Commit Graph

2309 Commits

Author SHA1 Message Date
Artyom Lukianov
7561a0f96e memory manager: provide new flag var to parse reserved-memory parameter
The new flag will parse the `--reserved-memory` flag straight forward
to the []kubeletconfig.MemoryReservation variable instead of parsing
it to the middle map representation.

It gives us possibility to get rid of a lot of unneeded code and use the single
presentation for the reserved-memory.

Signed-off-by: Artyom Lukianov <alukiano@redhat.com>
2021-02-09 01:10:01 +02:00
Hanlin Shi
4cd1eacbc1 Add rule to allow healthcheck nodeport traffic in filter table
1. For iptables mode, add KUBE-NODEPORTS chain in filter table. Add
   rules to allow healthcheck node port traffic.
2. For ipvs mode, add KUBE-NODE-PORT chain in filter table. Add
   KUBE-HEALTH-CHECK-NODE-PORT ipset to allow traffic to healthcheck
   node port.
2021-02-03 15:20:10 +00:00
Kubernetes Prow Robot
10744811f5 Merge pull request #95701 from masap/ipset2
ipset: Address a TODO, add test for netmask
2020-12-08 23:34:50 -08:00
Kubernetes Prow Robot
f8c589e745 Merge pull request #96975 from wangkai1994/master
Fix typo in conntrack.go
2020-12-08 21:05:34 -08:00
Kai
03cc04e108 Update conntrack.go 2020-12-01 14:21:47 +08:00
Tim Hockin
f63ca48a1f Clean up comments around old topology labels 2020-11-12 11:21:38 -08:00
Kubernetes Prow Robot
38f5dc8e7b Merge pull request #96248 from qingsenLi/201105-IPVSProxyMode
Remove Const IPVSProxyMode
2020-11-10 13:41:28 -08:00
Tim Hockin
819ff9b087 Use topology labels instead of old beta names (#96033)
* Rename const for topology.../zone

* Rename const for topology.../region

* Rename const for failure-domain.../zone

* Rename const for failure-domain.../region

* Restore old names for compat
2020-11-05 20:26:50 -08:00
10177505
2cc888d474 Remove Const IPVSProxyMode 2020-11-05 16:17:18 +08:00
Kubernetes Prow Robot
f3fbd17bc8 Merge pull request #95697 from masap/ipset1
ipset: Address a TODO, add test for TestEntry() with IPv6 address
2020-11-04 20:47:05 -08:00
Masashi Honma
c6d2808ad6 ipset: Address a TODO, add test for TestEntry() with IPv6 address
This TODO was introduced by
commit 45ad69765e "wrapper ipset util".

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2020-10-22 08:20:24 +09:00
Masashi Honma
4d30435f24 ipset: Address a TODO, add test for netmask
This PR removes a TODO comment by adding some netmask tests. The TODO comment
introduced by commit e768924a62 "validate entry in ipset".

// TODO: CIDR /32 may not be valid

The comment says that 32 is invalid netmask, but in reality values ​​from 0 to
32 are valid because the result of the Linux ipset command says so.

$ sudo ipset create foo hash:ip,port,net
$ sudo ipset add foo 10.20.30.40,53,192.168.3.1/33
ipset v7.5: Syntax error: '33' is out of range 0-32
$ sudo ipset --version
ipset v7.5, protocol version: 7

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2020-10-19 20:22:02 +09:00
Antonio Ojea
e3c1777f7d conntrack log delete operations 2020-10-19 10:01:58 +02:00
Dan Winship
971477d9b5 kubelet: Set dual-stack hostNetwork pod IPs on dual-stack nodes
Add nodeutil.GetNodeHostIPs to return dual-stack node IPs (in
dual-stack clusters), and make kubelet use it.
2020-10-07 17:26:04 -04:00
Dan Winship
0b43753be7 utilnode: fix incorrect documentation about node name vs hostname
(The behavior is unchanged; the function always took a node name
rather than a hostname. Now it just documents that correctly.)
2020-10-07 17:25:56 -04:00
Srini Brahmaroutu
fbe5daed73 Change code to use staging/k8s.io/mount-utils 2020-09-16 21:51:24 -07:00
knight42
ce0a423ef7 test(iptables): deflake TestRestoreAllWaitOldIptablesRestore
Signed-off-by: knight42 <anonymousknight96@gmail.com>
2020-09-12 22:43:44 +08:00
knight42
b25af8e3c9 feat(iptables): be able to override iptables-1.4-compatible lock path 2020-09-12 22:43:43 +08:00
knight42
f6f0f7922a test(iptables): deflake TestRestoreAllGrabOldLock
Signed-off-by: knight42 <anonymousknight96@gmail.com>
2020-09-05 01:07:46 +08:00
Luigi Bitonti
19793bd3fa Update k8s.io/utils dependency and use ebtables from there 2020-07-30 08:58:21 +01:00
Jordan Liggitt
f33dc28094 generated: hack/update-hack-tools.sh && hack/update-vendor.sh 2020-07-25 16:45:02 -04:00
Antonio Ojea
924553b7ee iptables don't do reverse DNS lookups
the iptables monitor was using iptables -L to list the chains,
without the -n option, so it was trying to do reverse DNS lookups.
A side effect is that it was holding the lock, so other components
could not use it.
We can use -S instead of -L -n to avoid this, since we only want
to check the chain exists.
2020-07-08 18:39:22 +02:00
Kubernetes Prow Robot
94e1c54735 Merge pull request #92655 from BenTheElder/cleanup-some-owners
Cleanup some owners
2020-07-01 23:14:08 -07:00
Benjamin Elder
2abc8afece eparis to emeritus 2020-06-30 09:50:44 -07:00
Kubernetes Prow Robot
a5b0e44196 Merge pull request #92440 from luigibk/ebtables-broutetable-and-deleterule
Add ebtables rule delete function + broute table + brouting chain
2020-06-29 18:34:26 -07:00
Benjamin Elder
d1ec9b3f9c fix pkg/util/coverage staticcheck 2020-06-23 18:30:32 -07:00
Luigi Bitonti
51f788c6dc Add ebtables rule delete function + broute table + brouting chain 2020-06-22 09:07:29 +01:00
Kubernetes Prow Robot
ef198ec7ca Merge pull request #90316 from tangcong/fix-ipvs-staticheck-err
fix ipvs staticcheck error
2020-05-19 20:34:32 -07:00
Kubernetes Prow Robot
b170451caa Merge pull request #90183 from dims/update-kubernetes-to-klog-v2
Update kubernetes to klog v2
2020-05-16 18:59:51 -07:00
Kubernetes Prow Robot
9769e0f5da Merge pull request #90008 from gavinfish/scheduler-utilparsers
Scheduler: remove direct import to /pkg/util/parsers
2020-05-16 07:35:49 -07:00
Davanum Srinivas
07d88617e5 Run hack/update-vendor.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd switch over k/k to use klog v2
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2020-05-16 07:54:27 -04:00
cici37
7f4d19167e Move pkg/util/configz to k8s.io/component-base 2020-04-29 12:17:25 -07:00
drfish
0b715ea690 Scheduler: remove direct import to /pkg/util/parsers 2020-04-26 23:41:52 +08:00
Kubernetes Prow Robot
15ed3b36d1 Merge pull request #90235 from cici37/addflag
Remove CCM dependency pkg/util/flag
2020-04-22 19:22:14 -07:00
Kubernetes Prow Robot
d2dcd6c399 Merge pull request #89896 from carlosedp/fix-89597
Add error messages to IPVS module
2020-04-22 17:02:41 -07:00
Carlos de Paula
b3d84fac52 Add error messages to IPVS module
Signed-off-by: Carlos de Paula <me@carlosedp.com>
2020-04-22 15:21:15 -03:00
cici37
15c844031f Remove CCM dependency pkg/util/flag 2020-04-22 10:06:11 -07:00
Jie Shen
363bb39142 Use utils.net to parse ports instead of atoi (#89120) 2020-04-21 20:55:52 -07:00
tangcong
764b902d72 fix ipvs staticcheck error 2020-04-21 07:25:28 +08:00
Steve Azzopardi
4936cd476b Fix golint issues for pkg/util/rlimit
pkg/util/rlimit/rlimit_linux.go:25:1: exported function RlimitNumFiles should have comment or be unexported
pkg/util/rlimit/rlimit_linux.go:25:6: func name will be used as rlimit.RlimitNumFiles by other packages, and that stutters; consider calling this NumFiles
pkg/util/rlimit/rlimit_unsupported.go:25:1: exported function RlimitNumFiles should have comment or be unexported
pkg/util/rlimit/rlimit_unsupported.go:25:6: func name will be used as rlimit.RlimitNumFiles by other packages, and that stutters; consider calling this NumFiles

Ref: https://github.com/kubernetes/kubernetes/issues/68026
2020-04-14 21:00:41 +02:00
Tim Hockin
9551ecb7c3 Cleanup: Change "Ip" to "IP" in func and var names 2020-04-10 15:29:50 -07:00
Tim Hockin
efb24d44c6 Rename iptables IsIpv6 to IsIPv6 2020-04-10 15:29:50 -07:00
Tim Hockin
ef934a2c5e Add Protocol() method to iptables
Enables simpler printing of which IP family the iptables interface is
managing.
2020-04-10 15:29:49 -07:00
Kubernetes Prow Robot
ad4bd386eb Merge pull request #86752 from SataQiu/fix-kubelet-20191231
Add error handler for rlimit.RlimitNumFiles
2020-04-01 22:14:38 -07:00
Kubernetes Prow Robot
c2ae0bd763 Merge pull request #74073 from Nordix/issue-70020
Issue #70020; Flush Conntrack entities for SCTP
2020-04-01 22:14:24 -07:00
Ricardo Pchevuzinske Katz
5c48f209a5 Update ipvs library to the new repo and upgrade library version 2020-03-26 11:20:01 -03:00
Lars Ekman
aa8521df66 Issue #70020; Flush Conntrack entities for SCTP
Signed-off-by: Lars Ekman <lars.g.ekman@est.tech>
2020-03-11 09:56:54 +01:00
Kubernetes Prow Robot
e4e3d72f1c Merge pull request #83572 from chendotjs/tc-fix
bandwidth: use regexp to handle tc output and add IPv6 support
2020-03-04 13:18:38 -08:00
chenyaqi01
ef5c920325 bandwidth: use regexp to handle tc output
fix newly-added 'chain N' output from 'tc filter show dev XXX'
2020-03-03 20:07:11 +08:00