diff --git a/pkg/proxy/winkernel/proxier.go b/pkg/proxy/winkernel/proxier.go index b7438a5c037..56e90499aac 100644 --- a/pkg/proxy/winkernel/proxier.go +++ b/pkg/proxy/winkernel/proxier.go @@ -1240,22 +1240,27 @@ func (proxier *Proxier) syncProxyRules() { if svcInfo.preserveDIP || svcInfo.localTrafficDSR { nodePortEndpoints = hnsLocalEndpoints } - hnsLoadBalancer, err := hns.getLoadBalancer( - nodePortEndpoints, - loadBalancerFlags{isDSR: svcInfo.localTrafficDSR, localRoutedVIP: true, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, - sourceVip, - "", - Enum(svcInfo.Protocol()), - uint16(svcInfo.targetPort), - uint16(svcInfo.NodePort()), - ) - if err != nil { - klog.ErrorS(err, "Policy creation failed") - continue - } - svcInfo.nodePorthnsID = hnsLoadBalancer.hnsID - klog.V(3).InfoS("Hns LoadBalancer resource created for nodePort resources", "clusterIP", svcInfo.ClusterIP(), "hnsID", hnsLoadBalancer.hnsID) + if len(nodePortEndpoints) > 0 { + hnsLoadBalancer, err := hns.getLoadBalancer( + nodePortEndpoints, + loadBalancerFlags{isDSR: svcInfo.localTrafficDSR, localRoutedVIP: true, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, + sourceVip, + "", + Enum(svcInfo.Protocol()), + uint16(svcInfo.targetPort), + uint16(svcInfo.NodePort()), + ) + if err != nil { + klog.ErrorS(err, "Policy creation failed") + continue + } + + svcInfo.nodePorthnsID = hnsLoadBalancer.hnsID + klog.V(3).InfoS("Hns LoadBalancer resource created for nodePort resources", "clusterIP", svcInfo.ClusterIP(), "nodeport", svcInfo.NodePort(), "hnsID", hnsLoadBalancer.hnsID) + } else { + klog.V(3).InfoS("Skipped creating Hns LoadBalancer for nodePort resources", "clusterIP", svcInfo.ClusterIP(), "nodeport", svcInfo.NodePort(), "hnsID", hnsLoadBalancer.hnsID) + } } // Create a Load Balancer Policy for each external IP @@ -1265,22 +1270,27 @@ func (proxier *Proxier) syncProxyRules() { if svcInfo.localTrafficDSR { externalIPEndpoints = hnsLocalEndpoints } - // Try loading existing policies, if already available - hnsLoadBalancer, err = hns.getLoadBalancer( - externalIPEndpoints, - loadBalancerFlags{isDSR: svcInfo.localTrafficDSR, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, - sourceVip, - externalIP.ip, - Enum(svcInfo.Protocol()), - uint16(svcInfo.targetPort), - uint16(svcInfo.Port()), - ) - if err != nil { - klog.ErrorS(err, "Policy creation failed") - continue + + if len(externalIPEndpoints) > 0 { + // Try loading existing policies, if already available + hnsLoadBalancer, err = hns.getLoadBalancer( + externalIPEndpoints, + loadBalancerFlags{isDSR: svcInfo.localTrafficDSR, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, + sourceVip, + externalIP.ip, + Enum(svcInfo.Protocol()), + uint16(svcInfo.targetPort), + uint16(svcInfo.Port()), + ) + if err != nil { + klog.ErrorS(err, "Policy creation failed") + continue + } + externalIP.hnsID = hnsLoadBalancer.hnsID + klog.V(3).InfoS("Hns LoadBalancer resource created for externalIP resources", "externalIP", externalIP, "hnsID", hnsLoadBalancer.hnsID) + } else { + klog.V(3).InfoS("Skipped creating Hns LoadBalancer for externalIP resources", "externalIP", externalIP, "hnsID", hnsLoadBalancer.hnsID) } - externalIP.hnsID = hnsLoadBalancer.hnsID - klog.V(3).InfoS("Hns LoadBalancer resource created for externalIP resources", "externalIP", externalIP, "hnsID", hnsLoadBalancer.hnsID) } // Create a Load Balancer Policy for each loadbalancer ingress for _, lbIngressIP := range svcInfo.loadBalancerIngressIPs { @@ -1289,21 +1299,27 @@ func (proxier *Proxier) syncProxyRules() { if svcInfo.preserveDIP || svcInfo.localTrafficDSR { lbIngressEndpoints = hnsLocalEndpoints } - hnsLoadBalancer, err := hns.getLoadBalancer( - lbIngressEndpoints, - loadBalancerFlags{isDSR: svcInfo.preserveDIP || svcInfo.localTrafficDSR, useMUX: svcInfo.preserveDIP, preserveDIP: svcInfo.preserveDIP, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, - sourceVip, - lbIngressIP.ip, - Enum(svcInfo.Protocol()), - uint16(svcInfo.targetPort), - uint16(svcInfo.Port()), - ) - if err != nil { - klog.ErrorS(err, "Policy creation failed") - continue + + if len(lbIngressEndpoints) > 0 { + hnsLoadBalancer, err := hns.getLoadBalancer( + lbIngressEndpoints, + loadBalancerFlags{isDSR: svcInfo.preserveDIP || svcInfo.localTrafficDSR, useMUX: svcInfo.preserveDIP, preserveDIP: svcInfo.preserveDIP, sessionAffinity: sessionAffinityClientIP, isIPv6: proxier.isIPv6Mode}, + sourceVip, + lbIngressIP.ip, + Enum(svcInfo.Protocol()), + uint16(svcInfo.targetPort), + uint16(svcInfo.Port()), + ) + if err != nil { + klog.ErrorS(err, "Policy creation failed") + continue + } + lbIngressIP.hnsID = hnsLoadBalancer.hnsID + klog.V(3).InfoS("Hns LoadBalancer resource created for loadBalancer Ingress resources", "lbIngressIP", lbIngressIP) + } else { + klog.V(3).InfoS("Skipped creating Hns LoadBalancer for loadBalancer Ingress resources", "lbIngressIP", lbIngressIP) } - lbIngressIP.hnsID = hnsLoadBalancer.hnsID - klog.V(3).InfoS("Hns LoadBalancer resource created for loadBalancer Ingress resources", "lbIngressIP", lbIngressIP) + } svcInfo.policyApplied = true klog.V(2).InfoS("Policy successfully applied for service", "serviceInfo", svcInfo)