github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
22,521 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

256 Commits (2b5b708b70b41761e5cd68dc6e4ea35994d0fe09)

Author SHA1 Message Date
BenTheElder 1f2076ce64 Add flag to masquerade all in kube-proxy when using iptables proxier 2015-08-20 20:12:32 -04:00
Abhishek Shah b6b8e99393 External IPs support. 2015-08-20 16:10:01 -07:00
jiangyaoguo 5a95eb7326 Test UDP timeout 2015-08-19 21:50:43 +08:00
Kris Rousey ae6c64d9bb Moving everyone to unversioned client 2015-08-18 10:23:03 -07:00
Tim Hockin 6f34be30a3 Limit float precision to 5 points 2015-08-17 20:57:44 -07:00
Tim Hockin 7e9c685ba6 Require same min iptables version as -C 2015-08-17 20:57:44 -07:00
Tim Hockin 3a5c23d727 test for and set bridge-nf-call-iptables sysctl 2015-08-17 20:57:44 -07:00
Tim Hockin 9cf33772b4 test for and set route_localnet sysctl 2015-08-17 20:52:06 -07:00
Tim Hockin f1a48574a6 Clean up logging, make initial sync faster 2015-08-17 20:52:06 -07:00
Tim Hockin d72892d0b0 Include protocol in the hash for chain names 2015-08-17 20:52:06 -07:00
Tim Hockin 731d5e5191 Clean up iptables rules, add nodeport support 2015-08-17 20:52:06 -07:00
Tim Hockin d14c98f6cc Add nodepoprt chain and link it in, add unused MASQ rule 2015-08-17 20:52:06 -07:00
Robert Bailey 6fcdcec25d Merge pull request #12658 from sdminonne/bug_fix2 
to fix govet issue
 2015-08-17 10:58:10 -07:00
Tim Hockin 776132e1ae Make kube-proxy iptables sync period configurable 2015-08-13 09:53:32 -07:00
Salvatore Dario Minonne 48018c402c to fix govet issue 2015-08-13 17:26:43 +02:00
BenTheElder 8006a39cc3 Fix #12596 
Fix for https://github.com/kubernetes/kubernetes/issues/12596
Disconnect the pure-iptables proxy’s services chain when starting the
userspace proxy.
 2015-08-12 20:06:09 -04:00
BenTheElder ae569e20b5 Partially Implement #3760 2015-08-12 02:39:15 -04:00
Piotr Szczesniak 1df0267f4a Merge pull request #12551 from eparis/underscore-to-dash 
Update code and docs to use - in flag names instead of _
 2015-08-12 07:16:31 +02:00
Kris Rousey 565189f5b8 Correcting all go vet errors 2015-08-11 13:55:37 -07:00
Eric Paris 5aa495cdad Update code to use - in flag names instead of _ 2015-08-11 16:31:52 -04:00
Alex Robinson c5e221dca7 Merge pull request #12440 from BenTheElder/proxy_config_handler_refactor 
Refactor `pkg/proxy/config`'s ServiceConfigHandler and EndpointsConfigHandler.
 2015-08-10 09:44:38 -07:00
Veres Lajos 9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
BenTheElder 6bbf2aaab7 Refactor pkg/proxy/config's ServiceConfigHandler and EndpointsConfigHandler to have different update methods. 
Refactor `pkg/proxy/config`’s ServiceConfigHandler.OnUpdate and
EndpointsConfigHandler.OnUpdate to different method names as they have
different signatures.

This will let the new proxy
(https://github.com/GoogleCloudPlatform/kubernetes/issues/3760)
implement both interfaces.

Since we won’t need a separate loadbalancer structure (load balancing
is handled in the proxy rules), we will simply handle both event types
from the same object.
 2015-08-08 15:16:55 -04:00
BenTheElder f6d257c0f3 fix missing import in roundrobin_test.go 2015-08-08 00:02:35 -04:00
BenTheElder 962a7b492b in pkg/proxy, merge proxy_provider.go and service_port_name.go to types.go 2015-08-07 21:10:34 -04:00
BenTheElder 1f6baa6549 Move userspace code to sub-package in proxy. 
Moves the userspace code in proxy to a sub-package and adds the
ProxyProvider interface.

This is in preparation for landing an implementation of
https://github.com/GoogleCloudPlatform/kubernetes/issues/3760, which
will mostly be in another sub package for iptables.
 2015-08-07 20:07:15 -04:00
BenTheElder 5867fca8bf Fix iptables Interface mocking, move Restore/RestoreAll to shared impl 
also put TODO for unit tests, move defer file deletion until after file
creation error is checked.
 2015-08-07 19:08:21 -04:00
Mike Danese 17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese 8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Abhishek Shah 4bbecea4e6 Changed udpIdleTimeout to 1 second from 10 seconds 2015-08-03 15:32:59 -07:00
jiangyaoguo 79ed954ec2 replace Reflector with client.cache.Reflector in kube-proxy 2015-06-29 11:21:50 +08:00
James DeFelice 4abcf7449c implementation of proxy port allocation 2015-06-02 12:28:25 +00:00
Tim Hockin ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin 4318ca5a8b Rename 'portal IP' to 'cluster IP' most everywhere 
This covers obvious transforms, but not --portal_net, $PORTAL_NET and
similar.
 2015-05-28 16:10:44 -07:00
Tim Hockin bd2314fa78 Fix session affinity in kube-proxy 2015-05-26 17:19:29 -07:00
BenTheElder d223b795f3 Correct copyright in proxysocket.go 
I created this file earlier this year. It should say 2015 not 2014.
 2015-05-25 12:00:50 -04:00
Justin Santa Barbara 4b9b7ec2f9 Continue to support (deprecated) publicIPs 
Not doing so breaks e2e tests and people that may be using them,
even though we will eventually want to stop supporting this now
that we have better alternatives for typical use cases (NodePort)
 2015-05-23 16:37:27 -04:00
Justin Santa Barbara 7346cc8042 Add ServiceType = NodePort; wire everything up 2015-05-22 19:14:28 -04:00
Justin Santa Barbara e49ad95462 Mark PublicIPs as deprecated & rename to DeprecatedPublicIPs in the latest API 
We need to keep them in the API so that we can round-trip between versions.
 2015-05-22 19:14:27 -04:00
Justin Santa Barbara 3884d5fc59 Add LoadBalancer status to ServiceStatus 
This will replace publicIPs
 2015-05-22 18:27:05 -04:00
Justin Santa Barbara 1ad4549f5f Proxy infrastructure for NodePorts 
A service with a NodePort set will listen on that port, on every node.

This is both handy for some load balancers (AWS ELB) and for people
that want to expose a service without using a load balancer.
 2015-05-22 17:21:49 -04:00
Tim Hockin 270c031bec Merge pull request #8484 from thockin/proxier-old-iptables 
Clean up old iptables (pre-ip-per-service) legacy
 2015-05-19 11:21:46 -07:00
Justin Santa Barbara 2473a81412 Add mutex lock to cleanupStaleStickySessions 
Proxier.serviceMap is supposed to be guarded by the mutex
 2015-05-19 09:11:05 -04:00
Tim Hockin b64868f23b Clean up old iptables (pre-ip-per-service) legacy 2015-05-18 20:27:40 -07:00
Tim Hockin a548d542db Rename AffinityType to ServiceAffinity 2015-05-18 17:21:30 -07:00
Clayton Coleman a2e4f95e32 Merge pull request #8269 from smarterclayton/add_proxier_error 
Proxier should return typed errors
 2015-05-18 10:00:44 -04:00
Clayton Coleman de36967c7e Proxier should return typed errors 2015-05-15 13:50:05 -04:00
BenTheElder 78d2fda480 Move proxySocket out of proxier.go to proxysocket.go 
Moves proxySocket out of proxier.go to new proxysocket.go in proxy
package in order to start separating proxy logic and implementation and
make proxier more manageable to review.
 2015-05-14 19:08:35 -04:00
Tim Hockin 667dd81905 un-export CreateProxier 2015-05-14 11:37:25 -07:00
Daniel Smith 16a6fb8ef7 Replace calls to time.After with time.NewTimer for explicit stopping 2015-05-04 14:29:33 -07:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Xiang Li 7e36a88068 pkg/proxy: a more reliable way to detect a closed proxy 2015-04-13 10:11:22 -07:00
Dawn Chen b6ec2f971e Merge pull request #6741 from xiang90/udp_timeout 
proxy: lower udp timeout
 2015-04-13 08:58:02 -07:00
Xiang Li 233ec922f3 proxy: lower udp timeout 2015-04-11 23:51:08 -07:00
Xiang Li 4b29947652 pkg/proxy: panic if run out of fd 
When proxy runs out of fd, it fills the logs with error message.
From #6716, it is better to just panic().
 2015-04-11 13:09:15 -07:00
Clayton Coleman 51db3bd654 Create a new testclient package that can be backed by disk files 
Standardize how our fakes are used so that a test case can use a
simpler mechanism for providing large, complex data sets, as well
as represent queries over time.
 2015-04-07 14:56:15 -04:00
Vishnu Kannan eb1c453a9a Updating kube-proxy logging levels to assist debugging. 2015-04-03 20:19:52 +00:00
Tim Hockin 186818d787 WIP: Implement multi-port Services 2015-03-30 19:28:11 -07:00
Alex Robinson 151b871eff Fix bug in kube-proxy of not updating iptables rules if a service's 
public IPs change, and add tests to catch the bug.
 2015-03-30 20:39:59 +00:00
Tim Hockin 8ae203825b Implement multi-port endpoints 
Instead of endpoints being a flat list, it is now a list of "subsets"
where each is a struct of {Addresses, Ports}.  To generate the list of
endpoints you need to take union of the Cartesian products of the
subsets.  This is compact in the vast majority of cases, yet still
represents named ports and corner cases (e.g. each pod has a different
port number).

This also stores subsets in a deterministic order (sorted by hash) to
avoid spurious updates and comparison problems.

This is a fully compatible change - old objects and clients will
keepworking as long as they don't need the new functionality.

This is the prep for multi-port Services, which will add API to produce
endpoints in this new structure.
 2015-03-27 12:36:32 -07:00
Abhishek Gupta b0c23c1046 Headless Services: Adding option to specify None for PortalIP 2015-03-20 12:10:03 -07:00
Salvatore Dario Minonne 31ddefc347 Finalize fields.Selector 2015-03-17 22:55:43 +01:00
Quinton Hoole cc72eaec3a Fix services namespace clash. 
Serve identically names services in different namespaces on different external IP addresses.
 2015-03-16 18:19:19 -07:00
Subin M 269ad3216f fix proxy_test.go file to avoid ChooseHostInterface 2015-03-13 01:40:48 +05:30
Tim Hockin 52298ab851 Merge pull request #4865 from sub-mod/proxier_go_change 
use ChooseHostInterface in kube-proxy
 2015-03-11 08:09:32 -07:00
Subin M b8c91e7344 use ChooseHostInterface in kube-proxy 2015-03-11 13:50:53 +05:30
Eric Tune 2ca265ae3b Remove --etcd_servers flag from kubelet and proxy. 
All the distros that use this have been updated,
or have PRs out to update them, or owners
have been asked to fix RPMs.

Removing this prevents further use of this model.

Remove now dead code: EtcdClientOrDie

Remove now dead pkg/proxy/config/etcd.go.

Remove unused imports.
 2015-03-10 09:29:09 -07:00
Tim Hockin 5dc98968c3 Refactor load balancer. 
Flatten 3 parallel maps into a map to structs (balancerState).
 2015-02-23 12:59:59 -08:00
Tim Hockin 8503c34694 Fix unprotected shared state in load balancer 2015-02-23 12:59:35 -08:00
Tim Hockin e88134f736 Some renames in round-robin balancer 
Making a clear path for more service port changes,making this code more
comprehensible.
 2015-02-23 12:56:44 -08:00
Tim Hockin 37b8c14a4f use a strong type for loadbalancer keys 2015-02-23 12:56:44 -08:00
Brendan Burns 9829128a75 Merge pull request #4580 from thockin/plural_20_endpoints 
Part 2 of plural ports: make endpoints a struct
 2015-02-20 15:42:19 -08:00
Daniel Smith 17feadf977 Merge pull request #4240 from thockin/hyperkube 
Hyperkube cleanup
 2015-02-20 11:12:32 -08:00
Eric Paris e8acfe5f81 change proxy to satisfy both gofmt 1.3 and 1.4 gofmt 
gofmt -s from 1.4  does not like
	for _ = range BLAH
it wants
	for range BLAH

But gofmt from 1.3 dies:
	./pkg/proxy/config/config.go:265:6: expected operand, found 'range'
	./pkg/proxy/config/config.go:268:3: expected '{', found 'EOF'

So instead, rewrite the code to make them both happy
 2015-02-20 12:30:33 -05:00
Tim Hockin 8c2ff81ae0 move pkg/proxy/server to cmd/kube-proxy/app 2015-02-20 08:49:12 -08:00
Eric Paris 9965604d4b check gofmt with golang 1.4 2015-02-20 10:31:06 -05:00
Victor Marmol 2d1a8d0da0 Allow ApplyOomScoreAdj to specify what PID to adjust for. 2015-02-19 17:16:31 -08:00
Tim Hockin ae0062d001 Part 2 of plural ports: make endpoints a struct 
Includes conversions for v1b[12] and tests and fixups for call sites.
 2015-02-18 19:54:15 -08:00
Tim Hockin 411666decb Get rid of ServiceSpec.ProxyPort 
As far as I know, nobody uses it.  It was replaced by PublicIPs.  If I were
being very polite I would leave it in internal, but since I am 99.99% sure
nobody uses it, I am cutting it.  Let's argue about it.
 2015-02-03 22:45:00 -08:00
Tim Hockin 3b5ea74a48 Fix a race in kube-proxy causing runaways 
It was an ABA problem where the proxy loop might see its own service as
"existing" when it had been destroyed and recreated (as in an update).

To prove this I added a counter of running ProxyLoop goroutines and check that
in tests.  If I undo my main change, the tests fail.  This makes the
proxier_test significantly slower (3 seconds vs 0.5 seconds).  Sorry.
 2015-02-03 17:08:09 -08:00
Joe Beda 638069b879 Convert proxy server to hyperkube 2015-02-02 14:03:13 -08:00
Mike Danese d77743a07c gimports nits 2015-01-26 22:42:29 -08:00
Steve Reed f7e3cb12a6 Moves string slice sorting, copying and shuffling into pkg/util/slice 2015-01-22 14:20:23 -08:00
Steve Reed 38241c7e80 Copies endpoint slices before any sorting 2015-01-22 14:20:18 -08:00
Steve Reed 79a6bfb95f Fixes #3640 by shuffling endpoints in the round-robin load balancer 2015-01-22 14:19:56 -08:00
Mike Danese 8b65621aeb fix interface conversion panic 2015-01-16 12:23:16 -08:00
fabianofranz 0235bca2d3 When choosing a host interface proxier must only consider the ones with an address assigned 2015-01-14 17:09:27 -02:00
Daniel Smith 24e59de06e Merge pull request #3392 from erictune/reflector_proxy 
Reconcile kubelet and kube-proxy watching code, initial steps.
 2015-01-12 14:55:26 -08:00
Eric Tune 295800201e Make pkg/proxy/config more like pkg/kubelet/config 
Split SourceAPI into two subobjects.

Parallel structure for endpoints, services will allow
changing to use generic code in pkg/client/cache/reflector.go.

Rename some funcs to be more like pkg/client/cache.
 2015-01-12 14:37:04 -08:00
Brendan Burns 6ad88bb143 Clear resourceVersion on errors. 2015-01-12 11:45:38 -08:00
Tim Hockin 4fcd496d59 change everything to use new util/errors 2015-01-08 22:10:03 -08:00
Brendan Burns 0f60d7bca3 Reset the resourceVersion so that we poll again for non-timeout errors. 2015-01-06 11:45:03 -08:00
Tim Hockin ca27fb259c Don't use pointers for session affinity 2014-12-29 14:43:17 -08:00
Tim Hockin e045c6ce2f Split portals into host and container 
After this DNS is resolvable from the host, if the DNS server is targetted
explicitly.  This does NOT add the cluster DNS to the host's resolv.conf.  That
is a larger problem, with distro-specific tie-ins and circular deps.
 2014-12-29 09:18:12 -08:00
Mike Foley c4e94efe16 Sticky Session Implementation 
- Added process to cleanup stale session affinity records
- Automatically set cloud provided load balancer for sticky session if the service requires it - Note, this only works on GCE right now.
- Changed sessionAffinityMap a map to pointers instead of structs to improve performance
- Commented out cookie and protocol from sessionAffinityDetail to avoid confusion as it is not yet implemented.
 2014-12-18 18:46:10 -05:00
Eric Tune 64f1084c1a Rename util.config.Watcher -> util.config.Broadcaster. 
Watch is a widely used term in the codebase, which doesn't capture
the key feature of this type: broadcasting a change to several
listeners.
 2014-12-04 00:10:27 -08:00
Daniel Smith 6cb26e17a4 Merge pull request #2697 from erictune/no_accept_err 
Proxy: Avoid log error.  Simplify locking.
 2014-12-03 14:06:17 -08:00
Daniel Smith 5466c06b3a Merge pull request #2733 from erictune/handle_error 
Handle error from watch.
 2014-12-03 14:02:54 -08:00
Eric Tune 909f82f463 Proxy: Avoid log error. Simplify locking. 
Don't log an error when Accept failed because the interface (portal)
was just removed.

Don't pass around a pointer to a serviceInfo since another thread
deletes those.  Instead, just check if service name is still in the
service map.

Delete the locking on the serviceInfo object since it is only used
by the "main" proxier thread.
 2014-12-03 12:34:54 -08:00
Eric Tune deb101a1fb Handle error from watch. 
A watch of the API can return an api.Status rather than the watched
obejct type.  This code didn't handle that.

Tested with services e2e test (in conjunction with other PR).
 2014-12-03 12:33:26 -08:00