mirror of https://github.com/k3s-io/k3s
Merge pull request #57594 from m1093782566/hairpin
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Fix incorrect hairpin-mode value and validate it **What this PR does / why we need it**: * Fix incorrect hairpin-mode value * Add validation **Which issue(s) this PR fixes**: Fixes #57609 **Special notes for your reviewer**: **Release note**: ```release-note NONE ```pull/6/head
Kubernetes Submit Queue
GitHub
commit
18758f502c
|
|
@ -591,6 +591,7 @@ func TestValidateKubeletConfiguration(t *testing.T) {
|
|||
ReadOnlyPort: utilpointer.Int32Ptr(0),
|
||||
RegistryBurst: 10,
|
||||
RegistryPullQPS: utilpointer.Int32Ptr(5),
|
||||
HairpinMode: "promiscuous-bridge",
|
||||
},
|
||||
}
|
||||
if allErrors := ValidateKubeletConfiguration(successCase, nil); len(allErrors) != 0 {
|
||||
|
|
|
|||
|
|
@ -192,7 +192,7 @@ type KubeletConfiguration struct {
|
|||
// "promiscuous-bridge": make the container bridge promiscuous.
|
||||
// "hairpin-veth": set the hairpin flag on container veth interfaces.
|
||||
// "none": do nothing.
|
||||
// Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT,
|
||||
// Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT,
|
||||
// because promiscous-bridge assumes the existence of a container bridge named cbr0.
|
||||
HairpinMode string
|
||||
// maxPods is the number of pods that can run on this Kubelet.
|
||||
|
|
|
|||
|
|
@ -189,7 +189,7 @@ type KubeletConfiguration struct {
|
|||
// "promiscuous-bridge": make the container bridge promiscuous.
|
||||
// "hairpin-veth": set the hairpin flag on container veth interfaces.
|
||||
// "none": do nothing.
|
||||
// Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT,
|
||||
// Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT,
|
||||
// because promiscous-bridge assumes the existence of a container bridge named cbr0.
|
||||
HairpinMode string `json:"hairpinMode"`
|
||||
// maxPods is the number of pods that can run on this Kubelet.
|
||||
|
|
|
|||
|
|
@ -100,5 +100,13 @@ func ValidateKubeletConfiguration(kc *kubeletconfig.KubeletConfiguration) error
|
|||
val, kubetypes.NodeAllocatableEnforcementKey, kubetypes.SystemReservedEnforcementKey, kubetypes.KubeReservedEnforcementKey))
|
||||
}
|
||||
}
|
||||
switch kc.HairpinMode {
|
||||
case kubeletconfig.HairpinNone:
|
||||
case kubeletconfig.HairpinVeth:
|
||||
case kubeletconfig.PromiscuousBridge:
|
||||
default:
|
||||
allErrors = append(allErrors, fmt.Errorf("Invalid option %q specified for HairpinMode (--hairpin-mode) setting. Valid options are %q, %q or %q",
|
||||
kc.HairpinMode, kubeletconfig.HairpinNone, kubeletconfig.HairpinVeth, kubeletconfig.PromiscuousBridge))
|
||||
}
|
||||
return utilerrors.NewAggregate(allErrors)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@ func TestValidateKubeletConfiguration(t *testing.T) {
|
|||
ReadOnlyPort: 0,
|
||||
RegistryBurst: 10,
|
||||
RegistryPullQPS: 5,
|
||||
HairpinMode: kubeletconfig.PromiscuousBridge,
|
||||
}
|
||||
if allErrors := ValidateKubeletConfiguration(successCase); allErrors != nil {
|
||||
t.Errorf("expect no errors got %v", allErrors)
|
||||
|
|
@ -75,8 +76,9 @@ func TestValidateKubeletConfiguration(t *testing.T) {
|
|||
ReadOnlyPort: -10,
|
||||
RegistryBurst: -10,
|
||||
RegistryPullQPS: -10,
|
||||
HairpinMode: "foo",
|
||||
}
|
||||
if allErrors := ValidateKubeletConfiguration(errorCase); len(allErrors.(utilerrors.Aggregate).Errors()) != 21 {
|
||||
t.Errorf("expect 21 errors got %v", len(allErrors.(utilerrors.Aggregate).Errors()))
|
||||
if allErrors := ValidateKubeletConfiguration(errorCase); len(allErrors.(utilerrors.Aggregate).Errors()) != 22 {
|
||||
t.Errorf("expect 22 errors got %v", len(allErrors.(utilerrors.Aggregate).Errors()))
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue