github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
32,351 Commits 1 Branch 31 Tags 1,019 MiB
d6e23b984c
Commit Graph

301 Commits

Author SHA1 Message Date
Tim Hockin
970c045848 Enable iptables kube-proxy by default in master 2015-11-13 18:38:01 -08:00
k8s-merge-robot
36bae67910 Merge pull request #16548 from ArtfulCoder/kube-proxy-mem-use 
Auto commit by PR queue bot
 2015-10-30 06:23:14 -07:00
Abhishek Shah
5367a32ee9 Read Iptables-save output in a more-memory-efficient way 2015-10-29 15:30:00 -07:00
Avesh Agarwal
e1837185de Improves iptables cleanup for pure iptables based proxier. 2015-10-27 13:08:16 -04:00
Wojciech Tyczynski
d47e21f19f Reuse TCP connections in Reflector between resync periods. 2015-10-26 19:35:25 +01:00
Saad Ali
06113d3b87 Merge pull request #16137 from ArtfulCoder/externalIPFix 
release NodePort correctly
 2015-10-23 12:03:38 -07:00
Abhishek Shah
7c64802f48 release NodePort correctly 2015-10-22 16:36:52 -07:00
Abhishek Shah
d172ca6986 Added UdpIdleTimeout flag 2015-10-21 17:25:35 -07:00
k8s-merge-robot
18ad5f8cdf Merge pull request #15745 from ArtfulCoder/reduceTimeout 
Auto commit by PR queue bot
 2015-10-19 13:02:17 -07:00
k8s-merge-robot
75c977d200 Merge pull request #15596 from zhengguoyong/alias_util_errors_packagename 
Auto commit by PR queue bot
 2015-10-19 02:35:37 -07:00
Jordan Liggitt
55cd3f1030 Platform-specific setRLimit implementations 2015-10-18 21:26:39 -04:00
eulerzgy
f8f9afb874 alias local packagename for pkg/util/errors 2015-10-18 09:37:46 +08:00
Abhishek Shah
de214829f6 Update endpoint dialTimeouts to reasonable values 2015-10-16 14:57:43 -07:00
derekwaynecarr
970c369f31 Kubelet sets kernel overcommit_memory flag 2015-10-06 14:28:46 -04:00
Alex Robinson
b1461be2e4 Merge pull request #14982 from Huawei-PaaS/fixed_typos_for_proxy 
Fixed some typos for pkg/proxy
 2015-10-05 11:40:03 -07:00
Alex Robinson
c1012d8c93 Merge pull request #14882 from ArtfulCoder/logformat 
fixed log format
 2015-10-05 10:50:30 -07:00
qiaolei
718d7df276 Fixed some typos 2015-10-03 00:33:35 +08:00
k8s-merge-robot
fb4882620f Merge pull request #14611 from MikaelCluseau/wip-optional-sysctl 
Auto commit by PR queue bot
 2015-10-01 00:28:38 -07:00
Abhishek Shah
6278b5f648 fixed log format 2015-09-30 16:29:32 -07:00
Mikaël Cluseau
4bf0ef8ce2 setSysctl for bridge-nf-call-iptables should fail with a warning 2015-09-26 17:11:33 +11:00
Tim Hockin
3c36439665 Don't log every connection by default 2015-09-25 14:02:24 -07:00
Tim Hockin
7509bf6318 Set UDP timeout to 1/4 second 2015-09-25 14:02:24 -07:00
Abhishek Shah
6945cb050c Set rlimit for openfile handles to 64k 2015-09-18 10:53:55 -07:00
Daniel Martí
586cb9126a Move pkg/util.Time to pkg/api/unversioned.Time 
Along with our time.Duration wrapper, as suggested by @lavalamp.
 2015-09-17 17:51:27 -07:00
k8s-merge-robot
bf990acefa Merge pull request #13988 from thockin/kube-proxy-startup-clobber 
Auto commit by PR queue bot
 2015-09-17 01:29:35 -07:00
Alex Mohr
2cf207ec60 Merge pull request #13992 from aveshagarwal/userspace-proxy-typo 
Fixes error message.
 2015-09-16 21:49:19 -07:00
Tim Hockin
84a9b0a37a Fix bug in iptables proxy that clobbered endpoints 
There is a race at startup where the two watch operations might clobber state
if the initial message comes in the wrong order.
 2015-09-15 13:07:33 -07:00
Avesh Agarwal
a84e49aaab Fixes error message. 2015-09-15 14:37:56 -04:00
Dan Winship
30ea22f40e Make kube-proxy resync its rules on firewalld restart 2015-09-15 11:17:40 -04:00
Dan Winship
8bc9c40796 Watch for firewalld restart, to allow reloading iptables rules 2015-09-15 11:17:40 -04:00
Daniel Smith
b225c1d47a Run gofmt (separate commit for easy rebases) 2015-09-10 17:17:59 -07:00
Daniel Smith
15b30b8b09 Move version agnostic parts of client 
pkg/client/unversioned/cache -> pkg/client/cache
pkg/client/unversioned/record -> pkg/client/record
 2015-09-10 17:17:59 -07:00
Daniel Smith
9fc8a79e37 Revert "Revert "Don't take the proxy mutex in the traffic path"" 2015-09-01 16:40:11 -07:00
Daniel Smith
46ae7e87c7 Increase timeout to fix flaky tests 2015-09-01 16:08:13 -07:00
Daniel Smith
a20d7ca481 Revert "Don't take the proxy mutex in the traffic path" 2015-09-01 13:33:05 -07:00
k8s-merge-robot
3d51f524b5 Merge pull request #13386 from danwinship/iptables-w 
Auto commit by PR queue bot
 2015-09-01 13:07:57 -07:00
Tim Hockin
f0a9badd2d Don't take the proxy mutex in the traffic path 
This should make throughput better on the userspace proxier.

Fixes #11977
 2015-08-31 17:01:52 -07:00
Dan Winship
a41e422600 Drop the "v" from GetIptablesVersionString() output 
Neither of its callers wants it
 2015-08-31 09:54:57 -04:00
Tim Hockin
8e503f3814 Hold node ports in iptables proxier 2015-08-24 16:35:05 -07:00
Tim Hockin
5087ae6c93 Hold node-ports for publicIPs for local IPs 2015-08-24 16:32:44 -07:00
Tim Hockin
f5a9281a26 Actually hold NodePorts open in kube-proxy 2015-08-24 16:32:44 -07:00
Nikhil Jindal
9a7f871d17 Merge pull request #12896 from thockin/proxy-nodeports 
Tail-call nodeports rules in iptables proxy
 2015-08-24 10:39:54 -07:00
Tim Hockin
16102c41df Tail-call nodeports rules in iptables proxy 2015-08-21 14:15:21 -07:00
BenTheElder
81ab51709a Add --cleanup-iptables flag to kube-proxy 
Adds a flag to cleanup iptables rules created by kube-proxy per
https://github.com/mesosphere/kubernetes-mesos/issues/353#issuecomment-1
27382832
 2015-08-21 14:44:11 -04:00
Jerzy Szczepkowski
3df1b9e151 Merge pull request #12986 from BenTheElder/masquerade_all_flag 
Add flag to masquerade all in kube-proxy when using iptables proxier
 2015-08-21 10:28:07 +02:00
BenTheElder
1f2076ce64 Add flag to masquerade all in kube-proxy when using iptables proxier 2015-08-20 20:12:32 -04:00
Abhishek Shah
b6b8e99393 External IPs support. 2015-08-20 16:10:01 -07:00
jiangyaoguo
5a95eb7326 Test UDP timeout 2015-08-19 21:50:43 +08:00
Kris Rousey
ae6c64d9bb Moving everyone to unversioned client 2015-08-18 10:23:03 -07:00
Tim Hockin
6f34be30a3 Limit float precision to 5 points 2015-08-17 20:57:44 -07:00
Tim Hockin
7e9c685ba6 Require same min iptables version as -C 2015-08-17 20:57:44 -07:00
Tim Hockin
3a5c23d727 test for and set bridge-nf-call-iptables sysctl 2015-08-17 20:57:44 -07:00
Tim Hockin
9cf33772b4 test for and set route_localnet sysctl 2015-08-17 20:52:06 -07:00
Tim Hockin
f1a48574a6 Clean up logging, make initial sync faster 2015-08-17 20:52:06 -07:00
Tim Hockin
d72892d0b0 Include protocol in the hash for chain names 2015-08-17 20:52:06 -07:00
Tim Hockin
731d5e5191 Clean up iptables rules, add nodeport support 2015-08-17 20:52:06 -07:00
Tim Hockin
d14c98f6cc Add nodepoprt chain and link it in, add unused MASQ rule 2015-08-17 20:52:06 -07:00
Robert Bailey
6fcdcec25d Merge pull request #12658 from sdminonne/bug_fix2 
to fix govet issue
 2015-08-17 10:58:10 -07:00
Tim Hockin
776132e1ae Make kube-proxy iptables sync period configurable 2015-08-13 09:53:32 -07:00
Salvatore Dario Minonne
48018c402c to fix govet issue 2015-08-13 17:26:43 +02:00
BenTheElder
8006a39cc3 Fix #12596 
Fix for https://github.com/kubernetes/kubernetes/issues/12596
Disconnect the pure-iptables proxy’s services chain when starting the
userspace proxy.
 2015-08-12 20:06:09 -04:00
BenTheElder
ae569e20b5 Partially Implement #3760 2015-08-12 02:39:15 -04:00
Piotr Szczesniak
1df0267f4a Merge pull request #12551 from eparis/underscore-to-dash 
Update code and docs to use - in flag names instead of _
 2015-08-12 07:16:31 +02:00
Kris Rousey
565189f5b8 Correcting all go vet errors 2015-08-11 13:55:37 -07:00
Eric Paris
5aa495cdad Update code to use - in flag names instead of _ 2015-08-11 16:31:52 -04:00
Alex Robinson
c5e221dca7 Merge pull request #12440 from BenTheElder/proxy_config_handler_refactor 
Refactor `pkg/proxy/config`'s ServiceConfigHandler and EndpointsConfigHandler.
 2015-08-10 09:44:38 -07:00
Veres Lajos
9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
BenTheElder
6bbf2aaab7 Refactor pkg/proxy/config's ServiceConfigHandler and EndpointsConfigHandler to have different update methods. 
Refactor `pkg/proxy/config`’s ServiceConfigHandler.OnUpdate and
EndpointsConfigHandler.OnUpdate to different method names as they have
different signatures.

This will let the new proxy
(https://github.com/GoogleCloudPlatform/kubernetes/issues/3760)
implement both interfaces.

Since we won’t need a separate loadbalancer structure (load balancing
is handled in the proxy rules), we will simply handle both event types
from the same object.
 2015-08-08 15:16:55 -04:00
BenTheElder
f6d257c0f3 fix missing import in roundrobin_test.go 2015-08-08 00:02:35 -04:00
BenTheElder
962a7b492b in pkg/proxy, merge proxy_provider.go and service_port_name.go to types.go 2015-08-07 21:10:34 -04:00
BenTheElder
1f6baa6549 Move userspace code to sub-package in proxy. 
Moves the userspace code in proxy to a sub-package and adds the
ProxyProvider interface.

This is in preparation for landing an implementation of
https://github.com/GoogleCloudPlatform/kubernetes/issues/3760, which
will mostly be in another sub package for iptables.
 2015-08-07 20:07:15 -04:00
BenTheElder
5867fca8bf Fix iptables Interface mocking, move Restore/RestoreAll to shared impl 
also put TODO for unit tests, move defer file deletion until after file
creation error is checked.
 2015-08-07 19:08:21 -04:00
Mike Danese
17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese
8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Abhishek Shah
4bbecea4e6 Changed udpIdleTimeout to 1 second from 10 seconds 2015-08-03 15:32:59 -07:00
jiangyaoguo
79ed954ec2 replace Reflector with client.cache.Reflector in kube-proxy 2015-06-29 11:21:50 +08:00
James DeFelice
4abcf7449c implementation of proxy port allocation 2015-06-02 12:28:25 +00:00
Tim Hockin
ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin
4318ca5a8b Rename 'portal IP' to 'cluster IP' most everywhere 
This covers obvious transforms, but not --portal_net, $PORTAL_NET and
similar.
 2015-05-28 16:10:44 -07:00
Tim Hockin
bd2314fa78 Fix session affinity in kube-proxy 2015-05-26 17:19:29 -07:00
BenTheElder
d223b795f3 Correct copyright in proxysocket.go 
I created this file earlier this year. It should say 2015 not 2014.
 2015-05-25 12:00:50 -04:00
Justin Santa Barbara
4b9b7ec2f9 Continue to support (deprecated) publicIPs 
Not doing so breaks e2e tests and people that may be using them,
even though we will eventually want to stop supporting this now
that we have better alternatives for typical use cases (NodePort)
 2015-05-23 16:37:27 -04:00
Justin Santa Barbara
7346cc8042 Add ServiceType = NodePort; wire everything up 2015-05-22 19:14:28 -04:00
Justin Santa Barbara
e49ad95462 Mark PublicIPs as deprecated & rename to DeprecatedPublicIPs in the latest API 
We need to keep them in the API so that we can round-trip between versions.
 2015-05-22 19:14:27 -04:00
Justin Santa Barbara
3884d5fc59 Add LoadBalancer status to ServiceStatus 
This will replace publicIPs
 2015-05-22 18:27:05 -04:00
Justin Santa Barbara
1ad4549f5f Proxy infrastructure for NodePorts 
A service with a NodePort set will listen on that port, on every node.

This is both handy for some load balancers (AWS ELB) and for people
that want to expose a service without using a load balancer.
 2015-05-22 17:21:49 -04:00
Tim Hockin
270c031bec Merge pull request #8484 from thockin/proxier-old-iptables 
Clean up old iptables (pre-ip-per-service) legacy
 2015-05-19 11:21:46 -07:00
Justin Santa Barbara
2473a81412 Add mutex lock to cleanupStaleStickySessions 
Proxier.serviceMap is supposed to be guarded by the mutex
 2015-05-19 09:11:05 -04:00
Tim Hockin
b64868f23b Clean up old iptables (pre-ip-per-service) legacy 2015-05-18 20:27:40 -07:00
Tim Hockin
a548d542db Rename AffinityType to ServiceAffinity 2015-05-18 17:21:30 -07:00
Clayton Coleman
a2e4f95e32 Merge pull request #8269 from smarterclayton/add_proxier_error 
Proxier should return typed errors
 2015-05-18 10:00:44 -04:00
Clayton Coleman
de36967c7e Proxier should return typed errors 2015-05-15 13:50:05 -04:00
BenTheElder
78d2fda480 Move proxySocket out of proxier.go to proxysocket.go 
Moves proxySocket out of proxier.go to new proxysocket.go in proxy
package in order to start separating proxy logic and implementation and
make proxier more manageable to review.
 2015-05-14 19:08:35 -04:00
Tim Hockin
667dd81905 un-export CreateProxier 2015-05-14 11:37:25 -07:00
Daniel Smith
16a6fb8ef7 Replace calls to time.After with time.NewTimer for explicit stopping 2015-05-04 14:29:33 -07:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Xiang Li
7e36a88068 pkg/proxy: a more reliable way to detect a closed proxy 2015-04-13 10:11:22 -07:00
Dawn Chen
b6ec2f971e Merge pull request #6741 from xiang90/udp_timeout 
proxy: lower udp timeout
 2015-04-13 08:58:02 -07:00
Xiang Li
233ec922f3 proxy: lower udp timeout 2015-04-11 23:51:08 -07:00
Xiang Li
4b29947652 pkg/proxy: panic if run out of fd 
When proxy runs out of fd, it fills the logs with error message.
From #6716, it is better to just panic().
 2015-04-11 13:09:15 -07:00