github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
88,197 Commits 1 Branch 31 Tags 1,019 MiB
652f52b51c
Commit Graph

1250 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
bd8a8db515
Merge pull request #81477 from paulsubrata55/kube-proxy-sctp-ipset-fix 
Fix in kube-proxy for sctp ipset entries
 2019-08-28 18:26:09 -07:00
Kubernetes Prow Robot
af54eae69a
Merge pull request #81612 from rikatz/issue81060 
Remove watching Endpoints of Headless Services
 2019-08-28 14:44:25 -07:00
Han Kang
e1bf0b4918 group imports properly 2019-08-28 12:49:54 -07:00
Han Kang
0895ac212d migrate kube-proxy metrics to stability framework 2019-08-28 12:49:54 -07:00
Kubernetes Prow Robot
927f45191e
Merge pull request #81527 from yastij/move-controller-util 
move WaitForCacheSync to the sharedInformer package
 2019-08-27 00:52:54 -07:00
Kubernetes Prow Robot
0a486d97ed
Merge pull request #81415 from oxddr/asdf 
kube-proxy: improve logging around network programming latency SLI.
 2019-08-23 15:48:39 -07:00
Janek Łukaszewicz
c33be173bf kube-proxy: improve logging around network programming latency SLI. 2019-08-23 15:48:25 +02:00
Kubernetes Prow Robot
9c736445f5
Merge pull request #79846 from aramase/fix-golint-pkg/proxy 
Fix golint failures in pkg/proxy
 2019-08-23 00:51:17 -07:00
Kubernetes Prow Robot
37651f1cef
Merge pull request #80368 from danwinship/iptables-checks 
iptables feature detection improvements
 2019-08-22 13:31:20 -07:00
Yassine TIJANI
7e4c3096fe move WaitForCacheSync to the sharedInformer package 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
 2019-08-22 16:13:41 +01:00
Ricardo Pchevuzinske Katz
e389237171 Remove watching Endpoints of Headless Services 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-08-21 16:37:09 -03:00
Yassine TIJANI
4d9e4f0b45 move ShuffleStrings to pkg/proxy 
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
 2019-08-21 20:03:53 +01:00
liuxu
c90b295ef1 don't delete KUBE-MARK-MASQ chain in iptables/ipvs proxier 2019-08-20 15:43:54 +08:00
Subrata Paul
138b8b8aaa Fix in kube-proxy for sctp ipset entries 
Kube-proxy will add ipset entries for all node ips for an SCTP nodeport service. This will solve the problem 'SCTP nodeport service is not working for all IPs present in the node when ipvs is enabled. It is working only for node's InternalIP.'
 2019-08-18 00:40:27 +05:30
Kubernetes Prow Robot
d21822a02a
Merge pull request #81538 from thockin/master 
Don't track syncProxyRules runtime if not running
 2019-08-17 09:24:06 -07:00
Tim Hockin
5b14394f4e Don't track syncProxyRules runtime if not running 2019-08-16 17:05:03 -07:00
Kubernetes Prow Robot
e6d4273395
Merge pull request #79033 from Nordix/kubeadm-ds-pod-network-cidr 
Dual-Stack Integration with Kubeadm
 2019-08-16 05:06:31 -07:00
Kubernetes Prow Robot
47e78f3de5
Merge pull request #81378 from tedyu/ports-2-endpt 
buildPortsToEndpointsMap should use flattened value type
 2019-08-15 19:17:01 -07:00
Ted Yu
2f671340c9 buildPortsToEndpointsMap should use flattened value type 2019-08-15 11:28:09 -07:00
Kubernetes Prow Robot
e552806753
Merge pull request #81361 from oxddr/kubeproxy-moar-logging 
kube-proxy: do not export network programming latency for deleted Endpoints
 2019-08-14 16:52:49 -07:00
Kubernetes Prow Robot
4ac9701370
Merge pull request #81309 from andrewsykim/ipvs-test-delete-with-realserver 
proxy/ipvs: test cleanLegacyService with real servers
 2019-08-14 12:46:24 -07:00
Janek Łukaszewicz
e52110edcd kube-proxy: do not export network programming latency for deleted enpoints. 2019-08-14 14:00:07 +02:00
Kubernetes Prow Robot
8c7244ac12
Merge pull request #81312 from andrewsykim/ipvs-remove-const 
proxy/ipvs: remove unused constant rsGracefulDeletePeriod
 2019-08-13 19:37:16 -07:00
Andrew Sy Kim
459bfb1ab7 proxy/ipvs: test cleanLegacyService with real servers 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-08-13 11:55:16 -04:00
Kubernetes Prow Robot
6d921c0eb5
Merge pull request #80779 from andrewsykim/ipvs-test-tables 
proxy/ipvs: refactor IPVS unit tests TestClusterIP and TestNodePort to use test tables
 2019-08-13 07:55:42 -07:00
Kubernetes Prow Robot
12a085f917
Merge pull request #80942 from gongguan/fix_ipvs_svc_del 
fix ipvs_svc deletion
 2019-08-13 02:27:54 -07:00
Andrew Sy Kim
e198eefa2b proxy/ipvs: remove unused constant rsGracefulDeletePeriod 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-08-12 16:30:28 -04:00
ethan
94efd3fcdf
cleanup: proxier.go error message fix 2019-08-12 22:36:16 +08:00
louisssgong
97c4edaa4f Fix a bug in the IPVS proxier where virtual servers are not cleaned up even though the corresponding Service object was deleted. 2019-08-10 06:32:38 +08:00
hui luo
a2ef00c1b1 Add iptables restore failure metrics 
As mentioned in issue #80061, in iptables lock contention case,
we can see increasing rate of iptables restore failures because it
need to grab iptables file lock.

The failure metric can provide administrators more insight

Metrics will be collected in kube-proxy iptables and ipvs modes

Signed-off-by: Hui Luo <luoh@vmware.com>
 2019-08-09 10:18:19 -07:00
Arvinderpal Wander
ec77598906 Update kubeproxy config validation to support list of comma 
separated pod CIDRs. Dual-stack feature must be enabled for the
validation to be done.
 2019-08-09 07:20:39 -07:00
Kubernetes Prow Robot
19e85a9092
Merge pull request #80502 from xigang/master 
Update CleanupAndExit and OnServiceSynced field comment and bugfix panic params in the construct method
 2019-08-07 20:10:06 -07:00
Kubernetes Prow Robot
695190da6b
Merge pull request #80218 from oxddr/kubeproxy-buckets 
kube-proxy: change buckets used by NetworkProgrammingLatency
 2019-08-04 08:33:49 -07:00
Dan Winship
a735c97356 kube-proxy: drop iptables version check 
Kube-proxy's iptables mode used to care whether utiliptables's
EnsureRule was able to use "iptables -C" or if it had to implement it
hackily using "iptables-save". But that became irrelevant when
kube-proxy was reimplemented using "iptables-restore", and no one ever
noticed. So remove that check.
 2019-08-01 12:05:31 -04:00
Emrecan BATI
90ce2d50d3 Add GetKernelVersion to ipvs.KernelHandler interface 
ipvs `getProxyMode` test fails on mac as `utilipvs.GetRequiredIPVSMods`
try to reach `/proc/sys/kernel/osrelease` to find version of the running
linux kernel. Linux kernel version is used to determine the list of required
kernel modules for ipvs.

Logic to determine kernel version is moved to GetKernelVersion
method in LinuxKernelHandler which implements ipvs.KernelHandler.
Mock KernelHandler is used in the test cases.

Read and parse file is converted to go function instead of execing cut.
 2019-07-31 22:10:44 +03:00
Andrew Sy Kim
089e0cd9ef proxy/ipvs: refactor TestNodePort to use test tables 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-07-30 22:04:52 -04:00
Andrew Sy Kim
9af797c51e proxy/ipvs: refactor TestClusterIP to use test tables 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-07-30 21:30:52 -04:00
silenceshell
c31a2b7076
kube-proxy in ipvs mode use ipvs to redirect traffic 
fix the comment.
 2019-07-28 21:36:02 +08:00
Janek Łukaszewicz
f9b683532a second iteration 2019-07-26 14:44:55 +02:00
xigang
4ac81d7508 Update the CleanupAndExit field for the Options and the OnServiceSynced for the ServiceHandler comment 2019-07-24 09:40:29 +08:00
Cezar Sa Espinola
c25763e159
proxy/ipvs: Compute all node ips only once when a zero cidr is used 
Computing all node ips twice would always happen when no node port
addresses were explicitly set. The GetNodeAddresses call would return
two zero cidrs (ipv4 and ipv6) and we would then retrieve all node IPs
twice because the loop wouldn't break after the first time.

Also, it is possible for the user to set explicit node port addresses
including both a zero and a non-zero cidr, but this wouldn't make sense
for nodeIPs since the zero cidr would already cause nodeIPs to include
all IPs on the node.
 2019-07-23 13:35:37 -03:00
Cezar Sa Espinola
5c16940508
proxy/ipvs: Only compute node ip addresses once per sync 
Previously the same ip addresses would be computed for each nodePort
service and this could be CPU intensive for a large number of nodePort
services with a large number of ipaddresses on the node.
 2019-07-23 13:35:27 -03:00
Janek Łukaszewicz
1dda3d8dfc kube-proxy: change buckets used by NetworkProgrammingLatency 
refs https://github.com/kubernetes/perf-tests/issues/640

We have too fine buckets granularity for lower latencies, at cost of the higher
latecies (7+ minutes). This is causing spikes in SLI calculated based on that
metrics.

I don't have strong opinion about actual values - those seemed to be better
matching our need. But let's have discussion about them.

Values:

0.015 s
0.030 s
0.060 s
0.120 s
0.240 s
0.480 s
0.960 s
1.920 s
3.840 s
7.680 s
15.360 s
30.720 s
61.440 s
122.880 s
245.760 s
491.520 s
983.040 s
1966.080 s
3932.160 s
7864.320 s
 2019-07-16 16:43:19 +02:00
Andrew Sy Kim
7aa1700dba proxy/ipvs: increase log level for graceful termination 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-07-12 15:17:42 -04:00
Andrew Sy Kim
3629ed10fa add myself and lbernail as IPVS approvers 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-07-11 19:06:59 -04:00
Anish Ramasekar
2878270f5b
Fix golint failures in pkg/proxy 
Review feedback - remove alias from imports

fix comments
 2019-07-08 11:48:33 -07:00
Kubernetes Prow Robot
da0f51ffed
Merge pull request #78820 from haosdent/fix_typos 
Fix typos.
 2019-07-01 15:09:20 -07:00
Andrew Sy Kim
ba19451020 iptables proxier: fix comments for LB IP traffic from local address 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-06-28 16:42:01 -04:00
Andrew Sy Kim
22832cfb78 ipvs proxy: add unit test for udp graceful termination 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-06-22 21:07:40 -04:00
Kubernetes Prow Robot
eee3e976d8
Merge pull request #78294 from vllry/kp-remove-resource-container 
Remove deprecated flag --resource-container from kube-proxy
 2019-06-22 00:38:12 -07:00
Kubernetes Prow Robot
099878620f
Merge pull request #78874 from sbangari/kubeproxysvcfix 
Fix the creation of load balancer policy for the NodeIp when NodePort…
 2019-06-21 12:16:14 -07:00
Sravanth Bangari
9cc828cbf0 Fix the creation of load balancer policy for the NodeIp when NodePort specified is same as service Port 2019-06-20 11:11:44 -07:00
Vallery Lancey
dc0f14312e Removed deprecated --resource-container flag from kube-proxy. 2019-06-16 08:36:42 -07:00
Kubernetes Prow Robot
101f9ff703
Merge pull request #78999 from andrewsykim/ipvs-graceful-term-fix 
ipvs: fix string check for IPVS protocol during graceful termination
 2019-06-15 08:52:38 -07:00
Kubernetes Prow Robot
0c9964fac3
Merge pull request #76160 from JacobTanenbaum/BaseServiceInfo-cleanup 
enforce the interface relationship between ServicePort and BaseServiceInfo
 2019-06-13 20:37:13 -07:00
Andrew Sy Kim
bb95143369 ipvs: fix string check for IPVS protocol during graceful termination 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-06-13 19:03:58 -04:00
Haosdent Huang
7ce6e71891 Fix typos. 2019-06-11 01:52:14 +08:00
Jacob Tanenbaum
c0392d72e9 enforce the interface relationship between ServicePort and BaseServiceInfo 
Currently the BaseServiceInfo struct implements the ServicePort interface, but
only uses that interface sometimes. All the elements of BaseServiceInfo are exported
and sometimes the interface is used to access them and othertimes not

I extended the ServicePort interface so that all relevent values can be accessed through
it and unexported all the elements of BaseServiceInfo
 2019-06-05 14:50:24 -04:00
Kubernetes Prow Robot
f532d5ca4b
Merge pull request #78612 from ksubrmnn/retry 
Kube-Proxy wait when HNS network not found
 2019-06-03 01:10:20 -07:00
Ricardo Pchevuzinske Katz
82c42bb6ee Remove deprecated flag --conntrack-max from kube-proxy 2019-06-01 18:10:28 -03:00
ksubrmnn
39aa6abf18 Wait when HNS network not found 2019-05-31 18:26:57 -07:00
Kubernetes Prow Robot
4d7e9052ea
Merge pull request #77582 from mrkm4ntr/clean-proxy-config 
Clean up code in proxy/config
 2019-05-31 12:23:06 -07:00
Kubernetes Prow Robot
bdf3d248eb
Merge pull request #77523 from andrewsykim/fix-xlb-from-local 
iptables proxier: route local traffic to LB IPs to service chain
 2019-05-31 12:22:53 -07:00
Kubernetes Prow Robot
8b7e777fe8
Merge pull request #74825 from ksubrmnn/preserve_dip 
Windows support for preserving the destination IP as the VIP when loadbalancing with DSR
 2019-05-31 04:48:27 -07:00
Kubernetes Prow Robot
46a3d82240
Merge pull request #78464 from andrewsykim/ipvs-reviewer 
add myself and Laurent as ipvs proxy reviewers
 2019-05-30 04:54:35 -07:00
Kubernetes Prow Robot
180acb315f
Merge pull request #78404 from andrewsykim/refactor-ipvs-ipset-tests 
ipvs: add descriptions to ipset unit tests
 2019-05-30 00:32:33 -07:00
Kubernetes Prow Robot
2fb7b6074a
Merge pull request #78395 from andrewsykim/ipvs-graceful-termination-log-level 
ipvs proxier: increase log level for real server deletion message
 2019-05-29 22:54:57 -07:00
Andrew Sy Kim
f6d9a45643 add myself and Laurent as ipvs proxy reviewers 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-29 01:43:50 -04:00
Kubernetes Prow Robot
944a7e2be6
Merge pull request #77802 from DataDog/lbernail/no-graceful-udp 
[proxier/ipvs] Disable graceful termination for UDP traffic
 2019-05-28 22:20:35 -07:00
Kubernetes Prow Robot
aa25195ab1
Merge pull request #77371 from andrewsykim/77265 
create new SCTP ipsets for IPVS proxier
 2019-05-28 10:58:54 -07:00
Kubernetes Prow Robot
59f6ed3b14
Merge pull request #78379 from yanghaichao12/dev0527 
remove some codes never used in proxier_test
 2019-05-28 07:18:25 -07:00
Laurent Bernaille
9ff0685722
[proxier/ipvs] Disable graceful termination for udp 2019-05-28 13:51:56 +02:00
Andrew Sy Kim
f3715bbbac ipvs: add descriptions to ipset unit tests 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-27 11:38:11 -04:00
yanghaichao12
66aa7c973d delete unused code in proxier_test 2019-05-27 10:39:43 -04:00
Andrew Sy Kim
e049927a1c ipvs proxier: increase log level for real server deletion message 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-27 08:24:37 -04:00
Kalya Subramanian
4e0f63b688 Set loadbalancer flags for DSR 2019-05-20 15:37:19 -07:00
Andrew Sy Kim
6677d796df ipvs: add graceful termination unit tests 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-19 23:10:01 +02:00
Kubernetes Prow Robot
929adb69e3
Merge pull request #76165 from JacobTanenbaum/minor-cleanups 
Minor cleanups in pkg/proxy/endpoints.go
 2019-05-15 22:55:55 -07:00
Kubernetes Prow Robot
746404f82a
Merge pull request #77560 from dcbw/proxy-sig-network-owners 
pkg/proxy: add sig-network-approvers/sig-network-reviewers to OWNERS files
 2019-05-15 03:08:33 -07:00
Kubernetes Prow Robot
74743793f2
Merge pull request #74027 from squeed/kube-proxy-metrics 
proxy: add some useful metrics
 2019-05-15 03:08:19 -07:00
Dan Williams
91716989b6 pkg/proxy: add sig-network-approvers/sig-network-reviewers to OWNERS files 
This PR also adds m1093782566 (Jun Du) to sig-network-reviewers in
recognition of his contributions to the proxy.
 2019-05-13 10:30:29 -05:00
Brad Hoekstra
62e58a66aa Fix some lint errors in pkg/proxy 2019-05-09 16:48:29 -04:00
Shintaro Murakami
bc76a18d83 Clean up code in proxy/config 2019-05-09 10:58:26 +09:00
Andrew Sy Kim
8dfd4def99 add unit tests for -src-type=LOCAL from LB chain 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-07 15:22:46 -04:00
Andrew Sy Kim
b926fb9d2b iptables proxier: route local traffic to LB IPs to service chain 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-07 15:22:46 -04:00
Jacob Tanenbaum
9d4693a70f changing UpdateEndpointsMap to Update 
changing UpdateEndpointsMap to be a function of the EndpointsMap object
 2019-05-07 14:41:15 -04:00
Jacob Tanenbaum
5201cc994c Cleanup of GetLocalEndpointIPs 
unexported GetLocalEndpointIPs and made it a endpointsMap struct method
 2019-05-07 14:41:15 -04:00
Jacob Tanenbaum
1d60557c87 Merge() and Unmerge() needlessly exported 2019-05-07 14:41:15 -04:00
Casey Callendrello
017f57a6b0 proxy: add some useful metrics 
This adds some useful metrics around pending changes and last successful
sync time.

The goal is for administrators to be able to alert on proxies that, for
whatever reason, are quite stale.

Signed-off-by: Casey Callendrello <cdc@redhat.com>
 2019-05-07 14:21:13 +02:00
Krzysztof Siedlecki
941629d37a
Revert "Add better logging when iptables-restore fails" 2019-05-07 13:37:29 +02:00
Kubernetes Prow Robot
5b34d95ec5
Merge pull request #77381 from JieJhih/network/golint 
Fix golint
 2019-05-07 00:23:54 -07:00
draveness
fabc628210 style: update several golint errors in winkernel 2019-05-06 20:28:09 +08:00
Andrew Sy Kim
43ded7c4e2 create new ipset KUBE-NODE-PORT-SCTP-HASH and KUBE-NODE-PORT-LOCAL-SCTP-HASH for ipvs proxier 
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
 2019-05-03 11:59:49 -04:00
JieJhih Jhang
21e4f0039e fix golint 2019-05-03 14:31:51 +08:00
Kubernetes Prow Robot
a949abc5bd
Merge pull request #76712 from tedyu/rr-read-lock 
Use read lock for ServiceHasEndpoints
 2019-05-01 23:28:31 -07:00
Kubernetes Prow Robot
de83eefd1b
Merge pull request #76784 from tedyu/health-read 
Use read lock in ServeHTTP
 2019-05-01 20:42:19 -07:00
JieJhih Jhang
176d49300d combine two logics avoid for range the same thing 2019-05-01 18:35:52 +08:00
Kubernetes Prow Robot
4dc05dd9df
Merge pull request #76320 from JieJhih/config/kube_proxy 
support ipv6 in bind address
 2019-04-26 17:14:22 -07:00
Kubernetes Prow Robot
a143d07b27
Merge pull request #76254 from JieJhih/fix/word 
Fix spell error
 2019-04-26 14:26:34 -07:00
Kubernetes Prow Robot
fa833a1e33
Merge pull request #74840 from anfernee/connreset 
kube-proxy: Drop packets in INVALID state
 2019-04-26 14:26:22 -07:00
Ted Yu
2472d34bf0 Refactor err checking 2019-04-25 10:18:52 -07:00
Ted Yu
9d30833e53 Follow on for #76779 2019-04-25 02:46:38 -07:00
Kubernetes Prow Robot
e8cbeaae2b
Merge pull request #76779 from tedyu/stored-cidr 
Store parsed CIDRs at initialization of Proxier
 2019-04-24 23:04:45 -07:00
Davanum Srinivas
7b8c9acc09
remove unused code 
Change-Id: If821920ec8872e326b7d85437ad8d2620807799d
 2019-04-19 08:36:31 -04:00
Ted Yu
9fb6a100c8 Use read lock in ServeHTTP 2019-04-18 11:40:29 -07:00
Ted Yu
0062a7d8de Store parsed CIDRs at initialization of Proxier 2019-04-18 09:36:05 -07:00
Ted Yu
cf706531a5 Use read lock for ServiceHasEndpoints 2019-04-17 08:10:30 -07:00
JieJhih Jhang
08e320fa4e support ipv6 in bind address 
use split host port func instead trim specific character

add unit test for metrics and healthz bind address

recover import package

refactor set default kube proxy configuration

fix ipv4 condition

fix set default port condition

rewrite call function occasion to reduce error

set ipv6 default value

move get GetBindAddressHostPort to util

use one func to handle deprecated series

update bazel

define address type

return earlier in the error case

refactor set default kube proxy configuration logic

recover import package

preserve some of the original comments

add get default address func

add append port if needed unit test

rewrite unit test for deprecated flags

remove unused codes
 2019-04-17 15:31:42 +08:00
Kubernetes Prow Robot
a55478319a
Merge pull request #76277 from dcbw/proxy-userspace-dans-owners 
proxy/userspace: add dcbw and danwinship to OWNERS approvers
 2019-04-16 19:14:18 -07:00
Kubernetes Prow Robot
2490e035d7
Merge pull request #71735 from dcbw/userspace-proxy-ratelimiting 
proxy/userspace: respect minSyncInterval
 2019-04-16 19:14:03 -07:00
Kubernetes Prow Robot
b66fb6a347
Merge pull request #76658 from ksubrmnn/owners 
Update winkernel owners file
 2019-04-16 17:48:50 -07:00
Kubernetes Prow Robot
90b9ccf7f4
Merge pull request #74447 from WanLinghao/builder_ptr_replace 
Remove and replace ptr functions
 2019-04-16 16:19:38 -07:00
ksubrmnn
a7c3068e86 Update owners file 2019-04-16 10:45:50 -07:00
Igor German
107faf5ab0 proxy: Take into account exclude CIDRs while deleting legacy real servers 2019-04-11 17:05:49 +03:00
WanLinghao
d0138ca3fe This commit does two things in pkg package: 
1. Remove unused ptr functions.
2. Replace ptr functions with k8s.io/utils/pointer
 2019-04-09 10:56:35 +08:00
Dan Williams
63c01133f8 proxy/userspace: add dcbw and danwinship to OWNERS approvers 
Per recommendation of @thockin:

https://github.com/kubernetes/kubernetes/pull/71735#pullrequestreview-189515580

---
IMO this code is as dead as it could be. The only significant user is OpenShift as far as I know. I'd rather never touch it again, but I know that is not realistic.

Also, it seems like maybe this could be broken into a couple commits for easier review?

I raised some questions about this design, but I think you should add yourselves as approvers in OWNERS for this subdir. If it evolves, I will lose context on the impl. I don't think it is covered by e2e, either (more argument for breaking it to a separate repo and having its own e2e tests)
---
 2019-04-08 12:38:22 -05:00
Jay
9f2147161e Fix spell error 2019-04-08 15:49:29 +08:00
Dan Williams
cc2b31a2f3 proxy/userspace: consolidate portal and proxy cleanup 2019-04-05 16:28:24 -05:00
Dan Williams
8cf0076e23 proxy/userspace: respect minSyncInterval and simplify locking 
The userspace proxy does not have any ratelimiting and when many
services are used will hammer iptables every time a service or
endpoint change occurs. Instead build up a map of changed
services and process all those changes at once instead of each
time an event comes in. This also ensures that no long-running
processing happens in the same call chain as the OnService*
calls as this blocks other handlers attached to the proxy's
parent ServiceConfig object for long periods of time.

Locking can also now be simplified as the only accesses to the
proxy's serviceMap happen from syncProxyRules(). So instead of
locking in many functions just lock once in syncProxyRules()
like the other proxies do.

https://bugzilla.redhat.com/show_bug.cgi?id=1590589
https://bugzilla.redhat.com/show_bug.cgi?id=1689690
 2019-04-05 16:28:17 -05:00
Dan Williams
cf7225f561 proxy/userspace: replace IsServiceIPSet() with ShouldSkipService() 
Keeps things consistent with iptables/IPVS proxies. Proxies don't
handle ServiceTypeExternalName even if the ClusterIP is set.
 2019-04-05 16:16:36 -05:00
Dan Williams
04b943ce38 proxy/userspace: track initial service/endpoints sync 
We'll use this shortly to prevent premature syncing before all
initial endpoints and services have been received from the
apiserver.
 2019-04-05 16:16:36 -05:00
Dan Williams
ddab79a233 proxy/userspace: add proxy shutdown function and use in testcases 
If a testcase does time out and 'go test' prints the call stack,
make sure everything from previous tests is cleaned up so the call
stack is easier to understand.
 2019-04-05 16:16:36 -05:00
Dan Williams
4b07f80d20 proxy: consolidate ServicesHandler/EndpointsHandler into ProxyProvider 
Proxies should be able to cleanly figure out when endpoints have been synced,
so make all ProxyProviders also implement EndpointsHandler and pass those
through to loadbalancers when required.
 2019-04-05 16:16:35 -05:00
Tim Hockin
f8a7936894 Add better logging when iptables-restore fails 2019-04-04 16:34:10 -07:00
Kubernetes Prow Robot
29566d0a65
Merge pull request #74341 from paulsubrata55/kube_proxy_sctp_fix 
Issue in kube-proxy when IPVS is enabled and SCTP traffic is sent.
 2019-03-26 12:33:33 -07:00
Kubernetes Prow Robot
59140d6474
Merge pull request #75295 from DataDog/lbernail/strict-arp-flag 
[kube-proxy/ipvs] Add flag to enable strict ARP
 2019-03-20 07:41:51 -07:00
Kubernetes Prow Robot
88dc966a8a
Merge pull request #75283 from DataDog/lbernail/graceful-restart 
[kube-proxy/ipvs] Do not delete existing VS and RS when starting
 2019-03-20 07:41:36 -07:00
Kubernetes Prow Robot
046dcbd1ed
Merge pull request #73917 from droslean/cleanup 
replace loops with go idiomatic.
 2019-03-19 19:01:04 -07:00
Yongkun Gui
a07169bcad kube-proxy: Drop packets in INVALID state 
Fixes: #74839
 2019-03-18 15:22:30 -07:00
Kubernetes Prow Robot
aa9cbd112c
Merge pull request #75265 from JacobTanenbaum/ClearExternalIPs 
Clear conntrack entries on 0 -> 1 endpoint transition with externalIPs
 2019-03-18 11:06:23 -07:00
Jacob Tanenbaum
c3548165d5 Clear conntrack entries on 0 -> 1 endpoint transition with externalIPs 
As part of the endpoint creation process when going from 0 -> 1 conntrack entries
are cleared. This is to prevent an existing conntrack entry from preventing traffic
to the service. Currently the system ignores the existance of the services external IP
addresses, which exposes that errant behavior

This adds the externalIP addresses of udp services to the list of conntrack entries that
get cleared. Allowing traffic to flow

Signed-off-by: Jacob Tanenbaum <jtanenba@redhat.com>
 2019-03-15 11:18:51 -04:00
Laurent Bernaille
09f821ddb5 [kube-proxy/ipvs] Add flag to enable strict ARP 2019-03-12 15:56:22 +01:00
Laurent Bernaille
96818ea31e [kube-proxy/ipvs] Do not delete existing VS and RS when starting 2019-03-12 09:40:55 +01:00
Tim Hockin
de25d6cb95 Kube-proxy: REJECT LB IPs with no endpoints 
We REJECT every other case.  Close this FIXME.

To get this to work in all cases, we have to process service in
filter.INPUT, since LB IPS might be manged as local addresses.
 2019-03-11 20:33:45 -07:00
Kubernetes Prow Robot
56c74635e2
Merge pull request #75023 from danielqsj/metrics-1 
clean the deprecated metrics which introduced recently
 2019-03-07 22:43:55 -08:00
Kubernetes Prow Robot
a8492d74ec
Merge pull request #74688 from ksubrmnn/overlay_dsr 
Allow Overlay loadbalancing to Public IP in Windows
 2019-03-06 20:35:52 -08:00
danielqsj
10ab3fb832 clean the deprecated metrics which introduced recently 2019-03-06 15:23:46 +08:00
Kubernetes Prow Robot
9b8c58644a
Merge pull request #74418 from danielqsj/duration 
convert latency/latencies in metrics name to duration
 2019-03-01 17:58:12 -08:00
ksubrmnn
0173545b56 Allow Overlay loadbalancing to Public IP 2019-02-27 16:27:08 -08:00
Kubernetes Prow Robot
b96378c058
Merge pull request #74436 from ksubrmnn/overlay_dsr 
Temporarily remove V2 API check
 2019-02-22 19:19:37 -08:00
ksubrmnn
a322e08a98 Temporarily remove V2 API check 2019-02-22 14:10:05 -08:00
danielqsj
f7b437cae0 convert latency in mertics name to duration 2019-02-22 21:40:13 +08:00
Kubernetes Prow Robot
c06ca11b5d
Merge pull request #70896 from ksubrmnn/overlay_dsr 
Adding Windows Overlay support to Kube Proxy
 2019-02-20 12:53:13 -08:00
Kubernetes Prow Robot
059d6057dd
Merge pull request #73323 from prameshj/clear-externalip-conntrack 
Clear conntrack entries for externalIP and LoadBalancer IP
 2019-02-19 18:38:17 -08:00
Subrata Paul
bf099d557e Fix for issue #73300. kube-proxy with IPVS and sctp traffic 2019-02-19 20:29:08 +05:30
Kubernetes Prow Robot
c90bf8d8ea
Merge pull request #74062 from trungnvfet/fix_json_format 
Fix an issue of yaml and json format
 2019-02-14 23:56:00 -08:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable 
Remove executable file permission from OWNERS files
 2019-02-14 23:55:45 -08:00
Nguyen Van Trung
d5d7db476d fix an issue of yaml and json format 
Signed-off-by: Nguyen Van Trung <trungnv@vn.fujitsu.com>
 2019-02-15 09:55:53 +07:00
Pavithra Ramesh
24d3ab83dc Remove conntrack entries from loadbalancer ip too. 2019-02-13 09:55:31 -08:00
Matt Matejczyk
fce1909483 Don't log warning when EndpointsLastChangeTriggerTime not set. 2019-02-13 09:11:59 +01:00