mirror of https://github.com/k3s-io/k3s
Merge pull request #27562 from 7ing/ipt
Automatic merge from submit-queue improve iptables-restore implementation #27559 []() fixes #27559 - improve restoreInternal implementation in iptables - add SetStdin and SetStdout functions to Cmd interface - modify kubelet/prober and some tests in order to work with Cmd interfacepull/6/head
k8s-merge-robot
GitHub
commit
68632db799
|
|
@ -19,6 +19,7 @@ package prober
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
|
@ -249,3 +250,11 @@ func (eic execInContainer) Output() ([]byte, error) {
|
||||||
func (eic execInContainer) SetDir(dir string) {
|
func (eic execInContainer) SetDir(dir string) {
|
||||||
//unimplemented
|
//unimplemented
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (eic execInContainer) SetStdin(in io.Reader) {
|
||||||
|
//unimplemented
|
||||||
|
}
|
||||||
|
|
||||||
|
func (eic execInContainer) SetStdout(out io.Writer) {
|
||||||
|
//unimplemented
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ package exec
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"k8s.io/kubernetes/pkg/probe"
|
"k8s.io/kubernetes/pkg/probe"
|
||||||
|
|
@ -39,6 +40,10 @@ func (f *FakeCmd) Output() ([]byte, error) {
|
||||||
|
|
||||||
func (f *FakeCmd) SetDir(dir string) {}
|
func (f *FakeCmd) SetDir(dir string) {}
|
||||||
|
|
||||||
|
func (f *FakeCmd) SetStdin(in io.Reader) {}
|
||||||
|
|
||||||
|
func (f *FakeCmd) SetStdout(out io.Writer) {}
|
||||||
|
|
||||||
type fakeExitError struct {
|
type fakeExitError struct {
|
||||||
exited bool
|
exited bool
|
||||||
statusCode int
|
statusCode int
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ limitations under the License.
|
||||||
package exec
|
package exec
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"io"
|
||||||
osexec "os/exec"
|
osexec "os/exec"
|
||||||
"syscall"
|
"syscall"
|
||||||
)
|
)
|
||||||
|
|
@ -45,6 +46,8 @@ type Cmd interface {
|
||||||
// Output runs the command and returns standard output, but not standard err
|
// Output runs the command and returns standard output, but not standard err
|
||||||
Output() ([]byte, error)
|
Output() ([]byte, error)
|
||||||
SetDir(dir string)
|
SetDir(dir string)
|
||||||
|
SetStdin(in io.Reader)
|
||||||
|
SetStdout(out io.Writer)
|
||||||
}
|
}
|
||||||
|
|
||||||
// ExitError is an interface that presents an API similar to os.ProcessState, which is
|
// ExitError is an interface that presents an API similar to os.ProcessState, which is
|
||||||
|
|
@ -82,6 +85,14 @@ func (cmd *cmdWrapper) SetDir(dir string) {
|
||||||
cmd.Dir = dir
|
cmd.Dir = dir
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (cmd *cmdWrapper) SetStdin(in io.Reader) {
|
||||||
|
cmd.Stdin = in
|
||||||
|
}
|
||||||
|
|
||||||
|
func (cmd *cmdWrapper) SetStdout(out io.Writer) {
|
||||||
|
cmd.Stdout = out
|
||||||
|
}
|
||||||
|
|
||||||
// CombinedOutput is part of the Cmd interface.
|
// CombinedOutput is part of the Cmd interface.
|
||||||
func (cmd *cmdWrapper) CombinedOutput() ([]byte, error) {
|
func (cmd *cmdWrapper) CombinedOutput() ([]byte, error) {
|
||||||
out, err := (*osexec.Cmd)(cmd).CombinedOutput()
|
out, err := (*osexec.Cmd)(cmd).CombinedOutput()
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ package exec
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
)
|
)
|
||||||
|
|
||||||
// A simple scripted Interface type.
|
// A simple scripted Interface type.
|
||||||
|
|
@ -49,6 +50,8 @@ type FakeCmd struct {
|
||||||
CombinedOutputCalls int
|
CombinedOutputCalls int
|
||||||
CombinedOutputLog [][]string
|
CombinedOutputLog [][]string
|
||||||
Dirs []string
|
Dirs []string
|
||||||
|
Stdin io.Reader
|
||||||
|
Stdout io.Writer
|
||||||
}
|
}
|
||||||
|
|
||||||
func InitFakeCmd(fake *FakeCmd, cmd string, args ...string) Cmd {
|
func InitFakeCmd(fake *FakeCmd, cmd string, args ...string) Cmd {
|
||||||
|
|
@ -62,6 +65,14 @@ func (fake *FakeCmd) SetDir(dir string) {
|
||||||
fake.Dirs = append(fake.Dirs, dir)
|
fake.Dirs = append(fake.Dirs, dir)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (fake *FakeCmd) SetStdin(in io.Reader) {
|
||||||
|
fake.Stdin = in
|
||||||
|
}
|
||||||
|
|
||||||
|
func (fake *FakeCmd) SetStdout(out io.Writer) {
|
||||||
|
fake.Stdout = out
|
||||||
|
}
|
||||||
|
|
||||||
func (fake *FakeCmd) CombinedOutput() ([]byte, error) {
|
func (fake *FakeCmd) CombinedOutput() ([]byte, error) {
|
||||||
if fake.CombinedOutputCalls > len(fake.CombinedOutputScript)-1 {
|
if fake.CombinedOutputCalls > len(fake.CombinedOutputScript)-1 {
|
||||||
panic("ran out of CombinedOutput() actions")
|
panic("ran out of CombinedOutput() actions")
|
||||||
|
|
|
||||||
|
|
@ -17,9 +17,8 @@ limitations under the License.
|
||||||
package iptables
|
package iptables
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
@ -60,7 +59,7 @@ type Interface interface {
|
||||||
Save(table Table) ([]byte, error)
|
Save(table Table) ([]byte, error)
|
||||||
// SaveAll calls `iptables-save`.
|
// SaveAll calls `iptables-save`.
|
||||||
SaveAll() ([]byte, error)
|
SaveAll() ([]byte, error)
|
||||||
// Restore runs `iptables-restore` passing data through a temporary file.
|
// Restore runs `iptables-restore` passing data through []byte.
|
||||||
// table is the Table to restore
|
// table is the Table to restore
|
||||||
// data should be formatted like the output of Save()
|
// data should be formatted like the output of Save()
|
||||||
// flush sets the presence of the "--noflush" flag. see: FlushFlag
|
// flush sets the presence of the "--noflush" flag. see: FlushFlag
|
||||||
|
|
@ -335,29 +334,12 @@ func (runner *runner) restoreInternal(args []string, data []byte, flush FlushFla
|
||||||
if counters {
|
if counters {
|
||||||
args = append(args, "--counters")
|
args = append(args, "--counters")
|
||||||
}
|
}
|
||||||
// create temp file through which to pass data
|
|
||||||
temp, err := ioutil.TempFile("", "kube-temp-iptables-restore-")
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
// make sure we delete the temp file
|
|
||||||
defer os.Remove(temp.Name())
|
|
||||||
// Put the filename at the end of args.
|
|
||||||
// NOTE: the filename must be at the end.
|
|
||||||
// See: https://git.netfilter.org/iptables/commit/iptables-restore.c?id=e6869a8f59d779ff4d5a0984c86d80db70784962
|
|
||||||
args = append(args, temp.Name())
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
// write data to the file
|
|
||||||
_, err = temp.Write(data)
|
|
||||||
temp.Close()
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
// run the command and return the output or an error including the output and error
|
// run the command and return the output or an error including the output and error
|
||||||
glog.V(4).Infof("running iptables-restore %v", args)
|
glog.V(4).Infof("running iptables-restore %v", args)
|
||||||
b, err := runner.exec.Command(cmdIptablesRestore, args...).CombinedOutput()
|
cmd := runner.exec.Command(cmdIptablesRestore, args...)
|
||||||
|
cmd.SetStdin(bytes.NewBuffer(data))
|
||||||
|
b, err := cmd.CombinedOutput()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("%v (%s)", err, b)
|
return fmt.Errorf("%v (%s)", err, b)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue