k3s/proxy at 3b038bfebca10731b7c467ea30548845805dbd77 - k3s

History

Kubernetes Submit Queue 9bd6c62a36 Merge pull request #61329 from Lion-Wei/ipvs-esipp Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. fix externaltrafficpolicy=local related ipvs ci case What this PR does / why we need it: Which issue(s) this PR fixes (optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged): Fixes #61328 Special notes for your reviewer: To realize externalTrafficPolicy=local, but do not affect traffic inside the cluster. If thie pr got merged, the iptables rules of ipvs proxy mode ESIPP should be like(for loadbalance case): ``` Chain KUBE-FIRE-WALL (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-LB-INGRESS-LOCAL dst,dst KUBE-MARK-MASQ all -- 0.0.0.0/0 0.0.0.0/0 /* mark MASQ for external traffic policy not local / Chain KUBE-MARK-DROP (0 references) target prot opt source destination MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK or 0x8000 Chain KUBE-MARK-MASQ (3 references) target prot opt source destination MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK or 0x4000 Chain KUBE-NODE-PORT (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-NODE-PORT-LOCAL-TCP dst KUBE-MARK-MASQ all -- 0.0.0.0/0 0.0.0.0/0 / mark MASQ for external traffic policy not local / Chain KUBE-POSTROUTING (0 references) target prot opt source destination MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 / kubernetes service traffic requiring SNAT / mark match 0x4000/0x4000 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-LOOP-BACK dst,dst,src Chain KUBE-SERVICES (2 references) target prot opt source destination KUBE-MARK-MASQ all -- !10.64.0.0/14 0.0.0.0/0 match-set KUBE-CLUSTER-IP dst,dst KUBE-FIRE-WALL all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-LOAD-BALANCER-MASQ dst,dst KUBE-NODE-PORT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp match-set KUBE-NODE-PORT-TCP dst ``` Release note*: ```release-note NONE ```		2018-04-07 21:33:13 -07:00
..
apis/kubeproxyconfig	regenerated all files and remove all YEAR fields	2018-03-08 17:52:48 +08:00
config	Autogenerated: hack/update-bazel.sh	2018-02-16 13:43:01 -08:00
healthcheck	Autogenerated: hack/update-bazel.sh	2018-02-16 13:43:01 -08:00
iptables	Auto-updated BUILD files	2018-02-27 11:18:11 -08:00
ipvs	Merge pull request #61329 from Lion-Wei/ipvs-esipp	2018-04-07 21:33:13 -07:00
metrics	add proxy metrics in app level	2017-10-16 21:10:51 +08:00
userspace	LoadBalancerStatus make use of generated deep copy method	2018-03-28 14:08:50 +08:00
util	Auto-updated BUILD files	2018-02-27 11:18:11 -08:00
winkernel	LoadBalancerStatus make use of generated deep copy method	2018-03-28 14:08:50 +08:00
winuserspace	update bazel	2018-03-09 09:23:33 +08:00
BUILD	LoadBalancerStatus make use of generated deep copy method	2018-03-28 14:08:50 +08:00
OWNERS	add me to iptables/kube-proxy reviewers	2018-02-22 17:36:57 -05:00
doc.go	Use Go canonical import paths	2016-07-16 13:48:21 -04:00
endpoints.go	[kube-proxy] Mass service/endpoint info functions rename and comments	2018-02-27 11:14:02 -08:00
endpoints_test.go	[kube-proxy] Mass service/endpoint info functions rename and comments	2018-02-27 11:14:02 -08:00
service.go	LoadBalancerStatus make use of generated deep copy method	2018-03-28 14:08:50 +08:00
service_test.go	[kube-proxy] Mass service/endpoint info functions rename and comments	2018-02-27 11:14:02 -08:00
types.go	[kube-proxy] Mass service/endpoint info functions rename and comments	2018-02-27 11:14:02 -08:00