Commit Graph

156 Commits

Author SHA1 Message Date
daschott
b7466d02cd Winkernel proxier cache HNS data to improve syncProxyRules performance
Resolved issues with proxy rules taking a long time to be synced on Windows, by caching HNS data.

In particular, the following HNS data will be cached for the context of syncProxyRules:
  * HNS endpoints

  * HNS load balancers
2022-04-15 13:31:31 -07:00
Kubernetes Prow Robot
475f7af1c1
Merge pull request #108812 from danwinship/endpoint-chain-names
proxy/iptables: fix up endpoint chain name computation
2022-03-19 02:15:09 -07:00
Dan Winship
dd4d88398c proxy/iptables: fix up endpoint chain name computation
Rather than lazily computing and then caching the endpoint chain name
because we don't have the right information at construct time, just
pass the right information at construct time and compute the chain
name then.
2022-03-18 16:10:33 -04:00
Yongkun Gui
78a507b256 Fix health check from Google's Load Balancer
This change adds 2 options for windows:
--forward-healthcheck-vip: If true forward service VIP for health check
port
--root-hnsendpoint-name: The name of the hns endpoint name for root
namespace attached to l2bridge, default is cbr0

When --forward-healthcheck-vip is set as true and winkernel is used,
kube-proxy will add an hns load balancer to forward health check request
that was sent to lb_vip:healthcheck_port to the node_ip:healthcheck_port.
Without this forwarding, the health check from google load balancer will
fail, and it will stop forwarding traffic to the windows node.

This change fixes the following 2 cases for service:
- `externalTrafficPolicy: Cluster` (default option): healthcheck_port is
10256 for all services. Without this fix, all traffic won't be directly
forwarded to windows node. It will always go through a linux node and
get forwarded to windows from there.
- `externalTrafficPolicy: Local`: different healthcheck_port for each
service that is configured as local. Without this fix, this feature
won't work on windows node at all. This feature preserves client ip
that tries to connect to their application running in windows pod.

Change-Id: If4513e72900101ef70d86b91155e56a1f8c79719
2022-03-11 22:34:59 -08:00
Davanum Srinivas
9682b7248f
OWNERS cleanup - Jan 2021 Week 1
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-01-10 08:14:29 -05:00
Kubernetes Prow Robot
030c3fbd58
Merge pull request #106936 from sbangari/windowsserviceflappingfix
Skip creating HNS loadbalancer with empty endpoints
2021-12-10 22:41:57 -08:00
Sravanth Bangari
26be8d6890 Skip creating HNS loadbalancer with empty endpoints 2021-12-09 20:03:21 -08:00
Davanum Srinivas
9405e9b55e
Check in OWNERS modified by update-yamlfmt.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2021-12-09 21:31:26 -05:00
Amim Knabben
8b37bfec8e Enabling kube-proxy metrics on windows kernel mode 2021-11-21 21:23:55 -03:00
Shivanshu Raj Shrivastava
d3350f45e5
Migrated proxier_health.go , proxier.go to structured logging (#105767)
* fixed improperly migrated logs

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>
2021-10-21 10:17:48 -07:00
Shivanshu Raj Shrivastava
81636f2158
Fixed improperly migrated logs (#105763)
* fixed improperly migrated logs

* small fixes

* small fix

* Update pkg/proxy/iptables/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/healthcheck/service_health.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/iptables/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/iptables/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/iptables/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/iptables/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/ipvs/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/ipvs/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/ipvs/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* Update pkg/proxy/winkernel/proxier.go

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>

* refactoring

* refactoring

* refactoring

* reverted some files back to master

Co-authored-by: Marek Siarkowicz <marek.siarkowicz@protonmail.com>
2021-10-20 03:55:58 -07:00
Kubernetes Prow Robot
2358c8ae5b
Merge pull request #105144 from umangachapagain/fix-logs
remove format specifiers from structured logs
2021-10-04 14:12:51 -07:00
elweb9858
365c5e5687 Removing elweb9858 from winkernel kube-proxy approver+reviewer lists 2021-09-30 11:40:37 -07:00
Umanga Chapagain
e262278772
fix incorrect structured log patterns
proxy/winkernel/proxier.go was using format specifier with
structured logging pattern which is wrong. This commit removes
use of format specifiers to align with the pattern.

Signed-off-by: Umanga Chapagain <chapagainumanga@gmail.com>
2021-09-30 11:10:13 +05:30
Khaled Henidak (Kal)
a53e2eaeab
move IPv6DualStack feature to stable. (#104691)
* kube-proxy

* endpoints controller

* app: kube-controller-manager

* app: cloud-controller-manager

* kubelet

* app: api-server

* node utils + registry/strategy

* api: validation (comment removal)

* api:pod strategy (util pkg)

* api: docs

* core: integration testing

* kubeadm: change feature gate to GA

* service registry and rest stack

* move feature to GA

* generated
2021-09-24 16:30:22 -07:00
jyz0309
e9abf3dfc6 remove spew
Signed-off-by: jyz0309 <45495947@qq.com>

remove spew

Signed-off-by: jyz0309 <45495947@qq.com>

remove LogJson

Signed-off-by: jyz0309 <45495947@qq.com>

change name

Signed-off-by: jyz0309 <45495947@qq.com>

remove spew

Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-23 17:20:34 +08:00
jyz0309
c0e0fae775 fix error
Signed-off-by: jyz0309 <45495947@qq.com>

use InfoS handle json

Signed-off-by: jyz0309 <45495947@qq.com>

remove import

Signed-off-by: jyz0309 <45495947@qq.com>

fix comment

Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-23 17:15:18 +08:00
jyz0309
a0fd52b6e1 fix log error
Signed-off-by: jyz0309 <45495947@qq.com>

fix conflict

Signed-off-by: jyz0309 <45495947@qq.com>

format code

Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-23 17:15:18 +08:00
Daniel Canter
ce52f70c66 Replace custom dualstack support logic in Windows Kube-proxy
Due to an incorrect version range definition in hcsshim for dualstack
support, the Windows kubeproxy had to define it's own version range logic
to check if dualstack was supported on the host. This was remedied in hcsshim
(https://github.com/microsoft/hcsshim/pull/1003) and this work has been vendored into
K8s as well (https://github.com/kubernetes/kubernetes/pull/104880). This
change simply makes use of the now correct version range to check if dualstack
is supported, and gets rid of the old custom logic.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
2021-09-22 13:07:38 -07:00
jyz0309
5d32be4126 fix type check
Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-20 19:42:15 +08:00
jyz0309
6344d6b26d rebuild msg and rename namespace
Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-20 19:04:21 +08:00
jyz0309
615c69643b migrate to struct log for proxy
Signed-off-by: jyz0309 <45495947@qq.com>

remove useless str

Signed-off-by: jyz0309 <45495947@qq.com>

fix comment

Signed-off-by: jyz0309 <45495947@qq.com>

fix comment

Signed-off-by: jyz0309 <45495947@qq.com>
2021-09-16 18:01:22 +08:00
Kubernetes Prow Robot
648559b63e
Merge pull request #104742 from khenidak/health-check-port
change health-check port to listen to node port addresses
2021-09-13 15:43:52 -07:00
Khaled (Kal) Henidak
acdf50fbed change proxiers to pass nodePortAddresses 2021-09-13 18:27:07 +00:00
Dan Winship
7f6fbc4482 Drop broken/no-op proxyconfig.EndpointsHandler implementations
Because the proxy.Provider interface included
proxyconfig.EndpointsHandler, all the backends needed to
implement its methods. But iptables, ipvs, and winkernel implemented
them as no-ops, and metaproxier had an implementation that wouldn't
actually work (because it couldn't handle Services with no active
Endpoints).

Since Endpoints processing in kube-proxy is deprecated (and can't be
re-enabled unless you're using a backend that doesn't support
EndpointSlice), remove proxyconfig.EndpointsHandler from the
definition of proxy.Provider and drop all the useless implementations.
2021-09-13 09:32:38 -04:00
Kubernetes Prow Robot
d3621ae008
Merge pull request #101303 from wangyx1992/capatial-log-proxy
cleanup: fix errors in wrapped format and log capitalization in proxy
2021-09-03 10:01:50 -07:00
Stephen Augustus
481cf6fbe7
generated: Run hack/update-gofmt.sh
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2021-08-24 15:47:49 -04:00
Antonio Ojea
0cd75e8fec run hack/update-netparse-cve.sh 2021-08-20 10:42:09 +02:00
James Sturtevant
d5d9327351 Only use dualstack if the node and config supports it 2021-07-08 11:39:20 -07:00
Swetha Repakula
0a42f7b989 Graduate EndpointSliceProxying and WindowsEndpointSliceProxying Gates 2021-07-07 13:33:30 -07:00
Kubernetes Prow Robot
96dff7d0c7
Merge pull request #102832 from Yuan-Junliang/migrateProxyEventAPI
Migrate kube-proxy event to use v1 Event API
2021-07-05 17:44:17 -07:00
Swetha Repakula
03b7a699c2 Kubeproxy uses V1 EndpointSlice 2021-06-30 18:41:57 -07:00
wangyx1992
c85e567a3d cleanup: fix errors in wrapped format and log capitalization in proxy
Signed-off-by: wangyx1992 <wang.yixiang@zte.com.cn>
2021-06-28 04:39:15 +08:00
Sravanth Bangari
23ce7977b7 Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default 2021-06-23 23:09:46 -07:00
Yuan-Junliang
2e06066bab Migrate kube-proxy to use v1 Event API 2021-06-13 18:57:52 +08:00
Kubernetes Prow Robot
61db6e05f1
Merge pull request #100558 from yangjunmyfm192085/run-test31
Optimize the structured Logging migration.
2021-06-01 20:54:37 -07:00
Sravanth Bangari
32b2cd26c7 Ref counting is only applicable to Remote endpoints 2021-04-21 22:11:02 -07:00
JUN YANG
80b4277bff Optimize the structured Logging migration.
Signed-off-by: JUN YANG <yang.jun22@zte.com.cn>
2021-03-25 20:21:38 +08:00
Kubernetes Prow Robot
b014610de3
Merge pull request #99958 from sbangari/winkubeproxylbservicefix
For LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP
2021-03-10 00:35:35 -08:00
Rob Scott
f07be06a19
Adding support for TopologyAwareHints to kube-proxy 2021-03-08 15:37:47 -08:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
jornshen
d8d6a0223b clear no use LocalPort in winkernel 2021-02-15 16:36:08 +08:00
Sravanth Bangari
04eced5c67 For LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP 2021-01-31 11:56:30 -08:00
jornshen
f3b9e8b105 migrate proxy/winkernel/proxier.go logs to structured logging 2021-01-18 09:35:51 +08:00
jornshen
dff2da8cbc migrate winkernel network type string overlay as const 2021-01-14 16:38:02 +08:00
Kubernetes Prow Robot
eb08f36c7d
Merge pull request #96371 from andrewsykim/kube-proxy-terminating
kube-proxy: track serving/terminating conditions in endpoints cache
2021-01-11 18:38:25 -08:00
Andrew Sy Kim
1acdfb4e7c kube-proxyy: update winkernel proxier to read 'ready', 'serving' and 'terminating' conditions
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2021-01-11 16:17:58 -05:00
jornshen
5af5a2ac7d migrate proxy.UpdateServiceMap to be a method of ServiceMap 2021-01-11 11:07:30 +08:00
Jeremy Edwards
7f972840ca Fail instead of panic when HNS network cannot be created in test. 2020-12-02 07:01:27 +00:00
Sravanth Bangari
6c68ca5a9e Choosing the right source VIP for local endpoints 2020-11-11 23:29:07 -08:00