github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
84,544 Commits 1 Branch 31 Tags
d410bd28c371fbb8c9b07feb8c4bc1fef018173f
Commit Graph

79 Commits

Author SHA1 Message Date
Bob Killen
2e52875917 Prune inactive owners from pkg/kubelet/* network related OWNERS files. 2019-10-13 08:51:00 -04:00
SataQiu
77f42c8108 eliminate direct references to prometheus 2019-10-04 21:33:34 +08:00
Kubernetes Prow Robot
605687dec7 Merge pull request #71653 from liucimin/update_kubelet_cni_lib 
No timeout when Kubelet Calling cni plugin
 2019-09-19 18:00:59 -07:00
liucimin
ddb1c6a127 fix cni timeout 2019-09-19 22:56:03 +08:00
Kubernetes Prow Robot
4097a99fd7 Merge pull request #82800 from Random-Liu/fix-routes 
Only set ipv4/ipv6 routes when there is corresponding CIDR.
 2019-09-18 19:14:59 -07:00
Kubernetes Prow Robot
cfa3e2c499 Merge pull request #82508 from aanm/fix-get-pod-ip-panic 
dockershim/network: fix panic for cni plugins in IPv4/IPv6 dual-stack mode
 2019-09-17 19:43:32 -07:00
Lantao Liu
032c97daee Only set ipv4/ipv6 routes when there is corresponding CIDR. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-09-17 11:05:17 -07:00
Dan Winship
3948f16ff4 Add iptables.Monitor, use it from kubelet and kube-proxy 
Kubelet and kube-proxy both had loops to ensure that their iptables
rules didn't get deleted, by repeatedly recreating them. But on
systems with lots of iptables rules (ie, thousands of services), this
can be very slow (and thus might end up holding the iptables lock for
several seconds, blocking other operations, etc).

The specific threat that they need to worry about is
firewall-management commands that flush *all* dynamic iptables rules.
So add a new iptables.Monitor() function that handles this by creating
iptables-flush canaries and only triggering a full rule reload after
noticing that someone has deleted those chains.
 2019-09-17 10:19:26 -04:00
Dan Winship
b6c3d5416a Drop iptables firewalld monitoring support 
The firewalld monitoring code was not well tested (and not easily
testable), would never be triggered on most platforms, and was only
being taken advantage of from one place (kube-proxy), which didn't
need it anyway since it already has its own resync loop.

Since the firewalld monitoring was the only consumer of pkg/util/dbus,
we can also now delete that.
 2019-09-15 15:35:40 -04:00
André Martins
a5365d5be1 dockershim/network: fix panic for cni plugins in IPv4/IPv6 dual-stack mode 
```
 k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni.(*cniNetworkPlugin).GetPodNetworkStatus(0xc000a04370, 0xc000b89a62, 0xb, 0xc000b89a49, 0x18, 0x42edffb, 0x6, 0xc000cfa340, 0x40, 0xc000ced7d0, ...)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/cni_others.go:78 +0x420
 k8s.io/kubernetes/pkg/kubelet/dockershim/network.(*PluginManager).GetPodNetworkStatus(0xc000a51880, 0xc000b89a62, 0xb, 0xc000b89a49, 0x18, 0x42edffb, 0x6, 0xc000cfa340, 0x40, 0x0, ...)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/kubelet/dockershim/network/plugins.go:391 +0x1f9
 k8s.io/kubernetes/pkg/kubelet/dockershim.(*dockerService).getIPsFromPlugin(0xc00029b600, 0xc000c25cb0, 0x40, 0x78c0000, 0x7982100, 0x0, 0x0)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go:335 +0x1c3
 k8s.io/kubernetes/pkg/kubelet/dockershim.(*dockerService).getIPs(0xc00029b600, 0xc000b66cc0, 0x40, 0xc000c25cb0, 0x30bd171a, 0xed508364b, 0x0)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go:373 +0xe3
 k8s.io/kubernetes/pkg/kubelet/dockershim.(*dockerService).PodSandboxStatus(0xc00029b600, 0x4ad8b20, 0xc000c25c80, 0xc000cde1c0, 0xc00029b600, 0xc000c25c80, 0xc0005f5bd0)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go:439 +0x133
 k8s.io/kubernetes/vendor/k8s.io/cri-api/pkg/apis/runtime/v1alpha2._RuntimeService_PodSandboxStatus_Handler(0x42c4e00, 0xc00029b600, 0x4ad8b20, 0xc000c25c80, 0xc000c126c0, 0x0, 0x4ad8b20, 0xc000c25c80, 0xc000cb2d20, 0x42)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/k8s.io/cri-api/pkg/apis/runtime/v1alpha2/api.pb.go:7663 +0x23e
 k8s.io/kubernetes/vendor/google.golang.org/grpc.(*Server).processUnaryRPC(0xc000a4f760, 0x4b45280, 0xc000b02d80, 0xc000847c00, 0xc000a61b00, 0x78c97c0, 0x0, 0x0, 0x0)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/google.golang.org/grpc/server.go:995 +0x466
 k8s.io/kubernetes/vendor/google.golang.org/grpc.(*Server).handleStream(0xc000a4f760, 0x4b45280, 0xc000b02d80, 0xc000847c00, 0x0)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/google.golang.org/grpc/server.go:1275 +0xda6
 k8s.io/kubernetes/vendor/google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc000a8e9c0, 0xc000a4f760, 0x4b45280, 0xc000b02d80, 0xc000847c00)
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/google.golang.org/grpc/server.go:710 +0x9f
 created by k8s.io/kubernetes/vendor/google.golang.org/grpc.(*Server).serveStreams.func1
         /workspace/anago-v1.16.0-beta.1.787+48ca054daba9e6/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/google.golang.org/grpc/server.go:708 +0xa1
```

Fixes: dba434c4ba ("kubenet for ipv6 dualstack")
Signed-off-by: André Martins <aanm90@gmail.com>
 2019-09-10 21:06:19 +02:00
Bruce Ma
f9169d29cb skip recording inputs & outputs in fake script plugin when CNI_COMMAND=VERSION 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-09-04 22:50:13 +08:00
Mike Spreitzer
d86d1defa1 Made IPVS and iptables modes of kube-proxy fully randomize masquerading if possible 
Work around Linux kernel bug that sometimes causes multiple flows to
get mapped to the same IP:PORT and consequently some suffer packet
drops.

Also made the same update in kubelet.

Also added cross-pointers between the two bodies of code, in comments.

Some day we should eliminate the duplicate code.  But today is not
that day.
 2019-09-01 22:07:30 -04:00
Han Kang
3a50917795 migrate kubelet's metrics/probes & metrics endpoint to metrics stability framework 2019-08-28 11:16:38 -07:00
Bruce Ma
ec342ec98f delete lo network when TearDownPod to avoid CNI cache leak 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-08-27 19:26:23 +08:00
Kubernetes Prow Robot
a3488b4cee Merge pull request #81206 from tallclair/staticcheck-kubelet-push 
Cleanup Kubelet static analysis issues
 2019-08-22 15:09:43 -07:00
Kubernetes Prow Robot
37651f1cef Merge pull request #80368 from danwinship/iptables-checks 
iptables feature detection improvements
 2019-08-22 13:31:20 -07:00
Tim Allclair
a2c51674cf Cleanup more static check issues (S1*,ST*) 2019-08-21 10:40:21 -07:00
Tim Allclair
8a495cb5e4 Clean up error messages (ST1005) 2019-08-21 10:40:21 -07:00
Tim Allclair
6510d26b6a Fix misc static check issues 2019-08-21 10:40:21 -07:00
Tim Allclair
3f510c69f6 Remove dead code from pkg/kubelet/... 2019-08-21 10:40:21 -07:00
Kubernetes Prow Robot
29c87cbfff Merge pull request #80482 from mars1024/bugfix/cni_validation 
add CNI config validation to getDefaultCNINetwork
 2019-08-19 10:11:31 -07:00
Bruce Ma
9903cb3ad3 add validation for CNI config before loading and fix some typo 
1. add validation for CNI config before loading
2. make some CNI capabilities constants
3. add Capabilities field to cniNetwork struct

Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-08-09 21:22:23 +08:00
Dan Winship
81cd27a51e iptables: simplify version handling 2019-08-01 12:05:31 -04:00
Dan Winship
bf077b19d4 hostport: Don't masquerade localhost-to-localhost traffic 2019-07-25 13:34:14 -04:00
fanhao01
24a95a6c3e Fix golint failure in pkg/kubelet/dockershim/network/cni 2019-07-03 12:57:24 +08:00
Khaled Henidak(Kal)
dba434c4ba kubenet for ipv6 dualstack 2019-07-02 22:26:25 +00:00
Dan Williams
8739ade3fa kubelet: add CNI cache dir option and plumb through to CNI and kubenet 
libcni 0.7.0 caches ADD operation results and allows the runtime to
retrieve these from the cache. In case the user wants a different
cache directory than the defaul, plumb that through like we do
for --cni-bin-dir and --cni-conf-dir.
 2019-07-01 12:14:07 -05:00
Alexey Perevalov
a2ea2996f3 move to libcni 0.7.0 
Previous commit "Use ip address from CNI output" introduces
ability to run pod which can havn't eth0. But also it
add problem: after kubelet restart, if we have already started
pod w/o eth0, kubelet can't find proper interface (it's
normal for vhostuser type of cni plugin when eth0 doesn't exist)
and kubelet restarts "broken" pod.
Fix of this issue requeres new feature of libcni - caching
results.

Looks like new libcni requires cniVersion in CNI output.
This patch specifies version both for CNI conf and CNI output.

Signed-off-by: Alexey Perevalov <a.perevalov@samsung.com>
 2019-07-01 12:14:06 -05:00
Kubernetes Prow Robot
37281a400d Merge pull request #76442 from viegasdom/fix-golint-utils-bandwith 
Fix golint failures of util/bandwith/*.go
 2019-05-15 22:56:08 -07:00
Kubernetes Prow Robot
f4937619a2 Merge pull request #75442 from mars1024/bugfix/bandwidth_unit 
change bandwidth units from Kb to b
 2019-04-25 13:36:54 -07:00
Kubernetes Prow Robot
1192ca09f0 Merge pull request #76634 from xichengliudui/addConsts 
Using const() defines constants together
 2019-04-18 01:50:10 -07:00
viegasdom
9d3d7a7b51 Changes another usage of the BandwidthShaper to Shaper 2019-04-12 17:24:57 +01:00
viegasdom
80578d5bf1 Changes code that still used BandWidthShaper instead of Shaper 2019-04-11 18:50:32 +01:00
aaa
bad985dc3a Using const() defines constants together 2019-04-10 17:41:29 -04:00
aaa
49a2b1fd8f Small bug: Comments and function names do not match 
add a function
 2019-04-10 17:37:24 -04:00
Davanum Srinivas
33081c1f07 New staging repository for cri-api 
Change-Id: I2160b0b0ec4b9870a2d4452b428e395bbe12afbb
 2019-03-26 18:21:04 -04:00
Bruce Ma
183247ca5c change bandwidth units from Kb to b 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-03-18 21:22:34 +08:00
Kubernetes Prow Robot
9b8c58644a Merge pull request #74418 from danielqsj/duration 
convert latency/latencies in metrics name to duration
 2019-03-01 17:58:12 -08:00
danielqsj
f7b437cae0 convert latency in mertics name to duration 2019-02-22 21:40:13 +08:00
chenjun.cj
4fe13c2a99 sync CNI config in goroutine 2019-02-22 16:26:49 +08:00
Kubernetes Prow Robot
0480214903 Merge pull request #73804 from Random-Liu/remove-unused-functions 
Remove unused function from the legacy runtime interface.
 2019-02-11 22:56:00 -08:00
Kubernetes Prow Robot
5b7a790d35 Merge pull request #72185 from dcbw/owners-label-sig-network 
OWNERS: add label:sig/network to a bunch of places
 2019-02-08 10:36:16 -08:00
Kubernetes Prow Robot
b50c643be0 Merge pull request #73540 from rlenferink/patch-5 
Updated OWNERS files to include link to docs
 2019-02-08 09:05:56 -08:00
Lantao Liu
1a92e218e0 Remove unused function from the legacy runtime interface. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-07 16:57:19 -08:00
Kubernetes Prow Robot
ae45068688 Merge pull request #72323 from danielqsj/dockershim 
Change docker metrics to conform metrics guidelines
 2019-02-06 09:30:54 -08:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Ashish Ranjan
7be223e798 Refactor to use k8s.io/utils/net/ package instead of kubernetes/pkg/util/net/sets 
Signed-off-by: Ashish Ranjan <ashishranjan738@gmail.com>
 2019-02-04 10:34:53 +05:30
danielqsj
7aef2efe5b Mark deprecated in related dockershim metrics 2019-01-08 15:24:44 +08:00
danielqsj
65aec219c8 Move docker metrics to histogram metrics 2018-12-26 16:00:38 +08:00
danielqsj
94d1050303 Change docker metrics to conform guideline 2018-12-26 15:58:04 +08:00