github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
103,376 Commits 1 Branch 31 Tags 1,019 MiB
d13c920606
Commit Graph

1549 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
a402f1753c
Merge pull request #104756 from tnqn/ipvs-sctp-masquerade 
Fix client IP preservation for NodePort service with protocol SCTP
 2021-09-09 15:34:56 -07:00
Quan Tian
9ee3ae748b Fix client IP preservation for NodePort service with protocol SCTP 
The iptables rule that matches kubeNodePortLocalSetSCTP must be inserted
before the one matches kubeNodePortSetSCTP, otherwise all SCTP traffic
would be masqueraded regardless of whether its ExternalTrafficPolicy is
Local or not.

To cover the case in tests, the patch adds rule order validation to
checkIptables.
 2021-09-06 18:54:35 +08:00
Kubernetes Prow Robot
d3621ae008
Merge pull request #101303 from wangyx1992/capatial-log-proxy 
cleanup: fix errors in wrapped format and log capitalization in proxy
 2021-09-03 10:01:50 -07:00
Kubernetes Prow Robot
571a3f6f2f
Merge pull request #103896 from july2993/read 
Remove wrong comment
 2021-09-02 21:27:49 -07:00
Stephen Augustus
481cf6fbe7
generated: Run hack/update-gofmt.sh 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
 2021-08-24 15:47:49 -04:00
Antonio Ojea
0cd75e8fec run hack/update-netparse-cve.sh 2021-08-20 10:42:09 +02:00
Lars Ekman
25453708ea Remove pkg/utils/slice from kube-proxy 2021-08-19 06:48:27 +02:00
Kubernetes Prow Robot
a779c58b16
Merge pull request #104330 from liggitt/defaulter-package 
Change defaulter-gen input to package import path
 2021-08-17 11:42:18 -07:00
Kubernetes Prow Robot
cbb5ea8210
Merge pull request #101399 from wangyx1992/error-punctuation 
cleanup: fix errors ending with punctuation in proxy
 2021-08-16 00:51:46 -07:00
Jordan Liggitt
87a4e082ac Change defaulter-gen input to package path 2021-08-14 11:00:18 -04:00
Antonio Ojea
a2a22903bc delete stale UDP conntrack entries for loadbalancer IPs 2021-07-29 17:35:07 +02:00
Jiahao Huang
ee1bec1e6a Remove wrong comment 
It does not assume proxier.mu is held because it locks it at the first
line.
 2021-07-25 14:19:11 +08:00
Kubernetes Prow Robot
76b0906136
Merge pull request #101047 from jsturtevant/issue-100966-dualstack-windows 
[sig-windows] update winkernel to only use dualstack if the node and config supports it
 2021-07-15 20:30:09 -07:00
James Sturtevant
d5d9327351 Only use dualstack if the node and config supports it 2021-07-08 11:39:20 -07:00
Lars Ekman
b6b3a69284 Don't set sysctl net.ipv4.vs.conn_reuse_mode for kernels >=5.9 2021-07-08 09:41:12 +02:00
Kubernetes Prow Robot
8fb777efb0
Merge pull request #103451 from swetharepakula/ga-proxy-gates 
Graduate EndpointSliceProxying and WindowsEndpointSliceProxying Gates
 2021-07-07 18:09:13 -07:00
Swetha Repakula
0a42f7b989 Graduate EndpointSliceProxying and WindowsEndpointSliceProxying Gates 2021-07-07 13:33:30 -07:00
Akihiro Suda
192790c52f
kube-proxy: allow running in userns 
Ignore an error during setting RLIMIT_NOFILE.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-07-07 14:23:31 +09:00
Andrew Sy Kim
28f3f36505
Promote the ServiceInternalTrafficPolicy field to Beta and on by default (#103462) 
* pkg/features: promote the ServiceInternalTrafficPolicy field to Beta and on by default

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/api/service/testing: update Service test fixture functions to set internalTrafficPolicy=Cluster by default

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/apis/core/validation: add more Service validation tests for internalTrafficPolicy

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service/storage: fix failing Service REST storage tests to use internalTrafficPolicy: Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service/storage: add two test cases for Service REST TestServiceRegistryInternalTrafficPolicyClusterThenLocal and TestServiceRegistryInternalTrafficPolicyLocalThenCluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/registry/core/service: update strategy unit tests to expect default
internalTrafficPolicy=Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/proxy/ipvs: fix unit test Test_EndpointSliceReadyAndTerminatingLocal to use internalTrafficPolicy=Cluster

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/apis/core: update fuzzers to set Service internalTrafficPolicy field

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

* pkg/api/service/testing: refactor Service test fixtures to use Tweak funcs

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-07-06 06:16:30 -07:00
Kubernetes Prow Robot
96dff7d0c7
Merge pull request #102832 from Yuan-Junliang/migrateProxyEventAPI 
Migrate kube-proxy event to use v1 Event API
 2021-07-05 17:44:17 -07:00
Kubernetes Prow Robot
7cd40e1885
Merge pull request #103116 from chenyw1990/reducekubeproxycpu 
reduce cpu usage of kube-proxy with iptables mode
 2021-07-05 15:13:38 -07:00
chenyw1990
1f24a198e7 reduce cpu usage of kube-proxy with iptables mode 2021-07-05 16:08:19 +08:00
Swetha Repakula
03b7a699c2 Kubeproxy uses V1 EndpointSlice 2021-06-30 18:41:57 -07:00
Kubernetes Prow Robot
1151dc1ee5
Merge pull request #103138 from sbangari/winDsrLoadBalancerServiceFix 
Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default
 2021-06-28 23:26:51 -07:00
Kubernetes Prow Robot
db3a216fbb
Merge pull request #97238 from andrewsykim/kube-proxy-handle-terminating 
kube-proxy handle terminating endpoints
 2021-06-28 20:46:40 -07:00
wangyx1992
c85e567a3d cleanup: fix errors in wrapped format and log capitalization in proxy 
Signed-off-by: wangyx1992 <wang.yixiang@zte.com.cn>
 2021-06-28 04:39:15 +08:00
Sravanth Bangari
23ce7977b7 Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default 2021-06-23 23:09:46 -07:00
jay vyas
dd5f67d23c Kube proxy for windows userspace, remove dns Mangling 2021-06-15 18:46:48 -04:00
Yuan-Junliang
2e06066bab Migrate kube-proxy to use v1 Event API 2021-06-13 18:57:52 +08:00
Jian Zeng
9109d928cd
test(proxy::config): deflake TestInitialSync 
Signed-off-by: Jian Zeng <zengjian.zj@bytedance.com>
 2021-06-11 23:00:45 +08:00
Kubernetes Prow Robot
e692207857
Merge pull request #102555 from wzshiming/fix/close-modules-file 
Close the used modules file
 2021-06-09 14:55:26 -07:00
Andrew Sy Kim
1010e6a9d9 proxier/ipvs: fix test cases where ready endpoints were not used 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 20:14:00 -04:00
Andrew Sy Kim
8eb7e81bc9 proxy/ipvs: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
ed4fe07375 proxy/iptables: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
14cc201b58 proxy: add test case in TestGetLocalEndpointIPs for when all endpoints are terminating 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
3e459997c8 proxy/ipvs: add a unit tests for when the ProxyTerminatingEndpoint feature gate is disabled 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
68ebd16a2c proxier/iptables: refactor terminating endpoints unit tests with test table and test for feature gate 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
f92265f654 proxier/ipvs: check feature gate ProxyTerminatingEndpoints 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
8c514cb232 proxier/iptables: check feature gate ProxyTerminatingEndpoints 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
cf9ccf5a8e proxier/ipvs: unit tests should specify Service ports 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
d82d851d89 proxier/iptables: include Service port in unit tests 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
4c8b190372 proxier/iptables: reuse the same variable for endpointchains for better memory consumption 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
55881093d8 proxier/ipvs: add ipvs unit tests for falling back to terminating 
endpoints

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:17:43 -04:00
Andrew Sy Kim
9d4e24aa32 proxier/ipvs: fall back to ready terminating if no ready endpoint exists 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:15:40 -04:00
Andrew Sy Kim
b54c0568d8 proxier/iptables: add unit tests for falling back to terminating endpoints 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:15:40 -04:00
Andrew Sy Kim
732635fd4b proxier/iptables: fallback to terminating endpoints if there are no ready endpoints 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:15:40 -04:00
Andrew Sy Kim
be92fc83e2 proxier: simplify toplogy FilterLocalEndpoint function 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-04 15:15:40 -04:00
Andrew Sy Kim
d96af5f276 kube-proxy: remove ServiceTopology implementation 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2021-06-03 22:17:46 -04:00
Shiming Zhang
506fabc9ab Close the used modules file 2021-06-03 15:50:21 +08:00
Kubernetes Prow Robot
61db6e05f1
Merge pull request #100558 from yangjunmyfm192085/run-test31 
Optimize the structured Logging migration.
 2021-06-01 20:54:37 -07:00