github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 03:41:45 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #37088 from CaoShuFeng/hold_socket_for_kubenet

Browse Source 
Automatic merge from submit-queue

Keep host port socket open for kubenet

fixes #37087


**Release note**:
<!--  Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access) 
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`. 
-->
```release-note
NONE
```

When cni is set to kubenet, kubelet should hold the host port socket,
so that other application in this node could not listen/bind this port
any more. However, the sockets are closed accidentally, because
kubelet forget to reconcile the protocol format before comparing.


@kubernetes/sig-network
This commit is contained in:
Kubernetes Submit Queue 2016-12-01 15:06:55 -08:00 committed by GitHub
commit 1e8e965620
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/kubelet/network/hostport/hostport.go
View File

@ -370,7 +370,7 @@ func (h *handler) cleanupHostportMap(containerPortMap map[v1.ContainerPort]targe
for containerPort := range containerPortMap {
hp := hostport{
port: containerPort.HostPort,
protocol: string(containerPort.Protocol),
protocol: strings.ToLower(string(containerPort.Protocol)),
}
currentHostports[hp] = true
}
@ -379,6 +379,7 @@ func (h *handler) cleanupHostportMap(containerPortMap map[v1.ContainerPort]targe
for hp, socket := range h.hostPortMap {
if _, ok := currentHostports[hp]; !ok {
socket.Close()
glog.V(3).Infof("Closed local port %s", hp.String())
delete(h.hostPortMap, hp)
}
}

22
pkg/kubelet/network/hostport/hostport_test.go
View File

@ -19,6 +19,7 @@ package hostport
import (
"fmt"
"net"
"reflect"
"strings"
"testing"
@ -185,6 +186,17 @@ func TestOpenPodHostports(t *testing.T) {
})
}
// Already running pod's host port
hp := hostport{
tests[1].pod.Spec.Containers[0].Ports[0].HostPort,
strings.ToLower(string(tests[1].pod.Spec.Containers[0].Ports[0].Protocol)),
}
h.hostPortMap[hp] = &fakeSocket{
tests[1].pod.Spec.Containers[0].Ports[0].HostPort,
strings.ToLower(string(tests[1].pod.Spec.Containers[0].Ports[0].Protocol)),
false,
}
err := h.OpenPodHostportsAndSync(&ActivePod{Pod: tests[0].pod, IP: net.ParseIP(tests[0].ip)}, "br0", activePods)
if err != nil {
t.Fatalf("Failed to OpenPodHostportsAndSync: %v", err)
@ -220,6 +232,16 @@ func TestOpenPodHostports(t *testing.T) {
}
}
}
// Socket
hostPortMap := map[hostport]closeable{
hostport{123, "tcp"}: &fakeSocket{123, "tcp", false},
hostport{4567, "tcp"}: &fakeSocket{4567, "tcp", false},
hostport{5678, "udp"}: &fakeSocket{5678, "udp", false},
}
if !reflect.DeepEqual(hostPortMap, h.hostPortMap) {
t.Fatalf("Mismatch in expected hostPortMap. Expected '%v', got '%v'", hostPortMap, h.hostPortMap)
}
}
func matchRule(chain *fakeChain, match string) bool {