github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
77,467 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

1041 Commits (3ebb8ddd8a21b4b8eca05c0e4a01c91617bd245f)

Author SHA1 Message Date
Ashish Ranjan 7be223e798 Refactor to use k8s.io/utils/net/ package instead of kubernetes/pkg/util/net/sets 
Signed-off-by: Ashish Ranjan <ashishranjan738@gmail.com>
 2019-02-04 10:34:53 +05:30
AdamDang 62105c87d4
Improve the ipvs/README.md 
Improve the ipvs/README.md
 2019-01-31 18:42:17 +08:00
Brad Hoekstra 6117316752 Refactor service-proxy-name label 2019-01-29 11:28:35 -05:00
Kubernetes Prow Robot a5e424dc17
Merge pull request #72923 from saschagrunert/dedent-update 
Update dedent to latest release
 2019-01-25 18:32:23 -08:00
Kubernetes Prow Robot b8d6de320f
Merge pull request #72334 from danielqsj/kp 
Change proxy metrics to conform metrics guidelines
 2019-01-25 18:32:12 -08:00
Pavithra Ramesh cd2d33eaa3 fix import 2019-01-25 11:19:00 -08:00
prameshj 5667ebd4f6
Merge branch 'master' into clear-externalip-conntrack 2019-01-25 11:12:16 -08:00
Pavithra Ramesh 168602e597 Clear conntrack entries for externalIP 
When an endpoint is deleted, the conntrack entries are cleared for
clusterIP but not for externalIP of the service. This change adds
that step.
 2019-01-25 11:05:18 -08:00
Sascha Grunert ba7aaa911d
Update dedent to latest release 
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2019-01-17 08:30:07 +01:00
Kubernetes Prow Robot fc282645ac
Merge pull request #72534 from thockin/kube-proxy-reject-no-endpoints-bug 
kube-proxy: Fix bug in rejecting 0 endpoint svc
 2019-01-15 02:46:36 -08:00
Justin SB dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Jeff Grafton 11f248fd35 Remove deprecated automanaged tag from some go rules 2019-01-08 14:40:57 -08:00
Kubernetes Prow Robot 1b28775db1
Merge pull request #72569 from luxas/component_base_init 
Create the k8s.io/component-base staging repo
 2019-01-08 03:18:35 -08:00
danielqsj 1fb91a7206 Mark deprecated in related proxy metrics 2019-01-08 13:15:25 +08:00
yanghaichao12 ba64ae18bc Fix typos in kube-proxy 2019-01-07 11:08:34 -05:00
Lucas Käldström 1edd2723f8
autogenerated files 2019-01-06 15:48:53 +02:00
Lucas Käldström 0140c82c16
Updated references from k8s.io/{apiserver,apimachinery} to the new k8s.io/component-base repo. Co-authored-by @Klaven 2019-01-06 14:01:26 +02:00
Kubernetes Prow Robot dfea6456f1
Merge pull request #72432 from DataDog/issue-71596 
Fix for #71596
 2019-01-03 20:22:15 -08:00
Tim Hockin df77e8eefd kube-proxy: reject 0 endpoints on forward 
Previously we only REJECTed on OUTPUT which works for packets from the
node but not for packets from pods on the node.
 2019-01-03 10:59:13 -08:00
Tim Hockin 0d451d7a4c kube-proxy: remove old cleanup rules 2019-01-03 10:59:10 -08:00
Tim Hockin 51442b1e8e kube-proxy: rename field for congruence 2019-01-03 10:59:10 -08:00
Tim Hockin 2106447d21 kube-proxy: rename vars for clarity, fix err str 2019-01-03 10:59:10 -08:00
Tim Hockin b3c2888e71 kube-proxy: rename internal field for clarity 2019-01-03 10:59:06 -08:00
Laurent Bernaille 7092e2f9f4 [kube-proxy/IPVS] Enforce ExternalTrafficPolicy:local even for services without affinity 2018-12-29 13:01:35 +01:00
danielqsj 8975e62254 Change proxy metrics to conform guideline 2018-12-26 17:25:10 +08:00
Kubernetes Prow Robot ae88c2d7b4
Merge pull request #70616 from teemow/teemow-proxy-flush-iptables-first 
flush iptable chains first and then remove them
 2018-12-20 08:53:47 -08:00
Dan Williams 2e339188ed OWNERS: add label:sig/network to a bunch of places 2018-12-19 00:00:02 -06:00
Laurent Bernaille 8bafc9771e [kube-proxy/ipvs] Do not try to delete RS already in termination list 2018-12-17 13:46:50 +01:00
Laurent Bernaille ffbfc53053 [kube-proxy/ipvs] Add info message showing the reason for skipping deletion 2018-12-17 13:46:09 +01:00
Micah Hausler 9740b6a6e1 Disable proxy to loopback and linklocal 2018-12-11 20:51:40 -08:00
Lars Ekman 227893dc3d Corrected test TestOnlyLocalLoadBalancing 2018-12-11 10:07:04 +01:00
Kubernetes Prow Robot 9d80e7522a
Merge pull request #71911 from Nordix/issue-70113-2 
Only handle addresses of the own ip family
 2018-12-10 23:02:33 -08:00
Kubernetes Prow Robot 0914272a42
Merge pull request #71035 from Nordix/issue-68437 
Fixes NodePort in ipv6 with proxy-mode=ipvs
 2018-12-10 08:53:42 -08:00
Lars Ekman 39dc41d411 Updated and new tests for ipv4/ipv6 address mix 2018-12-10 14:16:17 +01:00
Lars Ekman 5065f89a17 Only handle addresses of the own ip family 2018-12-10 12:14:42 +01:00
Kubernetes Prow Robot a69b565c3e
Merge pull request #71834 from DataDog/lbernail/ipvs-sysctls 
[kubeproxy/ipvs] New sysctls to improve pod termination
 2018-12-09 23:59:16 -08:00
Laurent Bernaille ec598d1a16 [kube-proxy/ipvs] Gofmt 2018-12-08 23:49:49 +01:00
Laurent Bernaille 0f9d30dd27 [kube-proxy/ipvs] Avoid unbinding multiple times for multiport svc 2018-12-08 23:47:59 +01:00
Laurent Bernaille b2c169d27c [kube-proxy/ipvs] Update test for new CleanupLegacyServices function 2018-12-08 21:27:37 +01:00
Laurent Bernaille e8c7dba25b [kube-proxy/ipvs] Apply graceful termination logic when unbinding addresses 2018-12-08 21:16:13 +01:00
Laurent Bernaille 81252e2ec1 [kube-proxy/ipvs] Apply graceful termination when deleting a service 2018-12-08 21:15:58 +01:00
Kubernetes Prow Robot f0bae6e9c5
Merge pull request #71573 from JacobTanenbaum/UDP_conntrack 
Correctly Clear conntrack entry on endpoint changes when using nodeport
 2018-12-07 15:01:43 -08:00
Laurent Bernaille 1570d9f042 [kubeproxy/ipvs] New sysctls to improve pod termination 2018-12-06 19:49:47 +01:00
Jacob Tanenbaum 144280e7a7 Correctly Clear conntrack entrty on endpoint changes when using nodeport 
When using NodePort to connect to an endpoint using UDP, if the endpoint is deleted on
restoration of the endpoint traffic does not flow. This happens because conntrack holds
the state of the connection and the proxy does not correctly clear the conntrack entry
for the stale endpoint.

Introduced a new function to conntrack ClearEntriesForPortNAT that uses the endpointIP
and NodePort to remove the stale conntrack entry and allow traffic to resume when
the endpoint is restored.

Signed-off-by: Jacob Tanenbaum <jtanenba@redhat.com>
 2018-12-03 15:02:48 -05:00
Lars Ekman c3c7152c55 Corrected condition. Fix for #71596 2018-11-30 18:44:46 +01:00
Laurent Bernaille b11233a2be [kube-proxy/ipvs] Generalize handling of InactiveConn to TCP 2018-11-29 13:34:13 +01:00
Laurent Bernaille ed65f6edeb [kube-proxy/ipvs] Handle UDP graceful termination 
The current logic is to delete a RS if the number of active connections
is 0. This makes sense for TCP but for UDP the number of active
connections is always 0. This is an issue for DNS queries because the RS
will be deleted but the IPVS connection will remain until it expires
(5mn by default) and if there are a lot of DNS queries, the port will be
reused and queries blackholed. Of course for this to work properly the
service needs to continue to serve queries until the connections expire
(this works fine with the lameduck option of coredns).
 2018-11-28 18:02:11 +01:00
Laurent Bernaille b955634d99 [kube-proxy/ipvs] Fix logic of delete function 2018-11-28 18:02:11 +01:00
Laurent Bernaille 7acb5a67fb [kube-proxy/ipvs] Display RS complete name in logs 
Help distinguish UDP and TCP RS (useful for DNS which uses both)
 2018-11-28 18:02:11 +01:00
Lars Ekman 2e5a985e47 Updates after review 2018-11-19 11:44:17 +01:00
Lars Ekman 1be71b8a99 Add the extra parameter for non-linux code 2018-11-19 10:02:48 +01:00
liangwei f39060c604 set net/ipv4/vs/conn_reuse_mode to 0 2018-11-16 15:17:24 +08:00
Lars Ekman e2409a054b Fixes NodePort in ipv6 with proxy-mode=ipvs. #68437 
Use ipv6 addresses for NodePort with proxy-mode=ipvs in a
ipv6-only cluster.
 2018-11-14 12:34:06 +01:00
AdamDang cc4d38c768 Typo fix: healtcheck->healthcheck (#65394) 
Typo fix: healtcheck->healthcheck

Typo fix: healtcheck->healthcheck
 2018-11-13 19:45:24 -08:00
k8s-ci-robot d8e78c8ac5
Merge pull request #66149 from honkiko/do-not-take-all-endpoints-into-ipset 
hairpin ipset could only contain local endpoints
 2018-11-12 02:04:09 -08:00
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
k8s-ci-robot 7984a2bf60
Merge pull request #70564 from KevinWang15/master 
Fix typos
 2018-11-05 19:04:45 -08:00
k8s-ci-robot 79e3d6c0f8
Merge pull request #70542 from wpalmeri/patch-2 
fix typo in comment
 2018-11-05 11:42:07 -08:00
Ke Wang 946c701b05 Fix Typo: mataData -> metaData; masquared -> masquerade 2018-11-05 21:19:25 +08:00
Weibin Lin 4b90559369 use 'nf_conntrack' instead of 'nf_conntrack_ipv4' for linux kernel >= 4.19 2018-11-05 10:33:31 +08:00
Timo Derstappen 90d2c5ca5a
flush iptable chains first and then remove them 
while cleaning up ipvs mode. flushing iptable chains first and then
remove the chains. this avoids trying to remove chains that are still
referenced by rules in other chains.

fixes #70615
 2018-11-03 11:36:14 +01:00
Will Palmeri 80f96e9abb
fix typo 2018-11-01 10:07:15 -07:00
kvaps 489e95bc30 Set arp_ignore and arp_announce flags 2018-11-01 10:38:42 +01:00
k8s-ci-robot 0be22d8ace
Merge pull request #70230 from qingsenLi/git181025 
fix golint for /pkg/util/ipconfig and /pkg/util/resourcecontainer
 2018-10-31 11:50:23 -07:00
Weibin Lin 95d379021b add module 'nf_conntrack' in ipvs prerequisite check 2018-10-27 16:40:38 +08:00
qingsenLi ca74d32e4c fix golint for /pkg/util/ipconfig and /pkg/util/resourcecontainer-2 2018-10-26 23:58:30 +08:00
k8s-ci-robot 3b5d2e865e
Merge pull request #68436 from Nordix/issue-67799 
Create ipsets with family inet6 in an ipv6-only cluster
 2018-10-24 02:16:11 -07:00
Pengfei Ni 4b7a502c07 Fix service targetPort with string for Windows 2018-10-22 15:17:27 +08:00
xujieasd 4eab9406fa add UT code for cleanLegacyBindAddr 
gofmt modify

change api to v1
 2018-10-17 11:04:26 +08:00
Weibin Lin 73e3d8a081 Improve the ipvs error message 2018-10-10 16:16:58 +08:00
Christoph Blecker 97b2992dc1
Update gofmt for go1.11 2018-10-05 12:59:38 -07:00
k8s-ci-robot 2f349d58df
Merge pull request #68897 from ksubrmnn/mac_address 
Load Balancing is not distributing connections to different endpoints
 2018-10-04 19:34:45 -07:00
k8s-ci-robot 8a3888dcfa
Merge pull request #69407 from madhanrm/approvers 
Updated approvers for winkernel proxy
 2018-10-04 15:59:39 -07:00
Madhan Raj Mookkandy 77a9884f4a Updated approvers for winkernel 2018-10-04 10:05:59 -07:00
delulu 524de768bb fix inconsistency in updating hns policy 2018-10-03 22:00:03 +08:00
k8s-ci-robot 941fc26418
Merge pull request #67888 from tanshanshan/glogformat 
remove unused format log print
 2018-10-01 22:20:28 -07:00
k8s-ci-robot 577e06e0b8
Merge pull request #69222 from SataQiu/fix-2018092805 
fix typo
 2018-10-01 04:40:34 -07:00
liangwei 456c351e31 fix bugs introduced by ipvs graceful termination 2018-09-30 16:40:13 +08:00
SataQiu 94a653f100 fix typo 2018-09-28 23:41:24 +08:00
liangwei 9e4f84f42e ipvs connection based graceful termination 2018-09-27 15:16:48 +08:00
liangwei 80ff8b359c ipvs support graceful termination 2018-09-27 15:14:51 +08:00
k8s-ci-robot 3fe21e5433
Merge pull request #68922 from BenTheElder/version-staging 
move pkg/util/version to staging
 2018-09-26 22:59:42 -07:00
ksubrmnn d785379d67 Create unique mac address per endpoint 2018-09-26 15:45:45 -07:00
k8s-ci-robot 4ca9fa737e
Merge pull request #68760 from jessfraz/only-set-sysctl-if-not-set 
pkg/proxy: only set sysctl if not already set
 2018-09-26 04:56:59 -07:00
k8s-ci-robot fdd9c2e2a0
Merge pull request #67990 from tizhou86/newPR5 
Fix golint error under pkg/proxy.
 2018-09-24 17:17:19 -07:00
Benjamin Elder 8b56eb8588 hack/update-gofmt.sh 2018-09-24 12:21:29 -07:00
Benjamin Elder f828c6f662 hack/update-bazel.sh 2018-09-24 12:03:24 -07:00
Benjamin Elder 088cf3c37b find & replace version import 2018-09-24 12:03:24 -07:00
Jess Frazelle f8ba640ced
pkg/proxy: only set sysctl if not already set 
This will allow for kube-proxy to be run without `privileged` and
with only adding the capability `NET_ADMIN`.

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
 2018-09-19 15:29:53 -04:00
Jia Xin 4ca62e4f39 Restore *filter table for ipvs 
Resolve: #68194
 2018-09-18 20:26:27 +08:00
Lars Ekman 0db4f6af4a Fix for #67799 
Ipsets are now created with "family inet6" in an ipv6-only
cluster.
 2018-09-08 19:48:40 +02:00
Lucas Käldström 83d53ea1c2
Standardize componentconfig code/comment patterns 2018-09-06 13:42:02 +03:00
song a3b40dd7b7 fix typo in ipvs RADME.md 2018-09-03 11:34:09 +08:00
Kubernetes Submit Queue ef741c3038
Merge pull request #68075 from riverzhang/fix-ipvs-readme 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.

Fix how to use ipvs mode by kubeadm

**What this PR does / why we need it**:
how to use ipvs mode by kubeadm
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note

```
 2018-08-31 14:16:16 -07:00
rongzhang 4f6b5734a1 Fix how to use ipvs mode by kubeadm 2018-08-31 22:16:40 +08:00
Kubernetes Submit Queue 11c47e1872
Merge pull request #67948 from wojtek-t/use_buffers_in_kube_proxy 
Automatic merge from submit-queue (batch tested with PRs 66577, 67948, 68001, 67982). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.

Reduce amount of allocations in kube-proxy

Follow up from https://github.com/kubernetes/kubernetes/pull/65902
 2018-08-29 16:33:34 -07:00
tizhou86 f18c133360 Fix golint error under pkg/proxy. 2018-08-29 16:16:29 +08:00
Kubernetes Submit Queue 2eb14e3007
Merge pull request #64973 from nokia/k8s-sctp 
Automatic merge from submit-queue (batch tested with PRs 67694, 64973, 67902). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

SCTP support implementation for Kubernetes

**What this PR does / why we need it**: This PR adds SCTP support to Kubernetes, including Service, Endpoint, and NetworkPolicy.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #44485

**Special notes for your reviewer**:

**Release note**:

```release-note

SCTP is now supported as additional protocol (alpha) alongside TCP and UDP in Pod, Service, Endpoint, and NetworkPolicy.  

```
 2018-08-28 07:21:18 -07:00
wojtekt 8fb365df32 Reduce amount of allocations in kube-proxy 2018-08-28 15:18:58 +02:00
Lion-Wei 47153803fb update autogenerated file 2018-08-28 09:14:27 +08:00