github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-06 07:57:35 +00:00
Code Issues Projects Releases Wiki Activity

fix review comments

Browse Source
This commit is contained in:
m1093782566
2017-12-22 09:46:18 +08:00
parent 4df6662d56
commit 477b0f0636
6 changed files with 122 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/ipvs/ipset.go
View File

@@ -89,7 +89,7 @@ func NewIPSet(handle utilipset.Interface, name string, setType utilipset.Type, i
return set
}
func (set *IPSet) validateEntry(entry *utilipset.Entry) (bool, error) {
func (set *IPSet) validateEntry(entry *utilipset.Entry) bool {
return entry.Validate(&set.IPSet)
}

56
pkg/proxy/ipvs/ipset_test.go
View File

@@ -55,7 +55,7 @@ const testIPSetVersion = "v6.19"
func TestSyncIPSetEntries(t *testing.T) {
testCases := []struct {
setName string
set *utilipset.IPSet
setType utilipset.Type
ipv6 bool
activeEntries []string
@@ -63,7 +63,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries []string
}{
{ // case 0
setName: "foo",
set: &utilipset.IPSet{
Name: "foo",
},
setType: utilipset.HashIPPort,
ipv6: false,
activeEntries: []string{"172.17.0.4,tcp:80"},
@@ -71,7 +73,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"172.17.0.4,tcp:80"},
},
{ // case 1
setName: "abz",
set: &utilipset.IPSet{
Name: "abz",
},
setType: utilipset.HashIPPort,
ipv6: true,
activeEntries: []string{"FE80::0202:B3FF:FE1E:8329,tcp:80"},
@@ -79,7 +83,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"FE80::0202:B3FF:FE1E:8329,tcp:80"},
},
{ // case 2
setName: "bca",
set: &utilipset.IPSet{
Name: "bca",
},
setType: utilipset.HashIPPort,
ipv6: false,
activeEntries: []string{"172.17.0.4,tcp:80", "172.17.0.5,tcp:80"},
@@ -87,7 +93,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"172.17.0.4,tcp:80", "172.17.0.5,tcp:80"},
},
{ // case 3
setName: "bar",
set: &utilipset.IPSet{
Name: "bar",
},
setType: utilipset.HashIPPortIP,
ipv6: false,
activeEntries: []string{"172.17.0.4,tcp:80:172.17.0.4"},
@@ -95,7 +103,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"172.17.0.4,tcp:80:172.17.0.4"},
},
{ // case 4
setName: "baz",
set: &utilipset.IPSet{
Name: "baz",
},
setType: utilipset.HashIPPortIP,
ipv6: true,
activeEntries: []string{"FE80:0000:0000:0000:0202:B3FF:FE1E:8329,tcp:8080:FE80:0000:0000:0000:0202:B3FF:FE1E:8329"},
@@ -103,7 +113,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"FE80:0000:0000:0000:0202:B3FF:FE1E:8329,tcp:8080:FE80:0000:0000:0000:0202:B3FF:FE1E:8329"},
},
{ // case 5
setName: "NOPE",
set: &utilipset.IPSet{
Name: "NOPE",
},
setType: utilipset.HashIPPortIP,
ipv6: false,
activeEntries: []string{"172.17.0.4,tcp:80,172.17.0.9", "172.17.0.5,tcp:80,172.17.0.10"},
@@ -111,7 +123,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"172.17.0.4,tcp:80,172.17.0.9", "172.17.0.5,tcp:80,172.17.0.10"},
},
{ // case 6
setName: "ABC-DEF",
set: &utilipset.IPSet{
Name: "ABC-DEF",
},
setType: utilipset.HashIPPortNet,
ipv6: false,
activeEntries: []string{"172.17.0.4,tcp:80,172.17.0.0/16", "172.17.0.5,tcp:80,172.17.0.0/16"},
@@ -119,7 +133,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"172.17.0.4,tcp:80,172.17.0.0/16", "172.17.0.5,tcp:80,172.17.0.0/16"},
},
{ // case 7
setName: "zar",
set: &utilipset.IPSet{
Name: "zar",
},
setType: utilipset.HashIPPortNet,
ipv6: true,
activeEntries: []string{"FE80::8329,tcp:8800,2001:db8::/32"},
@@ -127,7 +143,9 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: []string{"FE80::8329,tcp:8800,2001:db8::/32"},
},
{ // case 8
setName: "bbb",
set: &utilipset.IPSet{
Name: "bbb",
},
setType: utilipset.HashIPPortNet,
ipv6: true,
activeEntries: nil,
@@ -135,21 +153,27 @@ func TestSyncIPSetEntries(t *testing.T) {
expectedEntries: nil,
},
{ // case 9
setName: "AAA",
set: &utilipset.IPSet{
Name: "AAA",
},
setType: utilipset.BitmapPort,
activeEntries: nil,
currentEntries: []string{"80"},
expectedEntries: nil,
},
{ // case 10
setName: "c-c-c",
set: &utilipset.IPSet{
Name: "c-c-c",
},
setType: utilipset.BitmapPort,
activeEntries: []string{"8080", "9090"},
currentEntries: []string{"80"},
expectedEntries: []string{"8080", "9090"},
},
{ // case 11
setName: "NODE-PORT",
set: &utilipset.IPSet{
Name: "NODE-PORT",
},
setType: utilipset.BitmapPort,
activeEntries: []string{"8080"},
currentEntries: []string{"80", "9090", "8081", "8082"},
@@ -158,19 +182,19 @@ func TestSyncIPSetEntries(t *testing.T) {
}
for i := range testCases {
set := NewIPSet(fakeipset.NewFake(testIPSetVersion), testCases[i].setName, testCases[i].setType, testCases[i].ipv6)
set := NewIPSet(fakeipset.NewFake(testIPSetVersion), testCases[i].set.Name, testCases[i].setType, testCases[i].ipv6)
if err := set.handle.CreateSet(&set.IPSet, true); err != nil {
t.Errorf("Unexpected error: %v", err)
}
for _, entry := range testCases[i].expectedEntries {
set.handle.AddEntry(entry, testCases[i].setName, true)
set.handle.AddEntry(entry, testCases[i].set, true)
}
set.activeEntries.Insert(testCases[i].activeEntries...)
set.syncIPSetEntries()
for _, entry := range testCases[i].expectedEntries {
found, err := set.handle.TestEntry(entry, testCases[i].setName)
found, err := set.handle.TestEntry(entry, testCases[i].set.Name)
if err != nil {
t.Errorf("Unexpected error: %v", err)
}

42
pkg/proxy/ipvs/proxier.go
View File

@@ -971,7 +971,7 @@ func (proxier *Proxier) OnEndpointsSynced() {
}
// EntryInvalidErr indiates if an ipset entry is invalid or not
const EntryInvalidErr = "entry is invalid"
const EntryInvalidErr = "error adding entry %s to ipset %s since entry is invalid"
// This is where all of the ipvs calls happen.
// assumes proxier.mu is held
@@ -1127,8 +1127,8 @@ func (proxier *Proxier) syncProxyRules() {
IP2: epIP,
SetType: utilipset.HashIPPortIP,
}
if valid, err := proxier.loopbackSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.loopbackSet.Name, EntryInvalidErr, err)
if valid := proxier.loopbackSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.loopbackSet.Name))
continue
}
proxier.loopbackSet.activeEntries.Insert(entry.String())
@@ -1146,14 +1146,14 @@ func (proxier *Proxier) syncProxyRules() {
// proxier.kubeServiceAccessSet.activeEntries.Insert(entry.String())
// Install masquerade rules if 'masqueradeAll' or 'clusterCIDR' is specified.
if proxier.masqueradeAll {
if valid, err := proxier.clusterIPSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.clusterIPSet.Name, EntryInvalidErr, err)
if valid := proxier.clusterIPSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.clusterIPSet.Name))
continue
}
proxier.clusterIPSet.activeEntries.Insert(entry.String())
} else if len(proxier.clusterCIDR) > 0 {
if valid, err := proxier.clusterIPSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.clusterIPSet.Name, EntryInvalidErr, err)
if valid := proxier.clusterIPSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.clusterIPSet.Name))
continue
}
proxier.clusterIPSet.activeEntries.Insert(entry.String())
@@ -1223,8 +1223,8 @@ func (proxier *Proxier) syncProxyRules() {
SetType: utilipset.HashIPPort,
}
// We have to SNAT packets to external IPs.
if valid, err := proxier.externalIPSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.externalIPSet.Name, EntryInvalidErr, err)
if valid := proxier.externalIPSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.externalIPSet.Name))
continue
}
proxier.externalIPSet.activeEntries.Insert(entry.String())
@@ -1266,8 +1266,8 @@ func (proxier *Proxier) syncProxyRules() {
// If we are proxying globally, we need to masquerade in case we cross nodes.
// If we are proxying only locally, we can retain the source IP.
if !svcInfo.onlyNodeLocalEndpoints {
if valid, err := proxier.lbMasqSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.lbMasqSet.Name, EntryInvalidErr, err)
if valid := proxier.lbMasqSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbMasqSet.Name))
continue
}
proxier.lbMasqSet.activeEntries.Insert(entry.String())
@@ -1276,8 +1276,8 @@ func (proxier *Proxier) syncProxyRules() {
// The service firewall rules are created based on ServiceSpec.loadBalancerSourceRanges field.
// This currently works for loadbalancers that preserves source ips.
// For loadbalancers which direct traffic to service NodePort, the firewall rules will not apply.
if valid, err := proxier.lbIngressSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.lbIngressSet.Name, EntryInvalidErr, err)
if valid := proxier.lbIngressSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbIngressSet.Name))
continue
}
proxier.lbIngressSet.activeEntries.Insert(entry.String())
@@ -1293,8 +1293,8 @@ func (proxier *Proxier) syncProxyRules() {
SetType: utilipset.HashIPPortNet,
}
// enumerate all white list source cidr
if valid, err := proxier.lbWhiteListCIDRSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.lbWhiteListCIDRSet.Name, EntryInvalidErr, err)
if valid := proxier.lbWhiteListCIDRSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbWhiteListCIDRSet.Name))
continue
}
proxier.lbWhiteListCIDRSet.activeEntries.Insert(entry.String())
@@ -1317,8 +1317,8 @@ func (proxier *Proxier) syncProxyRules() {
SetType: utilipset.HashIPPortIP,
}
// enumerate all white list source ip
if valid, err := proxier.lbWhiteListIPSet.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.lbWhiteListIPSet.Name, EntryInvalidErr, err)
if valid := proxier.lbWhiteListIPSet.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbWhiteListIPSet.Name))
continue
}
proxier.lbWhiteListIPSet.activeEntries.Insert(entry.String())
@@ -1382,14 +1382,14 @@ func (proxier *Proxier) syncProxyRules() {
}
switch protocol {
case "tcp":
if valid, err := proxier.nodePortSetTCP.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.nodePortSetTCP.Name, EntryInvalidErr, err)
if valid := proxier.nodePortSetTCP.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.nodePortSetTCP.Name))
continue
}
proxier.nodePortSetTCP.activeEntries.Insert(entry.String())
case "udp":
if valid, err := proxier.nodePortSetUDP.validateEntry(entry); !valid {
glog.Errorf("Failed to add entry %v to set %s, error: %s, %v", entry, proxier.nodePortSetUDP.Name, EntryInvalidErr, err)
if valid := proxier.nodePortSetUDP.validateEntry(entry); !valid {
glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.nodePortSetUDP.Name))
continue
}
proxier.nodePortSetUDP.activeEntries.Insert(entry.String())