mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-30 15:05:27 +00:00
Merge pull request #89998 from Nordix/issue-89923
Filter nodePortAddresses to proxiers
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
35fc65dc2c
@ -290,6 +290,11 @@ func NewProxier(ipt utiliptables.Interface,
|
|||||||
serviceHealthServer := healthcheck.NewServiceHealthServer(hostname, recorder)
|
serviceHealthServer := healthcheck.NewServiceHealthServer(hostname, recorder)
|
||||||
|
|
||||||
isIPv6 := ipt.IsIPv6()
|
isIPv6 := ipt.IsIPv6()
|
||||||
|
var incorrectAddresses []string
|
||||||
|
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
|
||||||
|
if len(incorrectAddresses) > 0 {
|
||||||
|
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
|
||||||
|
}
|
||||||
proxier := &Proxier{
|
proxier := &Proxier{
|
||||||
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
||||||
serviceMap: make(proxy.ServiceMap),
|
serviceMap: make(proxy.ServiceMap),
|
||||||
@ -357,16 +362,17 @@ func NewDualStackProxier(
|
|||||||
nodePortAddresses []string,
|
nodePortAddresses []string,
|
||||||
) (proxy.Provider, error) {
|
) (proxy.Provider, error) {
|
||||||
// Create an ipv4 instance of the single-stack proxier
|
// Create an ipv4 instance of the single-stack proxier
|
||||||
|
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
|
||||||
ipv4Proxier, err := NewProxier(ipt[0], sysctl,
|
ipv4Proxier, err := NewProxier(ipt[0], sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[0], hostname,
|
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[0], hostname,
|
||||||
nodeIP[0], recorder, healthzServer, nodePortAddresses)
|
nodeIP[0], recorder, healthzServer, nodePortAddresses4)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
ipv6Proxier, err := NewProxier(ipt[1], sysctl,
|
ipv6Proxier, err := NewProxier(ipt[1], sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[1], hostname,
|
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[1], hostname,
|
||||||
nodeIP[1], recorder, healthzServer, nodePortAddresses)
|
nodeIP[1], recorder, healthzServer, nodePortAddresses6)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -433,6 +433,11 @@ func NewProxier(ipt utiliptables.Interface,
|
|||||||
|
|
||||||
endpointSlicesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying)
|
endpointSlicesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying)
|
||||||
|
|
||||||
|
var incorrectAddresses []string
|
||||||
|
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
|
||||||
|
if len(incorrectAddresses) > 0 {
|
||||||
|
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
|
||||||
|
}
|
||||||
proxier := &Proxier{
|
proxier := &Proxier{
|
||||||
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
||||||
serviceMap: make(proxy.ServiceMap),
|
serviceMap: make(proxy.ServiceMap),
|
||||||
@ -509,12 +514,14 @@ func NewDualStackProxier(
|
|||||||
|
|
||||||
safeIpset := newSafeIpset(ipset)
|
safeIpset := newSafeIpset(ipset)
|
||||||
|
|
||||||
|
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
|
||||||
|
|
||||||
// Create an ipv4 instance of the single-stack proxier
|
// Create an ipv4 instance of the single-stack proxier
|
||||||
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
|
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
|
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
|
||||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||||
localDetectors[0], hostname, nodeIP[0],
|
localDetectors[0], hostname, nodeIP[0],
|
||||||
recorder, healthzServer, scheduler, nodePortAddresses, kernelHandler)
|
recorder, healthzServer, scheduler, nodePortAddresses4, kernelHandler)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
||||||
}
|
}
|
||||||
@ -523,7 +530,7 @@ func NewDualStackProxier(
|
|||||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
|
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
|
||||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||||
localDetectors[1], hostname, nodeIP[1],
|
localDetectors[1], hostname, nodeIP[1],
|
||||||
nil, nil, scheduler, nodePortAddresses, kernelHandler)
|
nil, nil, scheduler, nodePortAddresses6, kernelHandler)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user