From 433f6830f805c2cad59b07addb48fcb1db07e407 Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Mon, 19 Dec 2016 17:12:32 -0600 Subject: [PATCH] proxy/iptables: don't proxy ExternalName services The API docs say: // ServiceTypeExternalName means a service consists of only a reference to // an external name that kubedns or equivalent will return as a CNAME // record, with no exposing or proxying of any pods involved. which implies that ExternalName services should be ignored for proxy purposes. --- pkg/proxy/iptables/proxier.go | 5 +++++ pkg/proxy/iptables/proxier_test.go | 26 ++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index 89634d461c5..56643a2cb2d 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -471,6 +471,11 @@ func buildServiceMap(allServices []api.Service, oldServiceMap proxyServiceMap) ( glog.V(3).Infof("Skipping service %s due to clusterIP = %q", svcName, service.Spec.ClusterIP) continue } + // Even if ClusterIP is set, ServiceTypeExternalName services don't get proxied + if service.Spec.Type == api.ServiceTypeExternalName { + glog.V(3).Infof("Skipping service %s due to Type=ExternalName", svcName) + continue + } for i := range service.Spec.Ports { servicePort := &service.Spec.Ports[i] diff --git a/pkg/proxy/iptables/proxier_test.go b/pkg/proxy/iptables/proxier_test.go index 5d4612f9bb0..3e1fb4b8b15 100644 --- a/pkg/proxy/iptables/proxier_test.go +++ b/pkg/proxy/iptables/proxier_test.go @@ -1053,4 +1053,30 @@ func TestBuildServiceMapServiceHeadless(t *testing.T) { } } +func TestBuildServiceMapServiceTypeExternalName(t *testing.T) { + services := []api.Service{ + makeTestService("somewhere-else", "external-name", func(svc *api.Service) { + svc.Spec.Type = api.ServiceTypeExternalName + svc.Spec.ClusterIP = "172.16.55.4" // Should be ignored + svc.Spec.ExternalName = "foo2.bar.com" + svc.Spec.Ports = addTestPort(svc.Spec.Ports, "blah", "UDP", 1235, 5321, 0) + }), + } + + serviceMap, hcAdd, hcDel, staleUDPServices := buildServiceMap(services, make(proxyServiceMap)) + if len(serviceMap) != 0 { + t.Errorf("expected service map length 0, got %v", serviceMap) + } + // No proxied services, so no healthchecks + if len(hcAdd) != 0 { + t.Errorf("expected healthcheck add length 0, got %v", hcAdd) + } + if len(hcDel) != 0 { + t.Errorf("expected healthcheck del length 0, got %v", hcDel) + } + if len(staleUDPServices) != 0 { + t.Errorf("expected stale UDP services length 0, got %v", staleUDPServices) + } +} + // TODO(thockin): add *more* tests for syncProxyRules() or break it down further and test the pieces.