From 035598b94a5ceef1bd2ddd3ad3dcb45f393cc8c4 Mon Sep 17 00:00:00 2001 From: m1093782566 Date: Sat, 23 Dec 2017 17:06:28 +0800 Subject: [PATCH 1/3] fix wrong hairpin-mode value --- pkg/kubelet/apis/kubeletconfig/types.go | 2 +- pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/kubelet/apis/kubeletconfig/types.go b/pkg/kubelet/apis/kubeletconfig/types.go index 3b7f42509a5..f4392f6ed6f 100644 --- a/pkg/kubelet/apis/kubeletconfig/types.go +++ b/pkg/kubelet/apis/kubeletconfig/types.go @@ -192,7 +192,7 @@ type KubeletConfiguration struct { // "promiscuous-bridge": make the container bridge promiscuous. // "hairpin-veth": set the hairpin flag on container veth interfaces. // "none": do nothing. - // Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT, + // Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT, // because promiscous-bridge assumes the existence of a container bridge named cbr0. HairpinMode string // maxPods is the number of pods that can run on this Kubelet. diff --git a/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go b/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go index 0c661f8a0ee..96f92d4465f 100644 --- a/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go +++ b/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go @@ -189,7 +189,7 @@ type KubeletConfiguration struct { // "promiscuous-bridge": make the container bridge promiscuous. // "hairpin-veth": set the hairpin flag on container veth interfaces. // "none": do nothing. - // Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT, + // Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT, // because promiscous-bridge assumes the existence of a container bridge named cbr0. HairpinMode string `json:"hairpinMode"` // maxPods is the number of pods that can run on this Kubelet. From 3406af70bc4a0289046e37c7b9fee1c660a4300e Mon Sep 17 00:00:00 2001 From: m1093782566 Date: Sat, 23 Dec 2017 17:05:51 +0800 Subject: [PATCH 2/3] validate --hairpin-mode in kubelet config --- pkg/kubelet/apis/kubeletconfig/validation/validation.go | 8 ++++++++ .../apis/kubeletconfig/validation/validation_test.go | 6 ++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/pkg/kubelet/apis/kubeletconfig/validation/validation.go b/pkg/kubelet/apis/kubeletconfig/validation/validation.go index d3f95a0b88c..cb4d65bd782 100644 --- a/pkg/kubelet/apis/kubeletconfig/validation/validation.go +++ b/pkg/kubelet/apis/kubeletconfig/validation/validation.go @@ -100,5 +100,13 @@ func ValidateKubeletConfiguration(kc *kubeletconfig.KubeletConfiguration) error val, kubetypes.NodeAllocatableEnforcementKey, kubetypes.SystemReservedEnforcementKey, kubetypes.KubeReservedEnforcementKey)) } } + switch kc.HairpinMode { + case kubeletconfig.HairpinNone: + case kubeletconfig.HairpinVeth: + case kubeletconfig.PromiscuousBridge: + default: + allErrors = append(allErrors, fmt.Errorf("Invalid option %q specified for HairpinMode (--hairpin-mode) setting. Valid options are %q, %q or %q", + kc.HairpinMode, kubeletconfig.HairpinNone, kubeletconfig.HairpinVeth, kubeletconfig.PromiscuousBridge)) + } return utilerrors.NewAggregate(allErrors) } diff --git a/pkg/kubelet/apis/kubeletconfig/validation/validation_test.go b/pkg/kubelet/apis/kubeletconfig/validation/validation_test.go index 1e07e416120..134771fcfb0 100644 --- a/pkg/kubelet/apis/kubeletconfig/validation/validation_test.go +++ b/pkg/kubelet/apis/kubeletconfig/validation/validation_test.go @@ -47,6 +47,7 @@ func TestValidateKubeletConfiguration(t *testing.T) { ReadOnlyPort: 0, RegistryBurst: 10, RegistryPullQPS: 5, + HairpinMode: kubeletconfig.PromiscuousBridge, } if allErrors := ValidateKubeletConfiguration(successCase); allErrors != nil { t.Errorf("expect no errors got %v", allErrors) @@ -75,8 +76,9 @@ func TestValidateKubeletConfiguration(t *testing.T) { ReadOnlyPort: -10, RegistryBurst: -10, RegistryPullQPS: -10, + HairpinMode: "foo", } - if allErrors := ValidateKubeletConfiguration(errorCase); len(allErrors.(utilerrors.Aggregate).Errors()) != 21 { - t.Errorf("expect 21 errors got %v", len(allErrors.(utilerrors.Aggregate).Errors())) + if allErrors := ValidateKubeletConfiguration(errorCase); len(allErrors.(utilerrors.Aggregate).Errors()) != 22 { + t.Errorf("expect 22 errors got %v", len(allErrors.(utilerrors.Aggregate).Errors())) } } From 120a23a02578c5744716634f7515131ed44dd190 Mon Sep 17 00:00:00 2001 From: m1093782566 Date: Mon, 25 Dec 2017 11:36:22 +0800 Subject: [PATCH 3/3] update kubeadm validation test to fix test error --- cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go index 085065f36be..d23215d8590 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go @@ -591,6 +591,7 @@ func TestValidateKubeletConfiguration(t *testing.T) { ReadOnlyPort: utilpointer.Int32Ptr(0), RegistryBurst: 10, RegistryPullQPS: utilpointer.Int32Ptr(5), + HairpinMode: "promiscuous-bridge", }, } if allErrors := ValidateKubeletConfiguration(successCase, nil); len(allErrors) != 0 {