From 1c2c0c1f63460f0d78922cdac05638336f3ee4e7 Mon Sep 17 00:00:00 2001 From: Minhan Xia Date: Wed, 30 Nov 2016 14:04:22 -0800 Subject: [PATCH] support service loadBalancerSourceRange update --- pkg/api/validation/validation.go | 9 --------- pkg/api/validation/validation_test.go | 4 ++-- pkg/controller/service/servicecontroller.go | 7 +++++++ pkg/proxy/iptables/proxier.go | 3 +++ 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/pkg/api/validation/validation.go b/pkg/api/validation/validation.go index e7783a5c8e..5b7c9fd509 100644 --- a/pkg/api/validation/validation.go +++ b/pkg/api/validation/validation.go @@ -2667,15 +2667,6 @@ func ValidateServiceUpdate(service, oldService *api.Service) field.ErrorList { } } - // TODO(freehan): allow user to update loadbalancerSourceRanges - // Only allow removing LoadBalancerSourceRanges when change service type from LoadBalancer - // to non-LoadBalancer or adding LoadBalancerSourceRanges when change service type from - // non-LoadBalancer to LoadBalancer. - if service.Spec.Type != api.ServiceTypeLoadBalancer && oldService.Spec.Type != api.ServiceTypeLoadBalancer || - service.Spec.Type == api.ServiceTypeLoadBalancer && oldService.Spec.Type == api.ServiceTypeLoadBalancer { - allErrs = append(allErrs, ValidateImmutableField(service.Spec.LoadBalancerSourceRanges, oldService.Spec.LoadBalancerSourceRanges, field.NewPath("spec", "loadBalancerSourceRanges"))...) - } - allErrs = append(allErrs, validateServiceFields(service)...) allErrs = append(allErrs, validateServiceAnnotations(service, oldService)...) return allErrs diff --git a/pkg/api/validation/validation_test.go b/pkg/api/validation/validation_test.go index 094a4a0d19..6a7a02b74e 100644 --- a/pkg/api/validation/validation_test.go +++ b/pkg/api/validation/validation_test.go @@ -6675,7 +6675,7 @@ func TestValidateServiceUpdate(t *testing.T) { newSvc.Spec.Type = api.ServiceTypeLoadBalancer newSvc.Spec.LoadBalancerSourceRanges = []string{"10.0.0.0/8"} }, - numErrs: 1, + numErrs: 0, }, { name: "update loadBalancerSourceRanges", @@ -6685,7 +6685,7 @@ func TestValidateServiceUpdate(t *testing.T) { newSvc.Spec.Type = api.ServiceTypeLoadBalancer newSvc.Spec.LoadBalancerSourceRanges = []string{"10.180.0.0/16"} }, - numErrs: 1, + numErrs: 0, }, { name: "LoadBalancer type cannot have None ClusterIP", diff --git a/pkg/controller/service/servicecontroller.go b/pkg/controller/service/servicecontroller.go index 772aa0fad8..43c6a3f74c 100644 --- a/pkg/controller/service/servicecontroller.go +++ b/pkg/controller/service/servicecontroller.go @@ -430,6 +430,13 @@ func (s *ServiceController) needsUpdate(oldService *v1.Service, newService *v1.S oldService.Spec.Type, newService.Spec.Type) return true } + + if wantsLoadBalancer(newService) && !reflect.DeepEqual(oldService.Spec.LoadBalancerSourceRanges, newService.Spec.LoadBalancerSourceRanges) { + s.eventRecorder.Eventf(newService, v1.EventTypeNormal, "LoadBalancerSourceRanges", "%v -> %v", + oldService.Spec.LoadBalancerSourceRanges, newService.Spec.LoadBalancerSourceRanges) + return true + } + if !portsEqualForLB(oldService, newService) || oldService.Spec.SessionAffinity != newService.Spec.SessionAffinity { return true } diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index a64659904c..2f39fe9bbc 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -388,6 +388,9 @@ func (proxier *Proxier) sameConfig(info *serviceInfo, service *api.Service, port if info.onlyNodeLocalEndpoints != onlyNodeLocalEndpoints { return false } + if !reflect.DeepEqual(info.loadBalancerSourceRanges, service.Spec.LoadBalancerSourceRanges) { + return false + } return true }