github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
51,078 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

521 Commits (f32b390cf08a9afd9f9899e0d97a90eb162b32a8)

Author SHA1 Message Date
k8s-merge-robot 0cc0bd342f Merge pull request #20520 from thockin/iptables-test-nits 
Auto commit by PR queue bot
 2016-02-06 22:34:10 -08:00
Tim Hockin 1e7db4a174 Implement proper cleanup in iptables proxy 2016-02-07 02:42:18 +00:00
Tim Hockin 107c5f7813 Put all masquerade mark logic into new chains 
This allows us to use the MARK-MASQ chain as a subroutine, rather than encoding
the mark in many places.  Having a KUBE-POSTROUTING chain means we can flush
and rebuild it atomically.  This makes followon work to change the mark
significantly easier.
 2016-02-07 02:42:07 +00:00
Tim Hockin 41ba8ced6d Dont log errors on proxy leftover cleanup 2016-02-07 02:41:50 +00:00
Marc Lough c33fcba311 Reject packets to services without endpoints 2016-02-04 20:56:02 +00:00
Prashanth Balasubramanian 589b7fdc92 Don't handshake with watch interrupt in proxy unittests. 2016-02-04 10:55:25 -08:00
Prashanth Balasubramanian f9b96d2c71 Make sure at least one interrupt is buffered before dropping. 2016-02-03 19:23:17 -08:00
Prashanth Balasubramanian e1fa6e9fb8 kube-proxy applies latest snapshot of endpoints and services. 2016-02-03 12:58:37 -08:00
Tim Hockin 11f75e61b9 Inject a kernel-compat tester for kube-proxy test 2016-02-02 22:11:39 -08:00
Tim Hockin f3de95ff41 test nits and a TODO for iptables tests 2016-02-02 14:19:16 -08:00
k8s-merge-robot 26202fc98a Merge pull request #18804 from marun/fix-nodeport-services 
Auto commit by PR queue bot
 2016-02-02 14:07:49 -08:00
Maru Newby a5e00da867 Fix nodeport service compat with default-deny fw 2016-02-01 21:34:30 +00:00
harry 1032067ff9 Replace runtime reference by pkg 2016-02-01 21:06:44 +08:00
Harry Zhang 936a11e775 Use networking to hold network related pkgs 
Change names of unclear methods

Use net as pkg name for short
 2016-01-15 13:46:16 +08:00
David Oppenheimer 8ac484793d Comment out calls to httptest.Server.Close() to work around 
https://github.com/golang/go/issues/12262 . See #19254 for
more details. This change should be reverted when we upgrade
to Go 1.6.
 2016-01-11 23:02:11 -08:00
k8s-merge-robot 5b6a7c6012 Merge pull request #18524 from thockin/kube-proxy-close 
Auto commit by PR queue bot
 2015-12-17 01:33:12 -08:00
Wojciech Tyczynski 960808bf08 Switch to versioned ListOptions in client. 2015-12-14 14:26:09 +01:00
Tim Hockin ad07709461 Fully close sockets in kube-proxy 
We were trying to be clever and respect TCP's notion of half-open sockets, but
it causes leaks when we can't unblock io.Copy().  This fixes those leaks and
seems to follow most expectations.  I think we were just be too clever.
 2015-12-10 11:34:13 -08:00
Wojciech Tyczynski b0fcb5adef Pass ListOptions to List in ListWatch. 2015-12-07 11:53:53 +01:00
Wojciech Tyczynski b6ef62af24 Use unversioned.ListOptions in clients. 2015-11-24 16:52:09 +01:00
Tim Hockin 970c045848 Enable iptables kube-proxy by default in master 2015-11-13 18:38:01 -08:00
k8s-merge-robot 36bae67910 Merge pull request #16548 from ArtfulCoder/kube-proxy-mem-use 
Auto commit by PR queue bot
 2015-10-30 06:23:14 -07:00
Abhishek Shah 5367a32ee9 Read Iptables-save output in a more-memory-efficient way 2015-10-29 15:30:00 -07:00
Avesh Agarwal e1837185de Improves iptables cleanup for pure iptables based proxier. 2015-10-27 13:08:16 -04:00
Wojciech Tyczynski d47e21f19f Reuse TCP connections in Reflector between resync periods. 2015-10-26 19:35:25 +01:00
Saad Ali 06113d3b87 Merge pull request #16137 from ArtfulCoder/externalIPFix 
release NodePort correctly
 2015-10-23 12:03:38 -07:00
Abhishek Shah 7c64802f48 release NodePort correctly 2015-10-22 16:36:52 -07:00
Abhishek Shah d172ca6986 Added UdpIdleTimeout flag 2015-10-21 17:25:35 -07:00
k8s-merge-robot 18ad5f8cdf Merge pull request #15745 from ArtfulCoder/reduceTimeout 
Auto commit by PR queue bot
 2015-10-19 13:02:17 -07:00
k8s-merge-robot 75c977d200 Merge pull request #15596 from zhengguoyong/alias_util_errors_packagename 
Auto commit by PR queue bot
 2015-10-19 02:35:37 -07:00
Jordan Liggitt 55cd3f1030 Platform-specific setRLimit implementations 2015-10-18 21:26:39 -04:00
eulerzgy f8f9afb874 alias local packagename for pkg/util/errors 2015-10-18 09:37:46 +08:00
Abhishek Shah de214829f6 Update endpoint dialTimeouts to reasonable values 2015-10-16 14:57:43 -07:00
derekwaynecarr 970c369f31 Kubelet sets kernel overcommit_memory flag 2015-10-06 14:28:46 -04:00
Alex Robinson b1461be2e4 Merge pull request #14982 from Huawei-PaaS/fixed_typos_for_proxy 
Fixed some typos for pkg/proxy
 2015-10-05 11:40:03 -07:00
Alex Robinson c1012d8c93 Merge pull request #14882 from ArtfulCoder/logformat 
fixed log format
 2015-10-05 10:50:30 -07:00
qiaolei 718d7df276 Fixed some typos 2015-10-03 00:33:35 +08:00
k8s-merge-robot fb4882620f Merge pull request #14611 from MikaelCluseau/wip-optional-sysctl 
Auto commit by PR queue bot
 2015-10-01 00:28:38 -07:00
Abhishek Shah 6278b5f648 fixed log format 2015-09-30 16:29:32 -07:00
Mikaël Cluseau 4bf0ef8ce2 setSysctl for bridge-nf-call-iptables should fail with a warning 2015-09-26 17:11:33 +11:00
Tim Hockin 3c36439665 Don't log every connection by default 2015-09-25 14:02:24 -07:00
Tim Hockin 7509bf6318 Set UDP timeout to 1/4 second 2015-09-25 14:02:24 -07:00
Abhishek Shah 6945cb050c Set rlimit for openfile handles to 64k 2015-09-18 10:53:55 -07:00
Daniel Martí 586cb9126a Move pkg/util.Time to pkg/api/unversioned.Time 
Along with our time.Duration wrapper, as suggested by @lavalamp.
 2015-09-17 17:51:27 -07:00
k8s-merge-robot bf990acefa Merge pull request #13988 from thockin/kube-proxy-startup-clobber 
Auto commit by PR queue bot
 2015-09-17 01:29:35 -07:00
Alex Mohr 2cf207ec60 Merge pull request #13992 from aveshagarwal/userspace-proxy-typo 
Fixes error message.
 2015-09-16 21:49:19 -07:00
Tim Hockin 84a9b0a37a Fix bug in iptables proxy that clobbered endpoints 
There is a race at startup where the two watch operations might clobber state
if the initial message comes in the wrong order.
 2015-09-15 13:07:33 -07:00
Avesh Agarwal a84e49aaab Fixes error message. 2015-09-15 14:37:56 -04:00
Dan Winship 30ea22f40e Make kube-proxy resync its rules on firewalld restart 2015-09-15 11:17:40 -04:00
Dan Winship 8bc9c40796 Watch for firewalld restart, to allow reloading iptables rules 2015-09-15 11:17:40 -04:00
Daniel Smith b225c1d47a Run gofmt (separate commit for easy rebases) 2015-09-10 17:17:59 -07:00
Daniel Smith 15b30b8b09 Move version agnostic parts of client 
pkg/client/unversioned/cache -> pkg/client/cache
pkg/client/unversioned/record -> pkg/client/record
 2015-09-10 17:17:59 -07:00
Daniel Smith 9fc8a79e37 Revert "Revert "Don't take the proxy mutex in the traffic path"" 2015-09-01 16:40:11 -07:00
Daniel Smith 46ae7e87c7 Increase timeout to fix flaky tests 2015-09-01 16:08:13 -07:00
Daniel Smith a20d7ca481 Revert "Don't take the proxy mutex in the traffic path" 2015-09-01 13:33:05 -07:00
k8s-merge-robot 3d51f524b5 Merge pull request #13386 from danwinship/iptables-w 
Auto commit by PR queue bot
 2015-09-01 13:07:57 -07:00
Tim Hockin f0a9badd2d Don't take the proxy mutex in the traffic path 
This should make throughput better on the userspace proxier.

Fixes #11977
 2015-08-31 17:01:52 -07:00
Dan Winship a41e422600 Drop the "v" from GetIptablesVersionString() output 
Neither of its callers wants it
 2015-08-31 09:54:57 -04:00
Tim Hockin 8e503f3814 Hold node ports in iptables proxier 2015-08-24 16:35:05 -07:00
Tim Hockin 5087ae6c93 Hold node-ports for publicIPs for local IPs 2015-08-24 16:32:44 -07:00
Tim Hockin f5a9281a26 Actually hold NodePorts open in kube-proxy 2015-08-24 16:32:44 -07:00
Nikhil Jindal 9a7f871d17 Merge pull request #12896 from thockin/proxy-nodeports 
Tail-call nodeports rules in iptables proxy
 2015-08-24 10:39:54 -07:00
Tim Hockin 16102c41df Tail-call nodeports rules in iptables proxy 2015-08-21 14:15:21 -07:00
BenTheElder 81ab51709a Add --cleanup-iptables flag to kube-proxy 
Adds a flag to cleanup iptables rules created by kube-proxy per
https://github.com/mesosphere/kubernetes-mesos/issues/353#issuecomment-1
27382832
 2015-08-21 14:44:11 -04:00
Jerzy Szczepkowski 3df1b9e151 Merge pull request #12986 from BenTheElder/masquerade_all_flag 
Add flag to masquerade all in kube-proxy when using iptables proxier
 2015-08-21 10:28:07 +02:00
BenTheElder 1f2076ce64 Add flag to masquerade all in kube-proxy when using iptables proxier 2015-08-20 20:12:32 -04:00
Abhishek Shah b6b8e99393 External IPs support. 2015-08-20 16:10:01 -07:00
jiangyaoguo 5a95eb7326 Test UDP timeout 2015-08-19 21:50:43 +08:00
Kris Rousey ae6c64d9bb Moving everyone to unversioned client 2015-08-18 10:23:03 -07:00
Tim Hockin 6f34be30a3 Limit float precision to 5 points 2015-08-17 20:57:44 -07:00
Tim Hockin 7e9c685ba6 Require same min iptables version as -C 2015-08-17 20:57:44 -07:00
Tim Hockin 3a5c23d727 test for and set bridge-nf-call-iptables sysctl 2015-08-17 20:57:44 -07:00
Tim Hockin 9cf33772b4 test for and set route_localnet sysctl 2015-08-17 20:52:06 -07:00
Tim Hockin f1a48574a6 Clean up logging, make initial sync faster 2015-08-17 20:52:06 -07:00
Tim Hockin d72892d0b0 Include protocol in the hash for chain names 2015-08-17 20:52:06 -07:00
Tim Hockin 731d5e5191 Clean up iptables rules, add nodeport support 2015-08-17 20:52:06 -07:00
Tim Hockin d14c98f6cc Add nodepoprt chain and link it in, add unused MASQ rule 2015-08-17 20:52:06 -07:00
Robert Bailey 6fcdcec25d Merge pull request #12658 from sdminonne/bug_fix2 
to fix govet issue
 2015-08-17 10:58:10 -07:00
Tim Hockin 776132e1ae Make kube-proxy iptables sync period configurable 2015-08-13 09:53:32 -07:00
Salvatore Dario Minonne 48018c402c to fix govet issue 2015-08-13 17:26:43 +02:00
BenTheElder 8006a39cc3 Fix #12596 
Fix for https://github.com/kubernetes/kubernetes/issues/12596
Disconnect the pure-iptables proxy’s services chain when starting the
userspace proxy.
 2015-08-12 20:06:09 -04:00
BenTheElder ae569e20b5 Partially Implement #3760 2015-08-12 02:39:15 -04:00
Piotr Szczesniak 1df0267f4a Merge pull request #12551 from eparis/underscore-to-dash 
Update code and docs to use - in flag names instead of _
 2015-08-12 07:16:31 +02:00
Kris Rousey 565189f5b8 Correcting all go vet errors 2015-08-11 13:55:37 -07:00
Eric Paris 5aa495cdad Update code to use - in flag names instead of _ 2015-08-11 16:31:52 -04:00
Alex Robinson c5e221dca7 Merge pull request #12440 from BenTheElder/proxy_config_handler_refactor 
Refactor `pkg/proxy/config`'s ServiceConfigHandler and EndpointsConfigHandler.
 2015-08-10 09:44:38 -07:00
Veres Lajos 9f77e49109 typofix - https://github.com/vlajos/misspell_fixer 2015-08-08 22:31:48 +01:00
BenTheElder 6bbf2aaab7 Refactor pkg/proxy/config's ServiceConfigHandler and EndpointsConfigHandler to have different update methods. 
Refactor `pkg/proxy/config`’s ServiceConfigHandler.OnUpdate and
EndpointsConfigHandler.OnUpdate to different method names as they have
different signatures.

This will let the new proxy
(https://github.com/GoogleCloudPlatform/kubernetes/issues/3760)
implement both interfaces.

Since we won’t need a separate loadbalancer structure (load balancing
is handled in the proxy rules), we will simply handle both event types
from the same object.
 2015-08-08 15:16:55 -04:00
BenTheElder f6d257c0f3 fix missing import in roundrobin_test.go 2015-08-08 00:02:35 -04:00
BenTheElder 962a7b492b in pkg/proxy, merge proxy_provider.go and service_port_name.go to types.go 2015-08-07 21:10:34 -04:00
BenTheElder 1f6baa6549 Move userspace code to sub-package in proxy. 
Moves the userspace code in proxy to a sub-package and adds the
ProxyProvider interface.

This is in preparation for landing an implementation of
https://github.com/GoogleCloudPlatform/kubernetes/issues/3760, which
will mostly be in another sub package for iptables.
 2015-08-07 20:07:15 -04:00
BenTheElder 5867fca8bf Fix iptables Interface mocking, move Restore/RestoreAll to shared impl 
also put TODO for unit tests, move defer file deletion until after file
creation error is checked.
 2015-08-07 19:08:21 -04:00
Mike Danese 17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese 8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Abhishek Shah 4bbecea4e6 Changed udpIdleTimeout to 1 second from 10 seconds 2015-08-03 15:32:59 -07:00
jiangyaoguo 79ed954ec2 replace Reflector with client.cache.Reflector in kube-proxy 2015-06-29 11:21:50 +08:00
James DeFelice 4abcf7449c implementation of proxy port allocation 2015-06-02 12:28:25 +00:00
Tim Hockin ac3cc3c518 Rename PORTAL_NET all over 2015-05-28 16:10:44 -07:00
Tim Hockin 4318ca5a8b Rename 'portal IP' to 'cluster IP' most everywhere 
This covers obvious transforms, but not --portal_net, $PORTAL_NET and
similar.
 2015-05-28 16:10:44 -07:00
Tim Hockin bd2314fa78 Fix session affinity in kube-proxy 2015-05-26 17:19:29 -07:00
BenTheElder d223b795f3 Correct copyright in proxysocket.go 
I created this file earlier this year. It should say 2015 not 2014.
 2015-05-25 12:00:50 -04:00
Justin Santa Barbara 4b9b7ec2f9 Continue to support (deprecated) publicIPs 
Not doing so breaks e2e tests and people that may be using them,
even though we will eventually want to stop supporting this now
that we have better alternatives for typical use cases (NodePort)
 2015-05-23 16:37:27 -04:00
Justin Santa Barbara 7346cc8042 Add ServiceType = NodePort; wire everything up 2015-05-22 19:14:28 -04:00
Justin Santa Barbara e49ad95462 Mark PublicIPs as deprecated & rename to DeprecatedPublicIPs in the latest API 
We need to keep them in the API so that we can round-trip between versions.
 2015-05-22 19:14:27 -04:00
Justin Santa Barbara 3884d5fc59 Add LoadBalancer status to ServiceStatus 
This will replace publicIPs
 2015-05-22 18:27:05 -04:00
Justin Santa Barbara 1ad4549f5f Proxy infrastructure for NodePorts 
A service with a NodePort set will listen on that port, on every node.

This is both handy for some load balancers (AWS ELB) and for people
that want to expose a service without using a load balancer.
 2015-05-22 17:21:49 -04:00
Tim Hockin 270c031bec Merge pull request #8484 from thockin/proxier-old-iptables 
Clean up old iptables (pre-ip-per-service) legacy
 2015-05-19 11:21:46 -07:00
Justin Santa Barbara 2473a81412 Add mutex lock to cleanupStaleStickySessions 
Proxier.serviceMap is supposed to be guarded by the mutex
 2015-05-19 09:11:05 -04:00
Tim Hockin b64868f23b Clean up old iptables (pre-ip-per-service) legacy 2015-05-18 20:27:40 -07:00
Tim Hockin a548d542db Rename AffinityType to ServiceAffinity 2015-05-18 17:21:30 -07:00
Clayton Coleman a2e4f95e32 Merge pull request #8269 from smarterclayton/add_proxier_error 
Proxier should return typed errors
 2015-05-18 10:00:44 -04:00
Clayton Coleman de36967c7e Proxier should return typed errors 2015-05-15 13:50:05 -04:00
BenTheElder 78d2fda480 Move proxySocket out of proxier.go to proxysocket.go 
Moves proxySocket out of proxier.go to new proxysocket.go in proxy
package in order to start separating proxy logic and implementation and
make proxier more manageable to review.
 2015-05-14 19:08:35 -04:00
Tim Hockin 667dd81905 un-export CreateProxier 2015-05-14 11:37:25 -07:00
Daniel Smith 16a6fb8ef7 Replace calls to time.After with time.NewTimer for explicit stopping 2015-05-04 14:29:33 -07:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Xiang Li 7e36a88068 pkg/proxy: a more reliable way to detect a closed proxy 2015-04-13 10:11:22 -07:00
Dawn Chen b6ec2f971e Merge pull request #6741 from xiang90/udp_timeout 
proxy: lower udp timeout
 2015-04-13 08:58:02 -07:00
Xiang Li 233ec922f3 proxy: lower udp timeout 2015-04-11 23:51:08 -07:00
Xiang Li 4b29947652 pkg/proxy: panic if run out of fd 
When proxy runs out of fd, it fills the logs with error message.
From #6716, it is better to just panic().
 2015-04-11 13:09:15 -07:00
Clayton Coleman 51db3bd654 Create a new testclient package that can be backed by disk files 
Standardize how our fakes are used so that a test case can use a
simpler mechanism for providing large, complex data sets, as well
as represent queries over time.
 2015-04-07 14:56:15 -04:00
Vishnu Kannan eb1c453a9a Updating kube-proxy logging levels to assist debugging. 2015-04-03 20:19:52 +00:00
Tim Hockin 186818d787 WIP: Implement multi-port Services 2015-03-30 19:28:11 -07:00
Alex Robinson 151b871eff Fix bug in kube-proxy of not updating iptables rules if a service's 
public IPs change, and add tests to catch the bug.
 2015-03-30 20:39:59 +00:00
Tim Hockin 8ae203825b Implement multi-port endpoints 
Instead of endpoints being a flat list, it is now a list of "subsets"
where each is a struct of {Addresses, Ports}.  To generate the list of
endpoints you need to take union of the Cartesian products of the
subsets.  This is compact in the vast majority of cases, yet still
represents named ports and corner cases (e.g. each pod has a different
port number).

This also stores subsets in a deterministic order (sorted by hash) to
avoid spurious updates and comparison problems.

This is a fully compatible change - old objects and clients will
keepworking as long as they don't need the new functionality.

This is the prep for multi-port Services, which will add API to produce
endpoints in this new structure.
 2015-03-27 12:36:32 -07:00
Abhishek Gupta b0c23c1046 Headless Services: Adding option to specify None for PortalIP 2015-03-20 12:10:03 -07:00
Salvatore Dario Minonne 31ddefc347 Finalize fields.Selector 2015-03-17 22:55:43 +01:00
Quinton Hoole cc72eaec3a Fix services namespace clash. 
Serve identically names services in different namespaces on different external IP addresses.
 2015-03-16 18:19:19 -07:00
Subin M 269ad3216f fix proxy_test.go file to avoid ChooseHostInterface 2015-03-13 01:40:48 +05:30
Tim Hockin 52298ab851 Merge pull request #4865 from sub-mod/proxier_go_change 
use ChooseHostInterface in kube-proxy
 2015-03-11 08:09:32 -07:00
Subin M b8c91e7344 use ChooseHostInterface in kube-proxy 2015-03-11 13:50:53 +05:30
Eric Tune 2ca265ae3b Remove --etcd_servers flag from kubelet and proxy. 
All the distros that use this have been updated,
or have PRs out to update them, or owners
have been asked to fix RPMs.

Removing this prevents further use of this model.

Remove now dead code: EtcdClientOrDie

Remove now dead pkg/proxy/config/etcd.go.

Remove unused imports.
 2015-03-10 09:29:09 -07:00
Tim Hockin 5dc98968c3 Refactor load balancer. 
Flatten 3 parallel maps into a map to structs (balancerState).
 2015-02-23 12:59:59 -08:00
Tim Hockin 8503c34694 Fix unprotected shared state in load balancer 2015-02-23 12:59:35 -08:00
Tim Hockin e88134f736 Some renames in round-robin balancer 
Making a clear path for more service port changes,making this code more
comprehensible.
 2015-02-23 12:56:44 -08:00
Tim Hockin 37b8c14a4f use a strong type for loadbalancer keys 2015-02-23 12:56:44 -08:00
Brendan Burns 9829128a75 Merge pull request #4580 from thockin/plural_20_endpoints 
Part 2 of plural ports: make endpoints a struct
 2015-02-20 15:42:19 -08:00
Daniel Smith 17feadf977 Merge pull request #4240 from thockin/hyperkube 
Hyperkube cleanup
 2015-02-20 11:12:32 -08:00
Eric Paris e8acfe5f81 change proxy to satisfy both gofmt 1.3 and 1.4 gofmt 
gofmt -s from 1.4  does not like
	for _ = range BLAH
it wants
	for range BLAH

But gofmt from 1.3 dies:
	./pkg/proxy/config/config.go:265:6: expected operand, found 'range'
	./pkg/proxy/config/config.go:268:3: expected '{', found 'EOF'

So instead, rewrite the code to make them both happy
 2015-02-20 12:30:33 -05:00
Tim Hockin 8c2ff81ae0 move pkg/proxy/server to cmd/kube-proxy/app 2015-02-20 08:49:12 -08:00
Eric Paris 9965604d4b check gofmt with golang 1.4 2015-02-20 10:31:06 -05:00
Victor Marmol 2d1a8d0da0 Allow ApplyOomScoreAdj to specify what PID to adjust for. 2015-02-19 17:16:31 -08:00
Tim Hockin ae0062d001 Part 2 of plural ports: make endpoints a struct 
Includes conversions for v1b[12] and tests and fixups for call sites.
 2015-02-18 19:54:15 -08:00
Tim Hockin 411666decb Get rid of ServiceSpec.ProxyPort 
As far as I know, nobody uses it.  It was replaced by PublicIPs.  If I were
being very polite I would leave it in internal, but since I am 99.99% sure
nobody uses it, I am cutting it.  Let's argue about it.
 2015-02-03 22:45:00 -08:00
Tim Hockin 3b5ea74a48 Fix a race in kube-proxy causing runaways 
It was an ABA problem where the proxy loop might see its own service as
"existing" when it had been destroyed and recreated (as in an update).

To prove this I added a counter of running ProxyLoop goroutines and check that
in tests.  If I undo my main change, the tests fail.  This makes the
proxier_test significantly slower (3 seconds vs 0.5 seconds).  Sorry.
 2015-02-03 17:08:09 -08:00
Joe Beda 638069b879 Convert proxy server to hyperkube 2015-02-02 14:03:13 -08:00
Mike Danese d77743a07c gimports nits 2015-01-26 22:42:29 -08:00
Steve Reed f7e3cb12a6 Moves string slice sorting, copying and shuffling into pkg/util/slice 2015-01-22 14:20:23 -08:00
Steve Reed 38241c7e80 Copies endpoint slices before any sorting 2015-01-22 14:20:18 -08:00
Steve Reed 79a6bfb95f Fixes #3640 by shuffling endpoints in the round-robin load balancer 2015-01-22 14:19:56 -08:00
Mike Danese 8b65621aeb fix interface conversion panic 2015-01-16 12:23:16 -08:00
fabianofranz 0235bca2d3 When choosing a host interface proxier must only consider the ones with an address assigned 2015-01-14 17:09:27 -02:00
Daniel Smith 24e59de06e Merge pull request #3392 from erictune/reflector_proxy 
Reconcile kubelet and kube-proxy watching code, initial steps.
 2015-01-12 14:55:26 -08:00
Eric Tune 295800201e Make pkg/proxy/config more like pkg/kubelet/config 
Split SourceAPI into two subobjects.

Parallel structure for endpoints, services will allow
changing to use generic code in pkg/client/cache/reflector.go.

Rename some funcs to be more like pkg/client/cache.
 2015-01-12 14:37:04 -08:00
Brendan Burns 6ad88bb143 Clear resourceVersion on errors. 2015-01-12 11:45:38 -08:00
Tim Hockin 4fcd496d59 change everything to use new util/errors 2015-01-08 22:10:03 -08:00
Brendan Burns 0f60d7bca3 Reset the resourceVersion so that we poll again for non-timeout errors. 2015-01-06 11:45:03 -08:00
Tim Hockin ca27fb259c Don't use pointers for session affinity 2014-12-29 14:43:17 -08:00
Tim Hockin e045c6ce2f Split portals into host and container 
After this DNS is resolvable from the host, if the DNS server is targetted
explicitly.  This does NOT add the cluster DNS to the host's resolv.conf.  That
is a larger problem, with distro-specific tie-ins and circular deps.
 2014-12-29 09:18:12 -08:00
Mike Foley c4e94efe16 Sticky Session Implementation 
- Added process to cleanup stale session affinity records
- Automatically set cloud provided load balancer for sticky session if the service requires it - Note, this only works on GCE right now.
- Changed sessionAffinityMap a map to pointers instead of structs to improve performance
- Commented out cookie and protocol from sessionAffinityDetail to avoid confusion as it is not yet implemented.
 2014-12-18 18:46:10 -05:00
Eric Tune 64f1084c1a Rename util.config.Watcher -> util.config.Broadcaster. 
Watch is a widely used term in the codebase, which doesn't capture
the key feature of this type: broadcasting a change to several
listeners.
 2014-12-04 00:10:27 -08:00
Daniel Smith 6cb26e17a4 Merge pull request #2697 from erictune/no_accept_err 
Proxy: Avoid log error.  Simplify locking.
 2014-12-03 14:06:17 -08:00
Daniel Smith 5466c06b3a Merge pull request #2733 from erictune/handle_error 
Handle error from watch.
 2014-12-03 14:02:54 -08:00
Eric Tune 909f82f463 Proxy: Avoid log error. Simplify locking. 
Don't log an error when Accept failed because the interface (portal)
was just removed.

Don't pass around a pointer to a serviceInfo since another thread
deletes those.  Instead, just check if service name is still in the
service map.

Delete the locking on the serviceInfo object since it is only used
by the "main" proxier thread.
 2014-12-03 12:34:54 -08:00
Eric Tune deb101a1fb Handle error from watch. 
A watch of the API can return an api.Status rather than the watched
obejct type.  This code didn't handle that.

Tested with services e2e test (in conjunction with other PR).
 2014-12-03 12:33:26 -08:00
Eric Tune 9964410f77 Use plus-v format for some complex structures. 2014-12-02 22:13:08 -08:00
Brendan Burns 6b009f06cd Merge pull request #2635 from thockin/public-ip 
Enable public IPs even in not createExternal...
 2014-12-01 14:56:22 -08:00
Meir Fischer d1c93384e9 Set initial timeout on UDP proxy connection creation 2014-11-29 21:32:45 -05:00
Tim Hockin e925deccb0 Fix iptables for old systems 
The iptables args list needs to include all fields as they are eventually spit
out by iptables-save.  This is because some systems do not support the
'iptables -C' arg, and so fall back on parsing iptables-save output.  If this
does not match, it will not pass the check.  For example: adding the /32 on
the destination IP arg is not strictly required, but causes this list to not
match the final iptables-save output.  This is fragile and I hope one day we
can stop supporting such old iptables versions.
 2014-11-26 12:50:44 -08:00
Tim Hockin 0c03f6e784 Enable public IPs even in not createExternal... 
This allows the proxier to portal Public IPs even if the
createExternalLoadBalancer flag is not set.

This also fixes what appears to be a bug in the createExternalLoadBalancer path
wherein multiple PublicIPs would get truncated.
 2014-11-26 10:54:28 -08:00
Meir Fischer 9b441d01ab reset err value to SetDeadline return 2014-11-22 23:48:27 -05:00
Tim Hockin 95a9098311 fix 'go vet' warnings 2014-11-21 09:45:28 +08:00
Tim Hockin ea960711ff Clean up error logs. 
Use %v for errors, tidy some messages, make error messages start lowe-case
(as per go guidelines).  Just accumulated nits.
 2014-11-21 09:45:26 +08:00
Brendan Burns 4a8a2b5a9f Address comments. 2014-11-14 17:23:13 -08:00
Brendan Burns 2aa52d043b Add external services v2 support. 2014-11-14 11:32:54 -08:00
Brendan Burns c2485a4056 Merge pull request #2147 from justinsb/ipv6 
Initial ipv6 / iptables work
 2014-11-14 10:34:37 -08:00
Brendan Burns 3b5029c673 Add some retry to the service proxy. 2014-11-12 16:48:27 -08:00
Tim Hockin bc072206c0 UDP services need UDP portals 2014-11-05 17:47:40 -08:00
markturansky bd7643c033 refactor services to v1beta3 2014-11-04 14:23:53 -05:00
Justin SB 9a053a4b59 Initial ipv6 / iptables work 2014-11-03 15:23:04 -08:00
derekwaynecarr c6eb371c93 Fixup unit tests 2014-10-24 11:49:04 -04:00
derekwaynecarr 580cb5ea4f Rework client.Interface 2014-10-24 11:47:30 -04:00
Clayton Coleman 644eb70085 Refactor tests to split ObjectMeta from TypeMeta 2014-10-24 11:22:21 -04:00
Clayton Coleman 7550c146dc Replace struct initializers for TypeMeta with ObjectMeta 2014-10-24 11:22:21 -04:00
Clayton Coleman bb77a5d15f Rename ID -> Name 2014-10-22 15:00:26 -04:00
derekwaynecarr d4e1076306 Fix etcd in proxy for namespace awareness 2014-10-16 16:28:06 -07:00
Daniel Smith 1f9a4750b5 Fix dangerous Sprintf 2014-10-16 14:36:36 -07:00
Tim Hockin e907011111 Core support for ip-per-service 2014-10-16 08:36:47 -07:00
Daniel Smith 8007614085 Remove untested and unused code 2014-10-13 16:06:44 -07:00
Clayton Coleman a5462c0678 Change test cases to verify the client sends the received resourceVersion 2014-10-07 19:00:26 -04:00
Clayton Coleman 82bcdd3b3b Make ResourceVersion a string internally instead of uint64 
Allows us to define different watch versioning regimes in the future
as well as to encode information with the resource version.

This changes /watch/resources?resourceVersion=3 to start the watch at
4 instead of 3, which means clients can read a resource version and
then send it back to the server. Clients should no longer do math on
resource versions.
 2014-10-07 19:00:26 -04:00
Daniel Smith 2dde76bd03 Fix struct tag in apparently untested config struct 2014-10-07 14:01:45 -07:00
Clayton Coleman d3e51a0f24 Rename JSONBase -> TypeMeta in preparation for v1beta3 
Will make subsequent refactor much easier
 2014-10-07 11:12:16 -04:00
Tim Hockin 0ad0a247c4 Flag-compatible IP type 2014-10-06 11:29:22 -07:00
derekwaynecarr fc67d822c6 Add context as parameter to client interface functions 2014-10-02 12:51:36 -04:00
Tim Hockin 04cdf286a4 Make and use api.Protocol type 2014-09-27 20:31:37 -07:00
Clayton Coleman 4e56dafecc Introduce some default log verbosity control 
Move a lot of common error logging into better buckets:

glog.Errorf() - Always an error
glog.Warningf() - Something unexpected, but probably not an error
glog.V(0) - Generally useful for this to ALWAYS be visible
            to an operator
            * Programmer errors
            * Logging extra info about a panic
            * CLI argument handling
glog.V(1) - A reasonable default log level if you don't want
            verbosity
            * Information about config (listening on X, watching Y)
            * Errors that repeat frequently that relate to conditions
              that can be corrected (pod detected as unhealthy)
glog.V(2) - Useful steady state information about the service
            * Logging HTTP requests and their exit code
            * System state changing (killing pod)
            * Controller state change events (starting pods)
            * Scheduler log messages
glog.V(3) - Extended information about changes
            * More info about system state changes
glog.V(4) - Debug level verbosity (for now)
            * Logging in particularly thorny parts of code where
              you may want to come back later and check it
 2014-09-25 16:30:14 -04:00
Tim Hockin dd9c562769 Get rid of un-needed lock 2014-09-20 11:40:02 -07:00
Tim Hockin a559d8d9b2 Move some test-only code into the test 2014-09-20 11:38:05 -07:00
Tim Hockin 20826e6d50 Move copyBytes closer to use-sites 2014-09-20 11:31:13 -07:00
Tim Hockin cf6ccaee54 Proxy: delete serviceInfo when stopping a service 2014-09-20 11:29:04 -07:00
Tim Hockin 450ccde521 Don't store name twice in proxy 2014-09-16 17:04:23 -07:00
Clayton Coleman 61e3ce7ddc Make runtime less global for Codec 
* Make Codec separate from Scheme
* Move EncodeOrDie off Scheme to take a Codec
* Make Copy work without a Codec
* Create a "latest" package that imports all versions and
  sets global defaults for "most recent encoding"
  * v1beta1 is the current "latest", v1beta2 exists
  * Kill DefaultCodec, replace it with "latest.Codec"
  * This updates the client and etcd to store the latest known version
* EmbeddedObject is per schema and per package now
* Move runtime.DefaultScheme to api.Scheme
* Split out WatchEvent since it's not an API object today, treat it
like a special object in api
* Kill DefaultResourceVersioner, instead place it on "latest" (as the
  package that understands all packages)
* Move objDiff to runtime.ObjectDiff
 2014-09-16 16:26:43 -04:00
Clayton Coleman fe614aeda2 Simple refactor for ease of readability 
runtime.DefaultCodec -> latest.Codec
 2014-09-16 16:12:35 -04:00
Deyuan Deng d5eb731b3f Fix leaking FD. 2014-09-15 19:12:32 -04:00
Tim Hockin 3181f3555d Wrap goroutines in HandleCrash() 2014-09-12 16:47:40 -07:00
Tim Hockin 1e50f118fd Move UDP backend setup to a function 2014-09-12 16:47:40 -07:00
Tim Hockin 86d12681f2 Inject UDP timeout to enable testing 2014-09-12 16:47:40 -07:00
Tim Hockin 38416f6a23 Implement UDP proxying in kube-proxy 2014-09-12 16:47:40 -07:00
Tim Hockin cad6122fe4 Refactor proxy code to make room for UDP 2014-09-12 16:38:17 -07:00
Brendan Burns a343a93b2d Fix a bug where we don't return an error. 2014-09-09 10:29:00 -07:00
Brian Ketelsen 83d3da1436 changed address variable to bindAddress. Used net.JoinHostPort() instead of fmt.Sprintf() 2014-09-07 23:50:36 -07:00
Brian Ketelsen 34922226fd allow proxy to accept a listen address. fixes #1220 2014-09-07 23:27:43 -07:00
Daniel Smith 48ce23ac91 Make client use pointers 2014-09-07 22:19:24 -07:00
Daniel Smith 1c2b65788d Rename Codec and ResourceVersioner to add Default in front, to allow for types of those names 2014-09-07 22:19:24 -07:00
Clayton Coleman 01e668187c Services and Endpoints weren't properly sync'ing 
They need incremental changes and a resync on start.
 2014-09-03 16:04:55 -04:00
Daniel Smith a63966e73c Combine pkg/apitools and pkg/api/common and call the result pkg/runtime 2014-09-02 11:15:44 -07:00
Daniel Smith 099c8fd36f Propagate rename; tests pass again. 2014-09-02 10:42:06 -07:00
Vojtech Vitek (V-Teq) 59f58cd043 Unify Godoc formatting, fix various typos 
Signed-off-by: Vojtech Vitek (V-Teq) <vvitek@redhat.com>
 2014-09-02 13:41:03 +02:00
Clayton Coleman 9006eadcfe kube-proxy can read config from the apiserver 
All clients that talk to a "master" as a host:port or URL
(scheme://host:port) parameter.  Add tests.
 2014-08-27 15:49:01 -04:00
Tim Hockin 23fc00be5c Fix a race in proxy. 
addService() eventually calls getServiceInfo(), but the serviceInfo object may
not be installed yet (race).
 2014-08-25 21:38:16 -07:00
Brendan Burns da74625ac6 Fix the proxier when a service with the same port is re-created, actually restart the proxy. 2014-08-19 12:24:10 -07:00
Joe Beda 8092a80ad9 Merge pull request #903 from erictune/cleanup4 
Pass obj with lock by reference.
 2014-08-14 14:29:01 -07:00
Eric Tune ee91a19f90 Pass obj with lock by reference. Methods->funcs. 
Fixes "lock passed by value" issues raised by "go vet".
 2014-08-14 14:01:27 -07:00
Brendan Burns 7ea2a37219 deflake tests. 2014-08-13 15:41:42 -07:00
Clayton Coleman 7d24615d8e Etcd can close the watch channel for services 
Need to loop and reopen if it's closed.
 2014-08-13 14:21:16 -04:00
Michal Fojtik afbd7a6147 Make proxy/config/etcd.go less verbose when etcd is not available 2014-08-12 11:51:44 +02:00
Kouhei Ueno 2e02967aca Avoid data race in Proxier.OnUpdate 
The bug was that the proxier is passed as value on method decleration.
This caused a copy of Proxier to be created when the method was invoked.
The copy being a shallow copy turned out to have them both reference
a same map instance, but their mutexes were different instances.
This turned out to use different mutexes before operating on a same map
instance, which didn't make sense.
 2014-08-06 04:34:54 +09:00
brendandburns f87a93af7a Merge pull request #754 from kelseyhightower/proxy-cleanup 
proxy: cleanup and minor refactoring
 2014-08-05 11:46:52 -07:00
Kelsey Hightower 1d3e660248 proxy: cleanup and minor refactoring 
This change includes minor refactoring and cleanup of the proxy
package including the following items:

 * Rename source files with misspelling of round robin
 * Remove unnecessary and redundant comments
 * Update comments for clarity
 * Add locking when updating the round-robin index
 * Improve method receiver names
 * Rename the LoadBalance method to NextEndpoint to add clarity

No changes in behaviour have been introduced.
 2014-08-05 07:18:12 -07:00
Clayton Coleman 0c33ed09d4 Remove long sleeps from proxy tests 2014-08-04 15:35:03 -04:00
Clayton Coleman 786b0399c3 Make interval a constant on proxy/config/etcd 
Allow future testing of intervals
 2014-08-04 15:34:43 -04:00
Brendan Burns 2cbe2c18d4 Add a comment to tickle travis. 2014-07-30 15:06:56 -07:00
Brendan Burns 9519a8049b Fixed tests. 2014-07-30 15:02:36 -07:00
Brendan Burns 448a4b7d69 Revert "Revert "Add support for stopping a proxier."" 
This reverts commit 19beaf71b5.
 2014-07-30 06:52:03 -07:00
Daniel Smith 19beaf71b5 Revert "Add support for stopping a proxier." 2014-07-29 23:24:57 -07:00
Daniel Smith 00bdeecb63 Merge pull request #682 from brendandburns/proxy 
Add support for stopping a proxier.
 2014-07-29 23:20:55 -07:00
brendandburns b0d18b2af0 Merge pull request #571 from lavalamp/master 
Decode/Encode everywhere
 2014-07-29 17:19:33 -07:00
Brendan Burns 99f0d2e807 Add support for stopping a proxier. 2014-07-29 15:40:47 -07:00
Brendan Burns aa703a4e72 Make file error logging edge triggered to reduce log spam. 2014-07-29 05:38:07 -07:00
Daniel Smith b3cc696486 All types stored in etcd are now API objects. 
This means I made an api.ContainerManifestList, and added a JSONBase to
endpoints (and changed Name -> JSONBase.ID).
 2014-07-28 11:27:36 -07:00
Dan McPherson 7bbc5e2a19 Fixing typos 2014-07-28 15:15:50 +02:00
Jonathan Boulle c43035088b assorted formatting and typo fixes 2014-07-24 15:10:36 -07:00
Daniel Smith 05f01a3654 Revert "assorted formatting and typo fixes" 2014-07-18 17:16:30 -07:00
Jonathan Boulle 9e63c3a633 assorted formatting and typo fixes 2014-07-18 13:02:59 -07:00
Brendan Burns 744072a71e Insert a couple of sleeps to slow things down. 2014-07-18 09:24:01 -07:00
Clayton Coleman 021cf64808 Change proxy config to reuse util/config 
Splits endpoint and service configuration into their own objects.  Also makes
the endpoint and service configuration tests correct - there was a race condition
previously that meant tests were passing but not checking correct code.
 2014-07-16 14:13:25 -04:00
Yuki Yugui Sonoda 2861955025 Corrects wording of godoc comments. 2014-07-15 22:03:08 +09:00
Yuki Yugui Sonoda 1bd7276aca Correct the style of nested conditionals 2014-07-15 20:58:03 +09:00
Yuki Yugui Sonoda 60dd1f7cc0 Eliminates tautological comments 2014-07-15 20:58:01 +09:00
Yuki Yugui Sonoda 41febcee5e Merge branch 'master' into fix/golint 
Conflicts:
	pkg/master/master.go
	pkg/master/pod_cache.go
	pkg/proxy/config/file.go
	pkg/proxy/proxier.go
	pkg/proxy/roundrobbin.go
	pkg/scheduler/randomfit.go
	pkg/scheduler/randomfit_test.go
 2014-07-15 20:57:47 +09:00
Clayton Coleman f84a948c9c Merge pull request #426 from claire921/cleanup 
pkg/proxy/config: clean up file.Run()
 2014-07-12 15:12:05 -04:00
Clayton Coleman 1af753a396 Merge pull request #420 from claire921/proxy 
pkg/proxy: remove unnecessary go routine
 2014-07-12 13:58:42 -04:00
Claire Li 78cad3fd5e pkg/proxy/config: clean up file.Run() 2014-07-11 22:41:06 -07:00
brendandburns 89655584eb Merge pull request #423 from claire921/onpudate 
pkg/proxy: filtering before comparing
 2014-07-11 22:33:09 -07:00
brendandburns cde7b5841b Merge pull request #422 from claire921/use_splithostport 
pkg/proxy: use net.SplitHostPort instead of strings.Split
 2014-07-11 22:32:50 -07:00
Claire Li 094b78d7de pkg/proxy: filtering before comparing 2014-07-11 22:13:29 -07:00
Claire Li ba07dc804c pkg/proxy: use net.SplitHostPort instead of strings.Split 2014-07-11 22:08:53 -07:00
Claire Li abcbce55ce pkg/proxy: remove unnecessary io.EOF checking 2014-07-11 21:51:24 -07:00
Claire Li 4d47db8b5f pkg/proxy: remove unnecessary go routine 2014-07-11 21:34:42 -07:00
Yuki Yugui Sonoda 7373695e33 Fixes golint errors in pkg/proxy 2014-07-11 22:35:57 +09:00
Burcu Dogan 1816a63d55 proxy: lock should be above the fields it protects. 2014-07-11 00:23:43 -07:00
Burcu Dogan e4d966744d proxy: fixing linting errors. 2014-07-10 22:36:06 -07:00
Nan Deng b351578ddd fix data race in config.go. This is a hard one. 2014-07-02 23:23:14 -07:00
Tim Hockin 9f9e75f508 Switch to glog for logging, bridge logging to glog. 
1) imported glog to third_party (previous commit)
2) add support for third_party/update.sh to update just one pkg
3) search-and-replace:
  s/log.Printf/glog.Infof/
  s/log.Print/glog.Info/
  s/log.Fatalf/glog.Fatalf/
  s/log.Fatal/glog.Fatal/
4) convert glog.Info.*, err into glog.Error*

Adds some util interfaces to logging and calls them from each cmd, which
will set the default log output to write to glog.  Pass glog-wrapped
Loggers to etcd for logging.

Log files will go to /tmp - we should probably follow this up with a
default log dir for each cmd.

The glog lib is sort of weak in that it only flushes every 30 seconds, so
we spin up our own flushing goroutine.
 2014-06-24 20:51:57 -07:00
Daniel Smith b850d36166 Fix boilerplate everywhere 2014-06-23 11:32:11 -07:00
Joe Beda 239e1273cf The Mac is picky about the syntax for listening on ephemeral ports. 2014-06-13 16:04:17 -07:00
Daniel Smith e1bc4d2eba Port 2223 is in use on my machine sometimes, so this test was flaky. 2014-06-12 21:55:55 -07:00
Brendan Burns 164160adef Address package level comments for readability. 2014-06-12 20:26:12 -07:00
Johan Euphrosine 4f6bed03ae gofmt -s pkg/ cmd/ 2014-06-12 14:16:19 -07:00
Joe Beda 2c4b3a562c First commit 2014-06-06 16:40:48 -07:00