github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-01 07:47:56 +00:00
Code Issues Projects Releases Wiki Activity

Store chain names to avoid recomputing them multiple times

Browse Source
This commit is contained in:
Wojciech Tyczynski 2017-05-24 16:16:39 +02:00
parent c4d51f12a2
commit 03c255d7c5
2 changed files with 33 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
pkg/proxy/iptables/proxier.go
View File

@ -148,6 +148,11 @@ type serviceInfo struct {
loadBalancerSourceRanges []string loadBalancerSourceRanges []string
onlyNodeLocalEndpoints bool onlyNodeLocalEndpoints bool
healthCheckNodePort int healthCheckNodePort int
// The following fields are computed and stored for performance reasons.
serviceNameString string
servicePortChainName utiliptables.Chain
serviceFirewallChainName utiliptables.Chain
serviceLBChainName utiliptables.Chain
} }
// internal struct for endpoints information // internal struct for endpoints information
@ -214,6 +219,13 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *api.ServicePort, se
} }
} }
// Store the following for performance reasons.
protocol := strings.ToLower(string(info.protocol))
info.serviceNameString = svcPortName.String()
info.servicePortChainName = servicePortChainName(info.serviceNameString, protocol)
info.serviceFirewallChainName = serviceFirewallChainName(info.serviceNameString, protocol)
info.serviceLBChainName = serviceLBChainName(info.serviceNameString, protocol)
return info return info
} }
@ -1124,14 +1136,13 @@ func (proxier *Proxier) syncProxyRules() {
args := make([]string, 64) args := make([]string, 64)
// Build rules for each service. // Build rules for each service.
var svcNameString string
for svcName, svcInfo := range proxier.serviceMap { for svcName, svcInfo := range proxier.serviceMap {
protocol := strings.ToLower(string(svcInfo.protocol)) protocol := strings.ToLower(string(svcInfo.protocol))
// Precompute svcNameString; with many services the many calls svcNameString = svcInfo.serviceNameString
// to ServicePortName.String() show up in CPU profiles.
svcNameString := svcName.String()
// Create the per-service chain, retaining counters if possible. // Create the per-service chain, retaining counters if possible.
svcChain := servicePortChainName(svcNameString, protocol) svcChain := svcInfo.servicePortChainName
if chain, ok := existingNATChains[svcChain]; ok { if chain, ok := existingNATChains[svcChain]; ok {
writeLine(proxier.natChains, chain) writeLine(proxier.natChains, chain)
} else { } else {
@ -1139,7 +1150,7 @@ func (proxier *Proxier) syncProxyRules() {
} }
activeNATChains[svcChain] = true activeNATChains[svcChain] = true
svcXlbChain := serviceLBChainName(svcNameString, protocol) svcXlbChain := svcInfo.serviceLBChainName
if svcInfo.onlyNodeLocalEndpoints { if svcInfo.onlyNodeLocalEndpoints {
// Only for services request OnlyLocal traffic // Only for services request OnlyLocal traffic
// create the per-service LB chain, retaining counters if possible. // create the per-service LB chain, retaining counters if possible.
@ -1243,10 +1254,10 @@ func (proxier *Proxier) syncProxyRules() {
} }
// Capture load-balancer ingress. // Capture load-balancer ingress.
fwChain := svcInfo.serviceFirewallChainName
for _, ingress := range svcInfo.loadBalancerStatus.Ingress { for _, ingress := range svcInfo.loadBalancerStatus.Ingress {
if ingress.IP != "" { if ingress.IP != "" {
// create service firewall chain // create service firewall chain
fwChain := serviceFirewallChainName(svcNameString, protocol)
if chain, ok := existingNATChains[fwChain]; ok { if chain, ok := existingNATChains[fwChain]; ok {
writeLine(proxier.natChains, chain) writeLine(proxier.natChains, chain)
} else { } else {

32
pkg/proxy/iptables/proxier_test.go
View File

@ -386,23 +386,23 @@ func NewFakeProxier(ipt utiliptables.Interface) *Proxier {
// TODO: Call NewProxier after refactoring out the goroutine // TODO: Call NewProxier after refactoring out the goroutine
// invocation into a Run() method. // invocation into a Run() method.
p := &Proxier{ p := &Proxier{
exec: &exec.FakeExec{}, exec: &exec.FakeExec{},
serviceMap: make(proxyServiceMap), serviceMap: make(proxyServiceMap),
serviceChanges: newServiceChangeMap(), serviceChanges: newServiceChangeMap(),
endpointsMap: make(proxyEndpointsMap), endpointsMap: make(proxyEndpointsMap),
endpointsChanges: newEndpointsChangeMap(testHostname), endpointsChanges: newEndpointsChangeMap(testHostname),
iptables: ipt, iptables: ipt,
clusterCIDR: "10.0.0.0/24", clusterCIDR: "10.0.0.0/24",
hostname: testHostname, hostname: testHostname,
portsMap: make(map[localPort]closeable), portsMap: make(map[localPort]closeable),
portMapper: &fakePortOpener{[]*localPort{}}, portMapper: &fakePortOpener{[]*localPort{}},
healthChecker: newFakeHealthChecker(), healthChecker: newFakeHealthChecker(),
precomputedProbabilities: make([]string, 0, 1001), precomputedProbabilities: make([]string, 0, 1001),
iptablesData: bytes.NewBuffer(nil), iptablesData: bytes.NewBuffer(nil),
filterChains: bytes.NewBuffer(nil), filterChains: bytes.NewBuffer(nil),
filterRules: bytes.NewBuffer(nil), filterRules: bytes.NewBuffer(nil),
natChains: bytes.NewBuffer(nil), natChains: bytes.NewBuffer(nil),
natRules: bytes.NewBuffer(nil), natRules: bytes.NewBuffer(nil),
} }
p.syncRunner = async.NewBoundedFrequencyRunner("test-sync-runner", p.syncProxyRules, 0, time.Minute, 1) p.syncRunner = async.NewBoundedFrequencyRunner("test-sync-runner", p.syncProxyRules, 0, time.Minute, 1)
return p return p