github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
76,507 Commits
32 Branches
881 Tags
632 MiB
Commit Graph

161 Commits (750881c0ab62a9f59d53582bc33826caa167aa83)

Author SHA1 Message Date
Casey Callendrello c3da106f31 cherry pick of 017f57a, had to do a very simple merge of BUILD 2019-05-31 14:12:36 -07:00
Kubernetes Prow Robot c72a5b2c10
Merge pull request #75719 from DataDog/automated-cherry-pick-of-#75295-upstream-release-1.14 
Automated cherry pick of #75295 upstream release 1.14
 2019-04-30 00:05:36 -07:00
Igor German dc734edb3c proxy: Take into account exclude CIDRs while deleting legacy real servers 2019-04-11 18:13:13 +03:00
Laurent Bernaille a20735141c
Add flag to enable strict ARP 2019-03-26 10:13:17 +01:00
Jacob Tanenbaum c3548165d5 Clear conntrack entries on 0 -> 1 endpoint transition with externalIPs 
As part of the endpoint creation process when going from 0 -> 1 conntrack entries
are cleared. This is to prevent an existing conntrack entry from preventing traffic
to the service. Currently the system ignores the existance of the services external IP
addresses, which exposes that errant behavior

This adds the externalIP addresses of udp services to the list of conntrack entries that
get cleared. Allowing traffic to flow

Signed-off-by: Jacob Tanenbaum <jtanenba@redhat.com>
 2019-03-15 11:18:51 -04:00
danielqsj 10ab3fb832 clean the deprecated metrics which introduced recently 2019-03-06 15:23:46 +08:00
danielqsj f7b437cae0 convert latency in mertics name to duration 2019-02-22 21:40:13 +08:00
Kubernetes Prow Robot 059d6057dd
Merge pull request #73323 from prameshj/clear-externalip-conntrack 
Clear conntrack entries for externalIP and LoadBalancer IP
 2019-02-19 18:38:17 -08:00
Pavithra Ramesh 24d3ab83dc Remove conntrack entries from loadbalancer ip too. 2019-02-13 09:55:31 -08:00
Matt Matejczyk 7141ece4bf Start exporting the in-cluster network programming latency metric. 2019-02-12 08:09:59 +01:00
Ashish Ranjan 7be223e798 Refactor to use k8s.io/utils/net/ package instead of kubernetes/pkg/util/net/sets 
Signed-off-by: Ashish Ranjan <ashishranjan738@gmail.com>
 2019-02-04 10:34:53 +05:30
Kubernetes Prow Robot b8d6de320f
Merge pull request #72334 from danielqsj/kp 
Change proxy metrics to conform metrics guidelines
 2019-01-25 18:32:12 -08:00
prameshj 5667ebd4f6
Merge branch 'master' into clear-externalip-conntrack 2019-01-25 11:12:16 -08:00
Pavithra Ramesh 168602e597 Clear conntrack entries for externalIP 
When an endpoint is deleted, the conntrack entries are cleared for
clusterIP but not for externalIP of the service. This change adds
that step.
 2019-01-25 11:05:18 -08:00
yanghaichao12 ba64ae18bc Fix typos in kube-proxy 2019-01-07 11:08:34 -05:00
Kubernetes Prow Robot dfea6456f1
Merge pull request #72432 from DataDog/issue-71596 
Fix for #71596
 2019-01-03 20:22:15 -08:00
Laurent Bernaille 7092e2f9f4 [kube-proxy/IPVS] Enforce ExternalTrafficPolicy:local even for services without affinity 2018-12-29 13:01:35 +01:00
danielqsj 8975e62254 Change proxy metrics to conform guideline 2018-12-26 17:25:10 +08:00
Kubernetes Prow Robot ae88c2d7b4
Merge pull request #70616 from teemow/teemow-proxy-flush-iptables-first 
flush iptable chains first and then remove them
 2018-12-20 08:53:47 -08:00
Laurent Bernaille 8bafc9771e [kube-proxy/ipvs] Do not try to delete RS already in termination list 2018-12-17 13:46:50 +01:00
Kubernetes Prow Robot 9d80e7522a
Merge pull request #71911 from Nordix/issue-70113-2 
Only handle addresses of the own ip family
 2018-12-10 23:02:33 -08:00
Kubernetes Prow Robot 0914272a42
Merge pull request #71035 from Nordix/issue-68437 
Fixes NodePort in ipv6 with proxy-mode=ipvs
 2018-12-10 08:53:42 -08:00
Lars Ekman 5065f89a17 Only handle addresses of the own ip family 2018-12-10 12:14:42 +01:00
Kubernetes Prow Robot a69b565c3e
Merge pull request #71834 from DataDog/lbernail/ipvs-sysctls 
[kubeproxy/ipvs] New sysctls to improve pod termination
 2018-12-09 23:59:16 -08:00
Laurent Bernaille ec598d1a16 [kube-proxy/ipvs] Gofmt 2018-12-08 23:49:49 +01:00
Laurent Bernaille 0f9d30dd27 [kube-proxy/ipvs] Avoid unbinding multiple times for multiport svc 2018-12-08 23:47:59 +01:00
Laurent Bernaille e8c7dba25b [kube-proxy/ipvs] Apply graceful termination logic when unbinding addresses 2018-12-08 21:16:13 +01:00
Laurent Bernaille 81252e2ec1 [kube-proxy/ipvs] Apply graceful termination when deleting a service 2018-12-08 21:15:58 +01:00
Laurent Bernaille 1570d9f042 [kubeproxy/ipvs] New sysctls to improve pod termination 2018-12-06 19:49:47 +01:00
Lars Ekman c3c7152c55 Corrected condition. Fix for #71596 2018-11-30 18:44:46 +01:00
Laurent Bernaille 7acb5a67fb [kube-proxy/ipvs] Display RS complete name in logs 
Help distinguish UDP and TCP RS (useful for DNS which uses both)
 2018-11-28 18:02:11 +01:00
Lars Ekman 2e5a985e47 Updates after review 2018-11-19 11:44:17 +01:00
liangwei f39060c604 set net/ipv4/vs/conn_reuse_mode to 0 2018-11-16 15:17:24 +08:00
Lars Ekman e2409a054b Fixes NodePort in ipv6 with proxy-mode=ipvs. #68437 
Use ipv6 addresses for NodePort with proxy-mode=ipvs in a
ipv6-only cluster.
 2018-11-14 12:34:06 +01:00
AdamDang cc4d38c768 Typo fix: healtcheck->healthcheck (#65394) 
Typo fix: healtcheck->healthcheck

Typo fix: healtcheck->healthcheck
 2018-11-13 19:45:24 -08:00
k8s-ci-robot d8e78c8ac5
Merge pull request #66149 from honkiko/do-not-take-all-endpoints-into-ipset 
hairpin ipset could only contain local endpoints
 2018-11-12 02:04:09 -08:00
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
Weibin Lin 4b90559369 use 'nf_conntrack' instead of 'nf_conntrack_ipv4' for linux kernel >= 4.19 2018-11-05 10:33:31 +08:00
Timo Derstappen 90d2c5ca5a
flush iptable chains first and then remove them 
while cleaning up ipvs mode. flushing iptable chains first and then
remove the chains. this avoids trying to remove chains that are still
referenced by rules in other chains.

fixes #70615
 2018-11-03 11:36:14 +01:00
kvaps 489e95bc30 Set arp_ignore and arp_announce flags 2018-11-01 10:38:42 +01:00
Weibin Lin 95d379021b add module 'nf_conntrack' in ipvs prerequisite check 2018-10-27 16:40:38 +08:00
k8s-ci-robot 3b5d2e865e
Merge pull request #68436 from Nordix/issue-67799 
Create ipsets with family inet6 in an ipv6-only cluster
 2018-10-24 02:16:11 -07:00
Weibin Lin 73e3d8a081 Improve the ipvs error message 2018-10-10 16:16:58 +08:00
liangwei 456c351e31 fix bugs introduced by ipvs graceful termination 2018-09-30 16:40:13 +08:00
liangwei 80ff8b359c ipvs support graceful termination 2018-09-27 15:14:51 +08:00
k8s-ci-robot 4ca9fa737e
Merge pull request #68760 from jessfraz/only-set-sysctl-if-not-set 
pkg/proxy: only set sysctl if not already set
 2018-09-26 04:56:59 -07:00
k8s-ci-robot fdd9c2e2a0
Merge pull request #67990 from tizhou86/newPR5 
Fix golint error under pkg/proxy.
 2018-09-24 17:17:19 -07:00
Jess Frazelle f8ba640ced
pkg/proxy: only set sysctl if not already set 
This will allow for kube-proxy to be run without `privileged` and
with only adding the capability `NET_ADMIN`.

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
 2018-09-19 15:29:53 -04:00
Jia Xin 4ca62e4f39 Restore *filter table for ipvs 
Resolve: #68194
 2018-09-18 20:26:27 +08:00
Lars Ekman 0db4f6af4a Fix for #67799 
Ipsets are now created with "family inet6" in an ipv6-only
cluster.
 2018-09-08 19:48:40 +02:00