github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-10-31 05:40:42 +00:00
Code Issues Projects Releases Wiki Activity

Make kube-proxy resync its rules on firewalld restart

Browse Source
This commit is contained in:
Dan Winship
2015-08-14 12:38:43 -04:00
parent 8bc9c40796
commit 30ea22f40e
4 changed files with 22 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kube-proxy/app/server.go
View File

@@ -240,6 +240,8 @@ func (s *ProxyServer) Run(_ []string) error {
}, 5*time.Second, util.NeverStop) }, 5*time.Second, util.NeverStop)
} }
ipt.AddReloadFunc(proxier.Sync)
// Just loop forever for now... // Just loop forever for now...
proxier.SyncLoop() proxier.SyncLoop()
return nil return nil

13
pkg/proxy/iptables/proxier.go
View File

@@ -248,6 +248,13 @@ func ipsEqual(lhs, rhs []string) bool {
return true return true
} }
// Sync is called to immediately synchronize the proxier state to iptables
func (proxier *Proxier) Sync() {
proxier.mu.Lock()
defer proxier.mu.Unlock()
proxier.syncProxyRules()
}
// SyncLoop runs periodic work. This is expected to run as a goroutine or as the main loop of the app. It does not return. // SyncLoop runs periodic work. This is expected to run as a goroutine or as the main loop of the app. It does not return.
func (proxier *Proxier) SyncLoop() { func (proxier *Proxier) SyncLoop() {
t := time.NewTicker(proxier.syncPeriod) t := time.NewTicker(proxier.syncPeriod)
@@ -255,11 +262,7 @@ func (proxier *Proxier) SyncLoop() {
for { for {
<-t.C <-t.C
glog.V(6).Infof("Periodic sync") glog.V(6).Infof("Periodic sync")
func() { proxier.Sync()
proxier.mu.Lock()
defer proxier.mu.Unlock()
proxier.syncProxyRules()
}()
} }
} }

2
pkg/proxy/types.go
View File

@@ -29,6 +29,8 @@ type ProxyProvider interface {
// Active service proxies are reinitialized if found in the update set or // Active service proxies are reinitialized if found in the update set or
// removed if missing from the update set. // removed if missing from the update set.
OnServiceUpdate(services []api.Service) OnServiceUpdate(services []api.Service)
// Sync immediately synchronizes the ProxyProvider's current state to iptables.
Sync()
// SyncLoop runs periodic work. // SyncLoop runs periodic work.
// This is expected to run as a goroutine or as the main loop of the app. // This is expected to run as a goroutine or as the main loop of the app.
// It does not return. // It does not return.

15
pkg/proxy/userspace/proxier.go
View File

@@ -222,6 +222,15 @@ func CleanupLeftovers(ipt iptables.Interface) (encounteredError bool) {
return encounteredError return encounteredError
} }
// Sync is called to immediately synchronize the proxier state to iptables
func (proxier *Proxier) Sync() {
if err := iptablesInit(proxier.iptables); err != nil {
glog.Errorf("Failed to ensure iptables: %v", err)
}
proxier.ensurePortals()
proxier.cleanupStaleStickySessions()
}
// SyncLoop runs periodic work. This is expected to run as a goroutine or as the main loop of the app. It does not return. // SyncLoop runs periodic work. This is expected to run as a goroutine or as the main loop of the app. It does not return.
func (proxier *Proxier) SyncLoop() { func (proxier *Proxier) SyncLoop() {
t := time.NewTicker(proxier.syncPeriod) t := time.NewTicker(proxier.syncPeriod)
@@ -229,11 +238,7 @@ func (proxier *Proxier) SyncLoop() {
for { for {
<-t.C <-t.C
glog.V(6).Infof("Periodic sync") glog.V(6).Infof("Periodic sync")
if err := iptablesInit(proxier.iptables); err != nil { proxier.Sync()
glog.Errorf("Failed to ensure iptables: %v", err)
}
proxier.ensurePortals()
proxier.cleanupStaleStickySessions()
} }
} }