diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go index e78b24425c5..5a9662ef750 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go @@ -95,10 +95,6 @@ const ( // to specify the idle timeout for connections on the load balancer in minutes. ServiceAnnotationLoadBalancerIdleTimeout = "service.beta.kubernetes.io/azure-load-balancer-tcp-idle-timeout" - // ServiceAnnotationLoadBalancerMixedProtocols is the annotation used on the service - // to create both TCP and UDP protocols when creating load balancer rules. - ServiceAnnotationLoadBalancerMixedProtocols = "service.beta.kubernetes.io/azure-load-balancer-mixed-protocols" - // ServiceAnnotationLoadBalancerEnableHighAvailabilityPorts is the annotation used on the service // to enable the high availability ports on the standard internal load balancer. ServiceAnnotationLoadBalancerEnableHighAvailabilityPorts = "service.beta.kubernetes.io/azure-load-balancer-enable-high-availability-ports" @@ -1627,116 +1623,104 @@ func (az *Cloud) reconcileLoadBalancerRule( var expectedProbes []network.Probe var expectedRules []network.LoadBalancingRule for _, port := range ports { - protocols := []v1.Protocol{port.Protocol} - if v, ok := service.Annotations[ServiceAnnotationLoadBalancerMixedProtocols]; ok && v == "true" { - klog.V(2).Infof("reconcileLoadBalancerRule lb name (%s) flag(%s) is set", lbName, ServiceAnnotationLoadBalancerMixedProtocols) - if port.Protocol == v1.ProtocolTCP { - protocols = append(protocols, v1.ProtocolUDP) - } else if port.Protocol == v1.ProtocolUDP { - protocols = append(protocols, v1.ProtocolTCP) - } + lbRuleName := az.getLoadBalancerRuleName(service, port.Protocol, port.Port) + klog.V(2).Infof("reconcileLoadBalancerRule lb name (%s) rule name (%s)", lbName, lbRuleName) + + transportProto, _, probeProto, err := getProtocolsFromKubernetesProtocol(port.Protocol) + if err != nil { + return expectedProbes, expectedRules, err } - for _, protocol := range protocols { - lbRuleName := az.getLoadBalancerRuleName(service, protocol, port.Port) - klog.V(2).Infof("reconcileLoadBalancerRule lb name (%s) rule name (%s)", lbName, lbRuleName) - - transportProto, _, probeProto, err := getProtocolsFromKubernetesProtocol(protocol) - if err != nil { - return expectedProbes, expectedRules, err + probeProtocol, requestPath := parseHealthProbeProtocolAndPath(service) + if servicehelpers.NeedsHealthCheck(service) { + podPresencePath, podPresencePort := servicehelpers.GetServiceHealthCheckPathPort(service) + if probeProtocol == "" { + probeProtocol = string(network.ProbeProtocolHTTP) + } + if requestPath == "" { + requestPath = podPresencePath } - probeProtocol, requestPath := parseHealthProbeProtocolAndPath(service) - if servicehelpers.NeedsHealthCheck(service) { - podPresencePath, podPresencePort := servicehelpers.GetServiceHealthCheckPathPort(service) - if probeProtocol == "" { - probeProtocol = string(network.ProbeProtocolHTTP) - } - if requestPath == "" { - requestPath = podPresencePath - } - - expectedProbes = append(expectedProbes, network.Probe{ - Name: &lbRuleName, - ProbePropertiesFormat: &network.ProbePropertiesFormat{ - RequestPath: to.StringPtr(requestPath), - Protocol: network.ProbeProtocol(probeProtocol), - Port: to.Int32Ptr(podPresencePort), - IntervalInSeconds: to.Int32Ptr(5), - NumberOfProbes: to.Int32Ptr(2), - }, - }) - } else if protocol != v1.ProtocolUDP && protocol != v1.ProtocolSCTP { - // we only add the expected probe if we're doing TCP - if probeProtocol == "" { - probeProtocol = string(*probeProto) - } - var actualPath *string - if !strings.EqualFold(probeProtocol, string(network.ProbeProtocolTCP)) { - if requestPath != "" { - actualPath = to.StringPtr(requestPath) - } else { - actualPath = to.StringPtr("/healthz") - } - } - expectedProbes = append(expectedProbes, network.Probe{ - Name: &lbRuleName, - ProbePropertiesFormat: &network.ProbePropertiesFormat{ - Protocol: network.ProbeProtocol(probeProtocol), - RequestPath: actualPath, - Port: to.Int32Ptr(port.NodePort), - IntervalInSeconds: to.Int32Ptr(5), - NumberOfProbes: to.Int32Ptr(2), - }, - }) - } - - loadDistribution := network.LoadDistributionDefault - if service.Spec.SessionAffinity == v1.ServiceAffinityClientIP { - loadDistribution = network.LoadDistributionSourceIP - } - - expectedRule := network.LoadBalancingRule{ + expectedProbes = append(expectedProbes, network.Probe{ Name: &lbRuleName, - LoadBalancingRulePropertiesFormat: &network.LoadBalancingRulePropertiesFormat{ - Protocol: *transportProto, - FrontendIPConfiguration: &network.SubResource{ - ID: to.StringPtr(lbFrontendIPConfigID), - }, - BackendAddressPool: &network.SubResource{ - ID: to.StringPtr(lbBackendPoolID), - }, - LoadDistribution: loadDistribution, - FrontendPort: to.Int32Ptr(port.Port), - BackendPort: to.Int32Ptr(port.Port), - DisableOutboundSnat: to.BoolPtr(az.disableLoadBalancerOutboundSNAT()), - EnableTCPReset: enableTCPReset, - EnableFloatingIP: to.BoolPtr(true), + ProbePropertiesFormat: &network.ProbePropertiesFormat{ + RequestPath: to.StringPtr(requestPath), + Protocol: network.ProbeProtocol(probeProtocol), + Port: to.Int32Ptr(podPresencePort), + IntervalInSeconds: to.Int32Ptr(5), + NumberOfProbes: to.Int32Ptr(2), }, + }) + } else if port.Protocol != v1.ProtocolUDP && port.Protocol != v1.ProtocolSCTP { + // we only add the expected probe if we're doing TCP + if probeProtocol == "" { + probeProtocol = string(*probeProto) } - - if protocol == v1.ProtocolTCP { - expectedRule.LoadBalancingRulePropertiesFormat.IdleTimeoutInMinutes = lbIdleTimeout - } - - if requiresInternalLoadBalancer(service) && - strings.EqualFold(az.LoadBalancerSku, loadBalancerSkuStandard) && - strings.EqualFold(service.Annotations[ServiceAnnotationLoadBalancerEnableHighAvailabilityPorts], "true") { - expectedRule.FrontendPort = to.Int32Ptr(0) - expectedRule.BackendPort = to.Int32Ptr(0) - expectedRule.Protocol = network.TransportProtocolAll - } - - // we didn't construct the probe objects for UDP or SCTP because they're not allowed on Azure. - // However, when externalTrafficPolicy is Local, Kubernetes HTTP health check would be used for probing. - if servicehelpers.NeedsHealthCheck(service) || (protocol != v1.ProtocolUDP && protocol != v1.ProtocolSCTP) { - expectedRule.Probe = &network.SubResource{ - ID: to.StringPtr(az.getLoadBalancerProbeID(lbName, az.getLoadBalancerResourceGroup(), lbRuleName)), + var actualPath *string + if !strings.EqualFold(probeProtocol, string(network.ProbeProtocolTCP)) { + if requestPath != "" { + actualPath = to.StringPtr(requestPath) + } else { + actualPath = to.StringPtr("/healthz") } } - - expectedRules = append(expectedRules, expectedRule) + expectedProbes = append(expectedProbes, network.Probe{ + Name: &lbRuleName, + ProbePropertiesFormat: &network.ProbePropertiesFormat{ + Protocol: network.ProbeProtocol(probeProtocol), + RequestPath: actualPath, + Port: to.Int32Ptr(port.NodePort), + IntervalInSeconds: to.Int32Ptr(5), + NumberOfProbes: to.Int32Ptr(2), + }, + }) } + + loadDistribution := network.LoadDistributionDefault + if service.Spec.SessionAffinity == v1.ServiceAffinityClientIP { + loadDistribution = network.LoadDistributionSourceIP + } + + expectedRule := network.LoadBalancingRule{ + Name: &lbRuleName, + LoadBalancingRulePropertiesFormat: &network.LoadBalancingRulePropertiesFormat{ + Protocol: *transportProto, + FrontendIPConfiguration: &network.SubResource{ + ID: to.StringPtr(lbFrontendIPConfigID), + }, + BackendAddressPool: &network.SubResource{ + ID: to.StringPtr(lbBackendPoolID), + }, + LoadDistribution: loadDistribution, + FrontendPort: to.Int32Ptr(port.Port), + BackendPort: to.Int32Ptr(port.Port), + DisableOutboundSnat: to.BoolPtr(az.disableLoadBalancerOutboundSNAT()), + EnableTCPReset: enableTCPReset, + EnableFloatingIP: to.BoolPtr(true), + }, + } + + if port.Protocol == v1.ProtocolTCP { + expectedRule.LoadBalancingRulePropertiesFormat.IdleTimeoutInMinutes = lbIdleTimeout + } + + if requiresInternalLoadBalancer(service) && + strings.EqualFold(az.LoadBalancerSku, loadBalancerSkuStandard) && + strings.EqualFold(service.Annotations[ServiceAnnotationLoadBalancerEnableHighAvailabilityPorts], "true") { + expectedRule.FrontendPort = to.Int32Ptr(0) + expectedRule.BackendPort = to.Int32Ptr(0) + expectedRule.Protocol = network.TransportProtocolAll + } + + // we didn't construct the probe objects for UDP or SCTP because they're not allowed on Azure. + // However, when externalTrafficPolicy is Local, Kubernetes HTTP health check would be used for probing. + if servicehelpers.NeedsHealthCheck(service) || (port.Protocol != v1.ProtocolUDP && port.Protocol != v1.ProtocolSCTP) { + expectedRule.Probe = &network.SubResource{ + ID: to.StringPtr(az.getLoadBalancerProbeID(lbName, az.getLoadBalancerResourceGroup(), lbRuleName)), + } + } + + expectedRules = append(expectedRules, expectedRule) } return expectedProbes, expectedRules, nil