d8
Merge pull request #84971 from robscott/endpointslice-iptypes 
Splitting IP address type into IPv4 and IPv6 for EndpointSlices
 2019-11-13 09:26:36 -08:00
Rob Scott
0fa9981e01
Splitting IP address type into IPv4 and IPv6 for EndpointSlices 2019-11-12 09:03:53 -08:00
Gao Zheng
6b36a60c75 kube-proxy/ipvs get local addr just once per sync 2019-11-12 19:40:21 +08:00
Jordan Liggitt
297570e06a hack/update-vendor.sh 2019-11-06 17:42:34 -05:00
zouyee
a3e0ac2951 set config.BindAddress to IPv4 address "127.0.0.1" if not specified 
Signed-off-by: Zou Nengren <zouyee1989@gmail.com>
 2019-10-25 21:46:41 +08:00
Ricardo Pchevuzinske Katz
6aaae7d646 Add support for builtin modules in kube-proxy 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-10-23 13:59:44 -03:00
Kubernetes Prow Robot
bbe71214a6
Merge pull request #83677 from HotelsDotCom/kube-proxy-README 
Bugfix kube-proxy README file to list ipvs modules, closes #83676
 2019-10-21 21:11:51 -07:00
preisinger
d6431fbdfa Bugfix kube-proxy README file to list ipvs modules 2019-10-18 09:25:28 +01:00
Kubernetes Prow Robot
a7b3114c88
Merge pull request #83553 from rikatz/issue77493-part1 
Improve IPVS Module loader logic
 2019-10-15 23:05:13 -07:00
Ricardo Pchevuzinske Katz
da8931560b Improve IPVS Module loader logic 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-10-11 08:59:41 -03:00