mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 03:41:45 +00:00
move KubeProxyConfiguration out of componentconfig API group
This commit is contained in:
parent
d837a6a2ea
commit
5c8c1f43fa
@ -47,14 +47,17 @@ import (
|
|||||||
"k8s.io/client-go/tools/record"
|
"k8s.io/client-go/tools/record"
|
||||||
"k8s.io/kubernetes/pkg/api"
|
"k8s.io/kubernetes/pkg/api"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
|
|
||||||
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
|
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
|
||||||
informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
|
informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
|
||||||
cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
|
cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
|
||||||
"k8s.io/kubernetes/pkg/kubelet/qos"
|
"k8s.io/kubernetes/pkg/kubelet/qos"
|
||||||
"k8s.io/kubernetes/pkg/master/ports"
|
"k8s.io/kubernetes/pkg/master/ports"
|
||||||
"k8s.io/kubernetes/pkg/proxy"
|
"k8s.io/kubernetes/pkg/proxy"
|
||||||
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/scheme"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/v1alpha1"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/validation"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/config"
|
||||||
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
||||||
"k8s.io/kubernetes/pkg/proxy/iptables"
|
"k8s.io/kubernetes/pkg/proxy/iptables"
|
||||||
"k8s.io/kubernetes/pkg/proxy/ipvs"
|
"k8s.io/kubernetes/pkg/proxy/ipvs"
|
||||||
@ -93,10 +96,10 @@ type Options struct {
|
|||||||
CleanupAndExit bool
|
CleanupAndExit bool
|
||||||
|
|
||||||
// config is the proxy server's configuration object.
|
// config is the proxy server's configuration object.
|
||||||
config *componentconfig.KubeProxyConfiguration
|
config *proxyconfig.KubeProxyConfiguration
|
||||||
|
|
||||||
// The fields below here are placeholders for flags that can't be directly mapped into
|
// The fields below here are placeholders for flags that can't be directly mapped into
|
||||||
// componentconfig.KubeProxyConfiguration.
|
// proxyconfig.KubeProxyConfiguration.
|
||||||
//
|
//
|
||||||
// TODO remove these fields once the deprecated flags are removed.
|
// TODO remove these fields once the deprecated flags are removed.
|
||||||
|
|
||||||
@ -161,19 +164,16 @@ func AddFlags(options *Options, fs *pflag.FlagSet) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func NewOptions() (*Options, error) {
|
func NewOptions() (*Options, error) {
|
||||||
|
scheme, codecs, err := scheme.NewSchemeAndCodecs()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
o := &Options{
|
o := &Options{
|
||||||
config: new(componentconfig.KubeProxyConfiguration),
|
config: new(proxyconfig.KubeProxyConfiguration),
|
||||||
healthzPort: ports.ProxyHealthzPort,
|
healthzPort: ports.ProxyHealthzPort,
|
||||||
}
|
scheme: scheme,
|
||||||
|
codecs: *codecs,
|
||||||
o.scheme = runtime.NewScheme()
|
|
||||||
o.codecs = serializer.NewCodecFactory(o.scheme)
|
|
||||||
|
|
||||||
if err := componentconfig.AddToScheme(o.scheme); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if err := v1alpha1.AddToScheme(o.scheme); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return o, nil
|
return o, nil
|
||||||
@ -195,7 +195,7 @@ func (o *Options) Validate(args []string) error {
|
|||||||
return errors.New("no arguments are supported")
|
return errors.New("no arguments are supported")
|
||||||
}
|
}
|
||||||
|
|
||||||
if errs := Validate(o.config); len(errs) != 0 {
|
if errs := validation.Validate(o.config); len(errs) != 0 {
|
||||||
return errs.ToAggregate()
|
return errs.ToAggregate()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -279,7 +279,7 @@ func (o *Options) applyDeprecatedHealthzPortToConfig() {
|
|||||||
|
|
||||||
// loadConfigFromFile loads the contents of file and decodes it as a
|
// loadConfigFromFile loads the contents of file and decodes it as a
|
||||||
// KubeProxyConfiguration object.
|
// KubeProxyConfiguration object.
|
||||||
func (o *Options) loadConfigFromFile(file string) (*componentconfig.KubeProxyConfiguration, error) {
|
func (o *Options) loadConfigFromFile(file string) (*proxyconfig.KubeProxyConfiguration, error) {
|
||||||
data, err := ioutil.ReadFile(file)
|
data, err := ioutil.ReadFile(file)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -289,19 +289,19 @@ func (o *Options) loadConfigFromFile(file string) (*componentconfig.KubeProxyCon
|
|||||||
}
|
}
|
||||||
|
|
||||||
// loadConfig decodes data as a KubeProxyConfiguration object.
|
// loadConfig decodes data as a KubeProxyConfiguration object.
|
||||||
func (o *Options) loadConfig(data []byte) (*componentconfig.KubeProxyConfiguration, error) {
|
func (o *Options) loadConfig(data []byte) (*proxyconfig.KubeProxyConfiguration, error) {
|
||||||
configObj, gvk, err := o.codecs.UniversalDecoder().Decode(data, nil, nil)
|
configObj, gvk, err := o.codecs.UniversalDecoder().Decode(data, nil, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
config, ok := configObj.(*componentconfig.KubeProxyConfiguration)
|
config, ok := configObj.(*proxyconfig.KubeProxyConfiguration)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("got unexpected config type: %v", gvk)
|
return nil, fmt.Errorf("got unexpected config type: %v", gvk)
|
||||||
}
|
}
|
||||||
return config, nil
|
return config, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *Options) ApplyDefaults(in *componentconfig.KubeProxyConfiguration) (*componentconfig.KubeProxyConfiguration, error) {
|
func (o *Options) ApplyDefaults(in *proxyconfig.KubeProxyConfiguration) (*proxyconfig.KubeProxyConfiguration, error) {
|
||||||
external, err := o.scheme.ConvertToVersion(in, v1alpha1.SchemeGroupVersion)
|
external, err := o.scheme.ConvertToVersion(in, v1alpha1.SchemeGroupVersion)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -309,12 +309,12 @@ func (o *Options) ApplyDefaults(in *componentconfig.KubeProxyConfiguration) (*co
|
|||||||
|
|
||||||
o.scheme.Default(external)
|
o.scheme.Default(external)
|
||||||
|
|
||||||
internal, err := o.scheme.ConvertToVersion(external, componentconfig.SchemeGroupVersion)
|
internal, err := o.scheme.ConvertToVersion(external, proxyconfig.SchemeGroupVersion)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
out := internal.(*componentconfig.KubeProxyConfiguration)
|
out := internal.(*proxyconfig.KubeProxyConfiguration)
|
||||||
|
|
||||||
return out, nil
|
return out, nil
|
||||||
}
|
}
|
||||||
@ -367,7 +367,7 @@ type ProxyServer struct {
|
|||||||
Proxier proxy.ProxyProvider
|
Proxier proxy.ProxyProvider
|
||||||
Broadcaster record.EventBroadcaster
|
Broadcaster record.EventBroadcaster
|
||||||
Recorder record.EventRecorder
|
Recorder record.EventRecorder
|
||||||
ConntrackConfiguration componentconfig.KubeProxyConntrackConfiguration
|
ConntrackConfiguration proxyconfig.KubeProxyConntrackConfiguration
|
||||||
Conntracker Conntracker // if nil, ignored
|
Conntracker Conntracker // if nil, ignored
|
||||||
ProxyMode string
|
ProxyMode string
|
||||||
NodeRef *v1.ObjectReference
|
NodeRef *v1.ObjectReference
|
||||||
@ -377,14 +377,14 @@ type ProxyServer struct {
|
|||||||
OOMScoreAdj *int32
|
OOMScoreAdj *int32
|
||||||
ResourceContainer string
|
ResourceContainer string
|
||||||
ConfigSyncPeriod time.Duration
|
ConfigSyncPeriod time.Duration
|
||||||
ServiceEventHandler proxyconfig.ServiceHandler
|
ServiceEventHandler config.ServiceHandler
|
||||||
EndpointsEventHandler proxyconfig.EndpointsHandler
|
EndpointsEventHandler config.EndpointsHandler
|
||||||
HealthzServer *healthcheck.HealthzServer
|
HealthzServer *healthcheck.HealthzServer
|
||||||
}
|
}
|
||||||
|
|
||||||
// createClients creates a kube client and an event client from the given config and masterOverride.
|
// createClients creates a kube client and an event client from the given config and masterOverride.
|
||||||
// TODO remove masterOverride when CLI flags are removed.
|
// TODO remove masterOverride when CLI flags are removed.
|
||||||
func createClients(config componentconfig.ClientConnectionConfiguration, masterOverride string) (clientset.Interface, v1core.EventsGetter, error) {
|
func createClients(config proxyconfig.ClientConnectionConfiguration, masterOverride string) (clientset.Interface, v1core.EventsGetter, error) {
|
||||||
var kubeConfig *rest.Config
|
var kubeConfig *rest.Config
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
@ -532,11 +532,11 @@ func (s *ProxyServer) Run() error {
|
|||||||
// Note: RegisterHandler() calls need to happen before creation of Sources because sources
|
// Note: RegisterHandler() calls need to happen before creation of Sources because sources
|
||||||
// only notify on changes, and the initial update (on process start) may be lost if no handlers
|
// only notify on changes, and the initial update (on process start) may be lost if no handlers
|
||||||
// are registered yet.
|
// are registered yet.
|
||||||
serviceConfig := proxyconfig.NewServiceConfig(informerFactory.Core().InternalVersion().Services(), s.ConfigSyncPeriod)
|
serviceConfig := config.NewServiceConfig(informerFactory.Core().InternalVersion().Services(), s.ConfigSyncPeriod)
|
||||||
serviceConfig.RegisterEventHandler(s.ServiceEventHandler)
|
serviceConfig.RegisterEventHandler(s.ServiceEventHandler)
|
||||||
go serviceConfig.Run(wait.NeverStop)
|
go serviceConfig.Run(wait.NeverStop)
|
||||||
|
|
||||||
endpointsConfig := proxyconfig.NewEndpointsConfig(informerFactory.Core().InternalVersion().Endpoints(), s.ConfigSyncPeriod)
|
endpointsConfig := config.NewEndpointsConfig(informerFactory.Core().InternalVersion().Endpoints(), s.ConfigSyncPeriod)
|
||||||
endpointsConfig.RegisterEventHandler(s.EndpointsEventHandler)
|
endpointsConfig.RegisterEventHandler(s.EndpointsEventHandler)
|
||||||
go endpointsConfig.Run(wait.NeverStop)
|
go endpointsConfig.Run(wait.NeverStop)
|
||||||
|
|
||||||
@ -556,7 +556,7 @@ func (s *ProxyServer) birthCry() {
|
|||||||
s.Recorder.Eventf(s.NodeRef, api.EventTypeNormal, "Starting", "Starting kube-proxy.")
|
s.Recorder.Eventf(s.NodeRef, api.EventTypeNormal, "Starting", "Starting kube-proxy.")
|
||||||
}
|
}
|
||||||
|
|
||||||
func getConntrackMax(config componentconfig.KubeProxyConntrackConfiguration) (int, error) {
|
func getConntrackMax(config proxyconfig.KubeProxyConntrackConfiguration) (int, error) {
|
||||||
if config.Max > 0 {
|
if config.Max > 0 {
|
||||||
if config.MaxPerCore > 0 {
|
if config.MaxPerCore > 0 {
|
||||||
return -1, fmt.Errorf("invalid config: Conntrack Max and Conntrack MaxPerCore are mutually exclusive")
|
return -1, fmt.Errorf("invalid config: Conntrack Max and Conntrack MaxPerCore are mutually exclusive")
|
||||||
|
@ -32,9 +32,9 @@ import (
|
|||||||
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||||
"k8s.io/client-go/tools/record"
|
"k8s.io/client-go/tools/record"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
|
||||||
"k8s.io/kubernetes/pkg/features"
|
"k8s.io/kubernetes/pkg/features"
|
||||||
"k8s.io/kubernetes/pkg/proxy"
|
"k8s.io/kubernetes/pkg/proxy"
|
||||||
|
proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
||||||
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
||||||
"k8s.io/kubernetes/pkg/proxy/iptables"
|
"k8s.io/kubernetes/pkg/proxy/iptables"
|
||||||
@ -53,12 +53,12 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// NewProxyServer returns a new ProxyServer.
|
// NewProxyServer returns a new ProxyServer.
|
||||||
func NewProxyServer(config *componentconfig.KubeProxyConfiguration, cleanupAndExit bool, scheme *runtime.Scheme, master string) (*ProxyServer, error) {
|
func NewProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExit bool, scheme *runtime.Scheme, master string) (*ProxyServer, error) {
|
||||||
if config == nil {
|
if config == nil {
|
||||||
return nil, errors.New("config is required")
|
return nil, errors.New("config is required")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c, err := configz.New("componentconfig"); err == nil {
|
if c, err := configz.New("proxyconfig"); err == nil {
|
||||||
c.Set(config)
|
c.Set(config)
|
||||||
} else {
|
} else {
|
||||||
return nil, fmt.Errorf("unable to register configz: %s", err)
|
return nil, fmt.Errorf("unable to register configz: %s", err)
|
||||||
|
@ -31,8 +31,8 @@ import (
|
|||||||
k8sRuntime "k8s.io/apimachinery/pkg/runtime"
|
k8sRuntime "k8s.io/apimachinery/pkg/runtime"
|
||||||
"k8s.io/apimachinery/pkg/util/diff"
|
"k8s.io/apimachinery/pkg/util/diff"
|
||||||
"k8s.io/kubernetes/pkg/api"
|
"k8s.io/kubernetes/pkg/api"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/v1alpha1"
|
||||||
"k8s.io/kubernetes/pkg/util/configz"
|
"k8s.io/kubernetes/pkg/util/configz"
|
||||||
"k8s.io/kubernetes/pkg/util/iptables"
|
"k8s.io/kubernetes/pkg/util/iptables"
|
||||||
utilpointer "k8s.io/kubernetes/pkg/util/pointer"
|
utilpointer "k8s.io/kubernetes/pkg/util/pointer"
|
||||||
@ -140,7 +140,6 @@ func Test_getProxyMode(t *testing.T) {
|
|||||||
|
|
||||||
// TestNewOptionsFailures tests failure modes for NewOptions()
|
// TestNewOptionsFailures tests failure modes for NewOptions()
|
||||||
func TestNewOptionsFailures(t *testing.T) {
|
func TestNewOptionsFailures(t *testing.T) {
|
||||||
|
|
||||||
// Create a fake scheme builder that generates an error
|
// Create a fake scheme builder that generates an error
|
||||||
errString := fmt.Sprintf("Simulated error")
|
errString := fmt.Sprintf("Simulated error")
|
||||||
genError := func(scheme *k8sRuntime.Scheme) error {
|
genError := func(scheme *k8sRuntime.Scheme) error {
|
||||||
@ -150,8 +149,8 @@ func TestNewOptionsFailures(t *testing.T) {
|
|||||||
|
|
||||||
simulatedErrorTest := func(target string) {
|
simulatedErrorTest := func(target string) {
|
||||||
var addToScheme *func(s *k8sRuntime.Scheme) error
|
var addToScheme *func(s *k8sRuntime.Scheme) error
|
||||||
if target == "componentconfig" {
|
if target == "proxyconfig" {
|
||||||
addToScheme = &componentconfig.AddToScheme
|
addToScheme = &proxyconfig.AddToScheme
|
||||||
} else {
|
} else {
|
||||||
addToScheme = &v1alpha1.AddToScheme
|
addToScheme = &v1alpha1.AddToScheme
|
||||||
}
|
}
|
||||||
@ -166,7 +165,7 @@ func TestNewOptionsFailures(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Simulate errors in calls to AddToScheme()
|
// Simulate errors in calls to AddToScheme()
|
||||||
faultTargets := []string{"componentconfig", "v1alpha1"}
|
faultTargets := []string{"proxyconfig", "v1alpha1"}
|
||||||
for _, target := range faultTargets {
|
for _, target := range faultTargets {
|
||||||
simulatedErrorTest(target)
|
simulatedErrorTest(target)
|
||||||
}
|
}
|
||||||
@ -185,7 +184,7 @@ func TestProxyServerWithCleanupAndExit(t *testing.T) {
|
|||||||
t.Fatalf("Unexpected error with address %s: %v", addr, err)
|
t.Fatalf("Unexpected error with address %s: %v", addr, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
options.config = &componentconfig.KubeProxyConfiguration{
|
options.config = &proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: addr,
|
BindAddress: addr,
|
||||||
}
|
}
|
||||||
options.CleanupAndExit = true
|
options.CleanupAndExit = true
|
||||||
@ -198,7 +197,7 @@ func TestProxyServerWithCleanupAndExit(t *testing.T) {
|
|||||||
assert.True(t, proxyserver.CleanupAndExit, "false CleanupAndExit, addr: %s", addr)
|
assert.True(t, proxyserver.CleanupAndExit, "false CleanupAndExit, addr: %s", addr)
|
||||||
|
|
||||||
// Clean up config for next test case
|
// Clean up config for next test case
|
||||||
configz.Delete("componentconfig")
|
configz.Delete("proxyconfig")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -242,7 +241,7 @@ func TestGetConntrackMax(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
for i, tc := range testCases {
|
for i, tc := range testCases {
|
||||||
cfg := componentconfig.KubeProxyConntrackConfiguration{
|
cfg := proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Min: tc.min,
|
Min: tc.min,
|
||||||
Max: tc.max,
|
Max: tc.max,
|
||||||
MaxPerCore: tc.maxPerCore,
|
MaxPerCore: tc.maxPerCore,
|
||||||
@ -263,7 +262,7 @@ func TestGetConntrackMax(t *testing.T) {
|
|||||||
// TestLoadConfig tests proper operation of loadConfig()
|
// TestLoadConfig tests proper operation of loadConfig()
|
||||||
func TestLoadConfig(t *testing.T) {
|
func TestLoadConfig(t *testing.T) {
|
||||||
|
|
||||||
yamlTemplate := `apiVersion: componentconfig/v1alpha1
|
yamlTemplate := `apiVersion: proxyconfig/v1alpha1
|
||||||
bindAddress: %s
|
bindAddress: %s
|
||||||
clientConnection:
|
clientConnection:
|
||||||
acceptContentTypes: "abc"
|
acceptContentTypes: "abc"
|
||||||
@ -372,9 +371,9 @@ udpTimeoutMilliseconds: 123ms
|
|||||||
// Surrounding double quotes will get stripped by the yaml parser.
|
// Surrounding double quotes will get stripped by the yaml parser.
|
||||||
expBindAddr = expBindAddr[1 : len(tc.bindAddress)-1]
|
expBindAddr = expBindAddr[1 : len(tc.bindAddress)-1]
|
||||||
}
|
}
|
||||||
expected := &componentconfig.KubeProxyConfiguration{
|
expected := &proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: expBindAddr,
|
BindAddress: expBindAddr,
|
||||||
ClientConnection: componentconfig.ClientConnectionConfiguration{
|
ClientConnection: proxyconfig.ClientConnectionConfiguration{
|
||||||
AcceptContentTypes: "abc",
|
AcceptContentTypes: "abc",
|
||||||
Burst: 100,
|
Burst: 100,
|
||||||
ContentType: "content-type",
|
ContentType: "content-type",
|
||||||
@ -383,7 +382,7 @@ udpTimeoutMilliseconds: 123ms
|
|||||||
},
|
},
|
||||||
ClusterCIDR: tc.clusterCIDR,
|
ClusterCIDR: tc.clusterCIDR,
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 15 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 15 * time.Second},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: 4,
|
Max: 4,
|
||||||
MaxPerCore: 2,
|
MaxPerCore: 2,
|
||||||
Min: 1,
|
Min: 1,
|
||||||
@ -393,18 +392,18 @@ udpTimeoutMilliseconds: 123ms
|
|||||||
FeatureGates: "all",
|
FeatureGates: "all",
|
||||||
HealthzBindAddress: tc.healthzBindAddress,
|
HealthzBindAddress: tc.healthzBindAddress,
|
||||||
HostnameOverride: "foo",
|
HostnameOverride: "foo",
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
MasqueradeBit: utilpointer.Int32Ptr(17),
|
MasqueradeBit: utilpointer.Int32Ptr(17),
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
|
||||||
SyncPeriod: metav1.Duration{Duration: 60 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 60 * time.Second},
|
||||||
},
|
},
|
||||||
IPVS: componentconfig.KubeProxyIPVSConfiguration{
|
IPVS: proxyconfig.KubeProxyIPVSConfiguration{
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
|
||||||
SyncPeriod: metav1.Duration{Duration: 60 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 60 * time.Second},
|
||||||
},
|
},
|
||||||
MetricsBindAddress: tc.metricsBindAddress,
|
MetricsBindAddress: tc.metricsBindAddress,
|
||||||
Mode: componentconfig.ProxyMode(tc.mode),
|
Mode: proxyconfig.ProxyMode(tc.mode),
|
||||||
OOMScoreAdj: utilpointer.Int32Ptr(17),
|
OOMScoreAdj: utilpointer.Int32Ptr(17),
|
||||||
PortRange: "2-7",
|
PortRange: "2-7",
|
||||||
ResourceContainer: "/foo",
|
ResourceContainer: "/foo",
|
||||||
@ -440,7 +439,7 @@ func TestLoadConfigFailures(t *testing.T) {
|
|||||||
{
|
{
|
||||||
name: "Bad config type test",
|
name: "Bad config type test",
|
||||||
config: "kind: KubeSchedulerConfiguration",
|
config: "kind: KubeSchedulerConfiguration",
|
||||||
expErr: "unexpected config type",
|
expErr: "no kind",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "Missing quotes around :: bindAddress",
|
name: "Missing quotes around :: bindAddress",
|
||||||
@ -448,7 +447,7 @@ func TestLoadConfigFailures(t *testing.T) {
|
|||||||
expErr: "mapping values are not allowed in this context",
|
expErr: "mapping values are not allowed in this context",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
version := "apiVersion: componentconfig/v1alpha1"
|
version := "apiVersion: proxyconfig/v1alpha1"
|
||||||
for _, tc := range testCases {
|
for _, tc := range testCases {
|
||||||
options, _ := NewOptions()
|
options, _ := NewOptions()
|
||||||
config := fmt.Sprintf("%s\n%s", version, tc.config)
|
config := fmt.Sprintf("%s\n%s", version, tc.config)
|
||||||
|
@ -31,8 +31,8 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
utilnet "k8s.io/apimachinery/pkg/util/net"
|
utilnet "k8s.io/apimachinery/pkg/util/net"
|
||||||
"k8s.io/client-go/tools/record"
|
"k8s.io/client-go/tools/record"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
|
||||||
"k8s.io/kubernetes/pkg/proxy"
|
"k8s.io/kubernetes/pkg/proxy"
|
||||||
|
proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
||||||
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
||||||
"k8s.io/kubernetes/pkg/proxy/winkernel"
|
"k8s.io/kubernetes/pkg/proxy/winkernel"
|
||||||
@ -46,12 +46,12 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// NewProxyServer returns a new ProxyServer.
|
// NewProxyServer returns a new ProxyServer.
|
||||||
func NewProxyServer(config *componentconfig.KubeProxyConfiguration, cleanupAndExit bool, scheme *runtime.Scheme, master string) (*ProxyServer, error) {
|
func NewProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExit bool, scheme *runtime.Scheme, master string) (*ProxyServer, error) {
|
||||||
if config == nil {
|
if config == nil {
|
||||||
return nil, errors.New("config is required")
|
return nil, errors.New("config is required")
|
||||||
}
|
}
|
||||||
|
|
||||||
if c, err := configz.New("componentconfig"); err == nil {
|
if c, err := configz.New("proxyconfig"); err == nil {
|
||||||
c.Set(config)
|
c.Set(config)
|
||||||
} else {
|
} else {
|
||||||
return nil, fmt.Errorf("unable to register configz: %s", err)
|
return nil, fmt.Errorf("unable to register configz: %s", err)
|
||||||
|
@ -61,22 +61,6 @@ func (v IPVar) Type() string {
|
|||||||
return "ip"
|
return "ip"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *ProxyMode) Set(s string) error {
|
|
||||||
*m = ProxyMode(s)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *ProxyMode) String() string {
|
|
||||||
if m != nil {
|
|
||||||
return string(*m)
|
|
||||||
}
|
|
||||||
return ""
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *ProxyMode) Type() string {
|
|
||||||
return "ProxyMode"
|
|
||||||
}
|
|
||||||
|
|
||||||
type PortRangeVar struct {
|
type PortRangeVar struct {
|
||||||
Val *string
|
Val *string
|
||||||
}
|
}
|
||||||
|
@ -45,7 +45,6 @@ func Resource(resource string) schema.GroupResource {
|
|||||||
func addKnownTypes(scheme *runtime.Scheme) error {
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
// TODO this will get cleaned up with the scheme types are fixed
|
// TODO this will get cleaned up with the scheme types are fixed
|
||||||
scheme.AddKnownTypes(SchemeGroupVersion,
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
&KubeProxyConfiguration{},
|
|
||||||
&KubeSchedulerConfiguration{},
|
&KubeSchedulerConfiguration{},
|
||||||
)
|
)
|
||||||
return nil
|
return nil
|
||||||
|
@ -20,189 +20,6 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ClientConnectionConfiguration contains details for constructing a client.
|
|
||||||
type ClientConnectionConfiguration struct {
|
|
||||||
// kubeConfigFile is the path to a kubeconfig file.
|
|
||||||
KubeConfigFile string
|
|
||||||
// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
|
|
||||||
// default value of 'application/json'. This field will control all connections to the server used by a particular
|
|
||||||
// client.
|
|
||||||
AcceptContentTypes string
|
|
||||||
// contentType is the content type used when sending data to the server from this client.
|
|
||||||
ContentType string
|
|
||||||
// qps controls the number of queries per second allowed for this connection.
|
|
||||||
QPS float32
|
|
||||||
// burst allows extra queries to accumulate when a client is exceeding its rate.
|
|
||||||
Burst int
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyIPTablesConfiguration contains iptables-related configuration
|
|
||||||
// details for the Kubernetes proxy server.
|
|
||||||
type KubeProxyIPTablesConfiguration struct {
|
|
||||||
// masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
|
|
||||||
// the pure iptables proxy mode. Values must be within the range [0, 31].
|
|
||||||
MasqueradeBit *int32
|
|
||||||
// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
|
|
||||||
MasqueradeAll bool
|
|
||||||
// syncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m'). Must be greater than 0.
|
|
||||||
SyncPeriod metav1.Duration
|
|
||||||
// minSyncPeriod is the minimum period that iptables rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m').
|
|
||||||
MinSyncPeriod metav1.Duration
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyIPVSConfiguration contains ipvs-related configuration
|
|
||||||
// details for the Kubernetes proxy server.
|
|
||||||
type KubeProxyIPVSConfiguration struct {
|
|
||||||
// syncPeriod is the period that ipvs rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m'). Must be greater than 0.
|
|
||||||
SyncPeriod metav1.Duration
|
|
||||||
// minSyncPeriod is the minimum period that ipvs rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m').
|
|
||||||
MinSyncPeriod metav1.Duration
|
|
||||||
// ipvs scheduler
|
|
||||||
Scheduler string
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyConntrackConfiguration contains conntrack settings for
|
|
||||||
// the Kubernetes proxy server.
|
|
||||||
type KubeProxyConntrackConfiguration struct {
|
|
||||||
// max is the maximum number of NAT connections to track (0 to
|
|
||||||
// leave as-is). This takes precedence over conntrackMaxPerCore and conntrackMin.
|
|
||||||
Max int32
|
|
||||||
// maxPerCore is the maximum number of NAT connections to track
|
|
||||||
// per CPU core (0 to leave the limit as-is and ignore conntrackMin).
|
|
||||||
MaxPerCore int32
|
|
||||||
// min is the minimum value of connect-tracking records to allocate,
|
|
||||||
// regardless of conntrackMaxPerCore (set conntrackMaxPerCore=0 to leave the limit as-is).
|
|
||||||
Min int32
|
|
||||||
// tcpEstablishedTimeout is how long an idle TCP connection will be kept open
|
|
||||||
// (e.g. '2s'). Must be greater than 0.
|
|
||||||
TCPEstablishedTimeout metav1.Duration
|
|
||||||
// tcpCloseWaitTimeout is how long an idle conntrack entry
|
|
||||||
// in CLOSE_WAIT state will remain in the conntrack
|
|
||||||
// table. (e.g. '60s'). Must be greater than 0 to set.
|
|
||||||
TCPCloseWaitTimeout metav1.Duration
|
|
||||||
}
|
|
||||||
|
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
||||||
|
|
||||||
// KubeProxyConfiguration contains everything necessary to configure the
|
|
||||||
// Kubernetes proxy server.
|
|
||||||
type KubeProxyConfiguration struct {
|
|
||||||
metav1.TypeMeta
|
|
||||||
|
|
||||||
// featureGates is a comma-separated list of key=value pairs that control
|
|
||||||
// which alpha/beta features are enabled.
|
|
||||||
//
|
|
||||||
// TODO this really should be a map but that requires refactoring all
|
|
||||||
// components to use config files because local-up-cluster.sh only supports
|
|
||||||
// the --feature-gates flag right now, which is comma-separated key=value
|
|
||||||
// pairs.
|
|
||||||
FeatureGates string
|
|
||||||
|
|
||||||
// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
|
|
||||||
// for all interfaces)
|
|
||||||
BindAddress string
|
|
||||||
// healthzBindAddress is the IP address and port for the health check server to serve on,
|
|
||||||
// defaulting to 0.0.0.0:10256
|
|
||||||
HealthzBindAddress string
|
|
||||||
// metricsBindAddress is the IP address and port for the metrics server to serve on,
|
|
||||||
// defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
|
|
||||||
MetricsBindAddress string
|
|
||||||
// enableProfiling enables profiling via web interface on /debug/pprof handler.
|
|
||||||
// Profiling handlers will be handled by metrics server.
|
|
||||||
EnableProfiling bool
|
|
||||||
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
|
|
||||||
// bridge traffic coming from outside of the cluster. If not provided,
|
|
||||||
// no off-cluster bridging will be performed.
|
|
||||||
ClusterCIDR string
|
|
||||||
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
|
|
||||||
HostnameOverride string
|
|
||||||
// clientConnection specifies the kubeconfig file and client connection settings for the proxy
|
|
||||||
// server to use when communicating with the apiserver.
|
|
||||||
ClientConnection ClientConnectionConfiguration
|
|
||||||
// iptables contains iptables-related configuration options.
|
|
||||||
IPTables KubeProxyIPTablesConfiguration
|
|
||||||
// ipvs contains ipvs-related configuration options.
|
|
||||||
IPVS KubeProxyIPVSConfiguration
|
|
||||||
// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
|
|
||||||
// the range [-1000, 1000]
|
|
||||||
OOMScoreAdj *int32
|
|
||||||
// mode specifies which proxy mode to use.
|
|
||||||
Mode ProxyMode
|
|
||||||
// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
|
|
||||||
// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
|
|
||||||
PortRange string
|
|
||||||
// resourceContainer is the absolute name of the resource-only container to create and run
|
|
||||||
// the Kube-proxy in (Default: /kube-proxy).
|
|
||||||
ResourceContainer string
|
|
||||||
// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
|
|
||||||
// Must be greater than 0. Only applicable for proxyMode=userspace.
|
|
||||||
UDPIdleTimeout metav1.Duration
|
|
||||||
// conntrack contains conntrack-related configuration options.
|
|
||||||
Conntrack KubeProxyConntrackConfiguration
|
|
||||||
// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
|
|
||||||
// than 0.
|
|
||||||
ConfigSyncPeriod metav1.Duration
|
|
||||||
}
|
|
||||||
|
|
||||||
// Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
|
|
||||||
// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
|
|
||||||
// change in future versions). If the iptables proxy is selected, regardless of how, but
|
|
||||||
// the system's kernel or iptables versions are insufficient, this always falls back to the
|
|
||||||
// userspace proxy.
|
|
||||||
type ProxyMode string
|
|
||||||
|
|
||||||
const (
|
|
||||||
ProxyModeUserspace ProxyMode = "userspace"
|
|
||||||
ProxyModeIPTables ProxyMode = "iptables"
|
|
||||||
ProxyModeIPVS ProxyMode = "ipvs"
|
|
||||||
)
|
|
||||||
|
|
||||||
// IPVSSchedulerMethod is the algorithm for allocating TCP connections and
|
|
||||||
// UDP datagrams to real servers. Scheduling algorithms are imple-
|
|
||||||
//wanted as kernel modules. Ten are shipped with the Linux Virtual Server.
|
|
||||||
type IPVSSchedulerMethod string
|
|
||||||
|
|
||||||
const (
|
|
||||||
// Robin Robin distributes jobs equally amongst the available real servers.
|
|
||||||
RoundRobin IPVSSchedulerMethod = "rr"
|
|
||||||
// Weighted Round Robin assigns jobs to real servers proportionally to there real servers' weight.
|
|
||||||
// Servers with higher weights receive new jobs first and get more jobs than servers with lower weights.
|
|
||||||
// Servers with equal weights get an equal distribution of new jobs.
|
|
||||||
WeightedRoundRobin IPVSSchedulerMethod = "wrr"
|
|
||||||
// Least Connection assigns more jobs to real servers with fewer active jobs.
|
|
||||||
LeastConnection IPVSSchedulerMethod = "lc"
|
|
||||||
// Weighted Least Connection assigns more jobs to servers with fewer jobs and
|
|
||||||
// relative to the real servers’weight(Ci/Wi).
|
|
||||||
WeightedLeastConnection IPVSSchedulerMethod = "wlc"
|
|
||||||
// Locality Based Least Connection assigns jobs destined for the same IP address to the same server if
|
|
||||||
// the server is not overloaded and available; otherwise assign jobs to servers with fewer jobs,
|
|
||||||
// and keep it for future assignment.
|
|
||||||
LocalityBasedLeastConnection IPVSSchedulerMethod = "lblc"
|
|
||||||
// Locality Based Least Connection with Replication assigns jobs destined for the same IP address to the
|
|
||||||
// least-connection node in the server set for the IP address. If all the node in the server set are over loaded,
|
|
||||||
// it picks up a node with fewer jobs in the cluster and adds it in the sever set for the target.
|
|
||||||
// If the server set has not been modified for the specified time, the most loaded node is removed from the server set,
|
|
||||||
// in order to avoid high degree of replication.
|
|
||||||
LocalityBasedLeastConnectionWithReplication IPVSSchedulerMethod = "lblcr"
|
|
||||||
// Source Hashing assigns jobs to servers through looking up a statically assigned hash table
|
|
||||||
// by their source IP addresses.
|
|
||||||
SourceHashing IPVSSchedulerMethod = "sh"
|
|
||||||
// Destination Hashing assigns jobs to servers through looking up a statically assigned hash table
|
|
||||||
// by their destination IP addresses.
|
|
||||||
DestinationHashing IPVSSchedulerMethod = "dh"
|
|
||||||
// Shortest Expected Delay assigns an incoming job to the server with the shortest expected delay.
|
|
||||||
// The expected delay that the job will experience is (Ci + 1) / Ui if sent to the ith server, in which
|
|
||||||
// Ci is the number of jobs on the the ith server and Ui is the fixed service rate (weight) of the ith server.
|
|
||||||
ShortestExpectedDelay IPVSSchedulerMethod = "sed"
|
|
||||||
// Never Queue assigns an incoming job to an idle server if there is, instead of waiting for a fast one;
|
|
||||||
// if all the servers are busy, it adopts the Shortest Expected Delay policy to assign the job.
|
|
||||||
NeverQueue IPVSSchedulerMethod = "nq"
|
|
||||||
)
|
|
||||||
|
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
type KubeSchedulerConfiguration struct {
|
type KubeSchedulerConfiguration struct {
|
||||||
|
@ -17,15 +17,12 @@ limitations under the License.
|
|||||||
package v1alpha1
|
package v1alpha1
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
|
||||||
"strings"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
kruntime "k8s.io/apimachinery/pkg/runtime"
|
kruntime "k8s.io/apimachinery/pkg/runtime"
|
||||||
"k8s.io/kubernetes/pkg/api"
|
"k8s.io/kubernetes/pkg/api"
|
||||||
kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
|
kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
|
||||||
"k8s.io/kubernetes/pkg/kubelet/qos"
|
|
||||||
"k8s.io/kubernetes/pkg/master/ports"
|
"k8s.io/kubernetes/pkg/master/ports"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -33,92 +30,6 @@ func addDefaultingFuncs(scheme *kruntime.Scheme) error {
|
|||||||
return RegisterDefaults(scheme)
|
return RegisterDefaults(scheme)
|
||||||
}
|
}
|
||||||
|
|
||||||
func SetDefaults_KubeProxyConfiguration(obj *KubeProxyConfiguration) {
|
|
||||||
if len(obj.BindAddress) == 0 {
|
|
||||||
obj.BindAddress = "0.0.0.0"
|
|
||||||
}
|
|
||||||
if obj.HealthzBindAddress == "" {
|
|
||||||
obj.HealthzBindAddress = fmt.Sprintf("0.0.0.0:%v", ports.ProxyHealthzPort)
|
|
||||||
} else if !strings.Contains(obj.HealthzBindAddress, ":") {
|
|
||||||
obj.HealthzBindAddress += fmt.Sprintf(":%v", ports.ProxyHealthzPort)
|
|
||||||
}
|
|
||||||
if obj.MetricsBindAddress == "" {
|
|
||||||
obj.MetricsBindAddress = fmt.Sprintf("127.0.0.1:%v", ports.ProxyStatusPort)
|
|
||||||
} else if !strings.Contains(obj.MetricsBindAddress, ":") {
|
|
||||||
obj.MetricsBindAddress += fmt.Sprintf(":%v", ports.ProxyStatusPort)
|
|
||||||
}
|
|
||||||
if obj.OOMScoreAdj == nil {
|
|
||||||
temp := int32(qos.KubeProxyOOMScoreAdj)
|
|
||||||
obj.OOMScoreAdj = &temp
|
|
||||||
}
|
|
||||||
if obj.ResourceContainer == "" {
|
|
||||||
obj.ResourceContainer = "/kube-proxy"
|
|
||||||
}
|
|
||||||
if obj.IPTables.SyncPeriod.Duration == 0 {
|
|
||||||
obj.IPTables.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
|
|
||||||
}
|
|
||||||
if obj.IPVS.SyncPeriod.Duration == 0 {
|
|
||||||
obj.IPVS.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
|
|
||||||
}
|
|
||||||
zero := metav1.Duration{}
|
|
||||||
if obj.UDPIdleTimeout == zero {
|
|
||||||
obj.UDPIdleTimeout = metav1.Duration{Duration: 250 * time.Millisecond}
|
|
||||||
}
|
|
||||||
// If ConntrackMax is set, respect it.
|
|
||||||
if obj.Conntrack.Max == 0 {
|
|
||||||
// If ConntrackMax is *not* set, use per-core scaling.
|
|
||||||
if obj.Conntrack.MaxPerCore == 0 {
|
|
||||||
obj.Conntrack.MaxPerCore = 32 * 1024
|
|
||||||
}
|
|
||||||
if obj.Conntrack.Min == 0 {
|
|
||||||
obj.Conntrack.Min = 128 * 1024
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if obj.IPTables.MasqueradeBit == nil {
|
|
||||||
temp := int32(14)
|
|
||||||
obj.IPTables.MasqueradeBit = &temp
|
|
||||||
}
|
|
||||||
if obj.Conntrack.TCPEstablishedTimeout == zero {
|
|
||||||
obj.Conntrack.TCPEstablishedTimeout = metav1.Duration{Duration: 24 * time.Hour} // 1 day (1/5 default)
|
|
||||||
}
|
|
||||||
if obj.Conntrack.TCPCloseWaitTimeout == zero {
|
|
||||||
// See https://github.com/kubernetes/kubernetes/issues/32551.
|
|
||||||
//
|
|
||||||
// CLOSE_WAIT conntrack state occurs when the Linux kernel
|
|
||||||
// sees a FIN from the remote server. Note: this is a half-close
|
|
||||||
// condition that persists as long as the local side keeps the
|
|
||||||
// socket open. The condition is rare as it is typical in most
|
|
||||||
// protocols for both sides to issue a close; this typically
|
|
||||||
// occurs when the local socket is lazily garbage collected.
|
|
||||||
//
|
|
||||||
// If the CLOSE_WAIT conntrack entry expires, then FINs from the
|
|
||||||
// local socket will not be properly SNAT'd and will not reach the
|
|
||||||
// remote server (if the connection was subject to SNAT). If the
|
|
||||||
// remote timeouts for FIN_WAIT* states exceed the CLOSE_WAIT
|
|
||||||
// timeout, then there will be an inconsistency in the state of
|
|
||||||
// the connection and a new connection reusing the SNAT (src,
|
|
||||||
// port) pair may be rejected by the remote side with RST. This
|
|
||||||
// can cause new calls to connect(2) to return with ECONNREFUSED.
|
|
||||||
//
|
|
||||||
// We set CLOSE_WAIT to one hour by default to better match
|
|
||||||
// typical server timeouts.
|
|
||||||
obj.Conntrack.TCPCloseWaitTimeout = metav1.Duration{Duration: 1 * time.Hour}
|
|
||||||
}
|
|
||||||
if obj.ConfigSyncPeriod.Duration == 0 {
|
|
||||||
obj.ConfigSyncPeriod.Duration = 15 * time.Minute
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(obj.ClientConnection.ContentType) == 0 {
|
|
||||||
obj.ClientConnection.ContentType = "application/vnd.kubernetes.protobuf"
|
|
||||||
}
|
|
||||||
if obj.ClientConnection.QPS == 0.0 {
|
|
||||||
obj.ClientConnection.QPS = 5.0
|
|
||||||
}
|
|
||||||
if obj.ClientConnection.Burst == 0 {
|
|
||||||
obj.ClientConnection.Burst = 10
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func SetDefaults_KubeSchedulerConfiguration(obj *KubeSchedulerConfiguration) {
|
func SetDefaults_KubeSchedulerConfiguration(obj *KubeSchedulerConfiguration) {
|
||||||
if obj.Port == 0 {
|
if obj.Port == 0 {
|
||||||
obj.Port = ports.SchedulerPort
|
obj.Port = ports.SchedulerPort
|
||||||
@ -174,7 +85,3 @@ func SetDefaults_LeaderElectionConfiguration(obj *LeaderElectionConfiguration) {
|
|||||||
obj.ResourceLock = "endpoints"
|
obj.ResourceLock = "endpoints"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func boolVar(b bool) *bool {
|
|
||||||
return &b
|
|
||||||
}
|
|
||||||
|
@ -44,7 +44,6 @@ func init() {
|
|||||||
|
|
||||||
func addKnownTypes(scheme *runtime.Scheme) error {
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
scheme.AddKnownTypes(SchemeGroupVersion,
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
&KubeProxyConfiguration{},
|
|
||||||
&KubeSchedulerConfiguration{},
|
&KubeSchedulerConfiguration{},
|
||||||
)
|
)
|
||||||
return nil
|
return nil
|
||||||
|
@ -20,146 +20,6 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ClientConnectionConfiguration contains details for constructing a client.
|
|
||||||
type ClientConnectionConfiguration struct {
|
|
||||||
// kubeConfigFile is the path to a kubeconfig file.
|
|
||||||
KubeConfigFile string `json:"kubeconfig"`
|
|
||||||
// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
|
|
||||||
// default value of 'application/json'. This field will control all connections to the server used by a particular
|
|
||||||
// client.
|
|
||||||
AcceptContentTypes string `json:"acceptContentTypes"`
|
|
||||||
// contentType is the content type used when sending data to the server from this client.
|
|
||||||
ContentType string `json:"contentType"`
|
|
||||||
// cps controls the number of queries per second allowed for this connection.
|
|
||||||
QPS float32 `json:"qps"`
|
|
||||||
// burst allows extra queries to accumulate when a client is exceeding its rate.
|
|
||||||
Burst int `json:"burst"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyIPTablesConfiguration contains iptables-related configuration
|
|
||||||
// details for the Kubernetes proxy server.
|
|
||||||
type KubeProxyIPTablesConfiguration struct {
|
|
||||||
// masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
|
|
||||||
// the pure iptables proxy mode. Values must be within the range [0, 31].
|
|
||||||
MasqueradeBit *int32 `json:"masqueradeBit"`
|
|
||||||
// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
|
|
||||||
MasqueradeAll bool `json:"masqueradeAll"`
|
|
||||||
// syncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m'). Must be greater than 0.
|
|
||||||
SyncPeriod metav1.Duration `json:"syncPeriod"`
|
|
||||||
// minSyncPeriod is the minimum period that iptables rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m').
|
|
||||||
MinSyncPeriod metav1.Duration `json:"minSyncPeriod"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyIPVSConfiguration contains ipvs-related configuration
|
|
||||||
// details for the Kubernetes proxy server.
|
|
||||||
type KubeProxyIPVSConfiguration struct {
|
|
||||||
// syncPeriod is the period that ipvs rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m'). Must be greater than 0.
|
|
||||||
SyncPeriod metav1.Duration `json:"syncPeriod"`
|
|
||||||
// minSyncPeriod is the minimum period that ipvs rules are refreshed (e.g. '5s', '1m',
|
|
||||||
// '2h22m').
|
|
||||||
MinSyncPeriod metav1.Duration `json:"minSyncPeriod"`
|
|
||||||
// ipvs scheduler
|
|
||||||
Scheduler string `json:"scheduler"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// KubeProxyConntrackConfiguration contains conntrack settings for
|
|
||||||
// the Kubernetes proxy server.
|
|
||||||
type KubeProxyConntrackConfiguration struct {
|
|
||||||
// max is the maximum number of NAT connections to track (0 to
|
|
||||||
// leave as-is). This takes precedence over conntrackMaxPerCore and conntrackMin.
|
|
||||||
Max int32 `json:"max"`
|
|
||||||
// maxPerCore is the maximum number of NAT connections to track
|
|
||||||
// per CPU core (0 to leave the limit as-is and ignore conntrackMin).
|
|
||||||
MaxPerCore int32 `json:"maxPerCore"`
|
|
||||||
// min is the minimum value of connect-tracking records to allocate,
|
|
||||||
// regardless of conntrackMaxPerCore (set conntrackMaxPerCore=0 to leave the limit as-is).
|
|
||||||
Min int32 `json:"min"`
|
|
||||||
// tcpEstablishedTimeout is how long an idle TCP connection will be kept open
|
|
||||||
// (e.g. '2s'). Must be greater than 0.
|
|
||||||
TCPEstablishedTimeout metav1.Duration `json:"tcpEstablishedTimeout"`
|
|
||||||
// tcpCloseWaitTimeout is how long an idle conntrack entry
|
|
||||||
// in CLOSE_WAIT state will remain in the conntrack
|
|
||||||
// table. (e.g. '60s'). Must be greater than 0 to set.
|
|
||||||
TCPCloseWaitTimeout metav1.Duration `json:"tcpCloseWaitTimeout"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
||||||
|
|
||||||
// KubeProxyConfiguration contains everything necessary to configure the
|
|
||||||
// Kubernetes proxy server.
|
|
||||||
type KubeProxyConfiguration struct {
|
|
||||||
metav1.TypeMeta `json:",inline"`
|
|
||||||
|
|
||||||
// featureGates is a comma-separated list of key=value pairs that control
|
|
||||||
// which alpha/beta features are enabled.
|
|
||||||
//
|
|
||||||
// TODO this really should be a map but that requires refactoring all
|
|
||||||
// components to use config files because local-up-cluster.sh only supports
|
|
||||||
// the --feature-gates flag right now, which is comma-separated key=value
|
|
||||||
// pairs.
|
|
||||||
FeatureGates string `json:"featureGates"`
|
|
||||||
|
|
||||||
// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
|
|
||||||
// for all interfaces)
|
|
||||||
BindAddress string `json:"bindAddress"`
|
|
||||||
// healthzBindAddress is the IP address and port for the health check server to serve on,
|
|
||||||
// defaulting to 0.0.0.0:10256
|
|
||||||
HealthzBindAddress string `json:"healthzBindAddress"`
|
|
||||||
// metricsBindAddress is the IP address and port for the metrics server to serve on,
|
|
||||||
// defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
|
|
||||||
MetricsBindAddress string `json:"metricsBindAddress"`
|
|
||||||
// enableProfiling enables profiling via web interface on /debug/pprof handler.
|
|
||||||
// Profiling handlers will be handled by metrics server.
|
|
||||||
EnableProfiling bool `json:"enableProfiling"`
|
|
||||||
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
|
|
||||||
// bridge traffic coming from outside of the cluster. If not provided,
|
|
||||||
// no off-cluster bridging will be performed.
|
|
||||||
ClusterCIDR string `json:"clusterCIDR"`
|
|
||||||
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
|
|
||||||
HostnameOverride string `json:"hostnameOverride"`
|
|
||||||
// clientConnection specifies the kubeconfig file and client connection settings for the proxy
|
|
||||||
// server to use when communicating with the apiserver.
|
|
||||||
ClientConnection ClientConnectionConfiguration `json:"clientConnection"`
|
|
||||||
// iptables contains iptables-related configuration options.
|
|
||||||
IPTables KubeProxyIPTablesConfiguration `json:"iptables"`
|
|
||||||
// ipvs contains ipvs-related configuration options.
|
|
||||||
IPVS KubeProxyIPVSConfiguration `json:"ipvs"`
|
|
||||||
// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
|
|
||||||
// the range [-1000, 1000]
|
|
||||||
OOMScoreAdj *int32 `json:"oomScoreAdj"`
|
|
||||||
// mode specifies which proxy mode to use.
|
|
||||||
Mode ProxyMode `json:"mode"`
|
|
||||||
// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
|
|
||||||
// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
|
|
||||||
PortRange string `json:"portRange"`
|
|
||||||
// resourceContainer is the bsolute name of the resource-only container to create and run
|
|
||||||
// the Kube-proxy in (Default: /kube-proxy).
|
|
||||||
ResourceContainer string `json:"resourceContainer"`
|
|
||||||
// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
|
|
||||||
// Must be greater than 0. Only applicable for proxyMode=userspace.
|
|
||||||
UDPIdleTimeout metav1.Duration `json:"udpTimeoutMilliseconds"`
|
|
||||||
// conntrack contains conntrack-related configuration options.
|
|
||||||
Conntrack KubeProxyConntrackConfiguration `json:"conntrack"`
|
|
||||||
// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
|
|
||||||
// than 0.
|
|
||||||
ConfigSyncPeriod metav1.Duration `json:"configSyncPeriod"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
|
|
||||||
// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
|
|
||||||
// change in future versions). If the iptables proxy is selected, regardless of how, but
|
|
||||||
// the system's kernel or iptables versions are insufficient, this always falls back to the
|
|
||||||
// userspace proxy.
|
|
||||||
type ProxyMode string
|
|
||||||
|
|
||||||
const (
|
|
||||||
ProxyModeUserspace ProxyMode = "userspace"
|
|
||||||
ProxyModeIPTables ProxyMode = "iptables"
|
|
||||||
)
|
|
||||||
|
|
||||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
type KubeSchedulerConfiguration struct {
|
type KubeSchedulerConfiguration struct {
|
||||||
|
4
pkg/proxy/apis/proxyconfig/OWNERS
Normal file
4
pkg/proxy/apis/proxyconfig/OWNERS
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
approvers:
|
||||||
|
- thockin
|
||||||
|
reviewers:
|
||||||
|
- sig-network-reviewers
|
19
pkg/proxy/apis/proxyconfig/doc.go
Normal file
19
pkg/proxy/apis/proxyconfig/doc.go
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2017 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen=package,register
|
||||||
|
|
||||||
|
package proxyconfig // import "k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
51
pkg/proxy/apis/proxyconfig/register.go
Normal file
51
pkg/proxy/apis/proxyconfig/register.go
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2017 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package proxyconfig
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
|
||||||
|
AddToScheme = SchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
// GroupName is the group name use in this package
|
||||||
|
const GroupName = "proxyconfig"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
|
||||||
|
|
||||||
|
// Kind takes an unqualified kind and returns a Group qualified GroupKind
|
||||||
|
func Kind(kind string) schema.GroupKind {
|
||||||
|
return SchemeGroupVersion.WithKind(kind).GroupKind()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
||||||
|
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
// TODO this will get cleaned up with the scheme types are fixed
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&KubeProxyConfiguration{},
|
||||||
|
)
|
||||||
|
return nil
|
||||||
|
}
|
40
pkg/proxy/apis/proxyconfig/scheme/scheme.go
Normal file
40
pkg/proxy/apis/proxyconfig/scheme/scheme.go
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2017 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package scheme
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/v1alpha1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Utility functions for the Kube-proxy's proxyconfig API group
|
||||||
|
|
||||||
|
// NewSchemeAndCodecs is a utility funciton that returns a Scheme and CodecFactory
|
||||||
|
// that understand the types in the proxyconfig API group.
|
||||||
|
func NewSchemeAndCodecs() (*runtime.Scheme, *serializer.CodecFactory, error) {
|
||||||
|
scheme := runtime.NewScheme()
|
||||||
|
if err := proxyconfig.AddToScheme(scheme); err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
if err := v1alpha1.AddToScheme(scheme); err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
codecs := serializer.NewCodecFactory(scheme)
|
||||||
|
return scheme, &codecs, nil
|
||||||
|
}
|
254
pkg/proxy/apis/proxyconfig/types.go
Normal file
254
pkg/proxy/apis/proxyconfig/types.go
Normal file
@ -0,0 +1,254 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2015 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package proxyconfig
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"sort"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// ClientConnectionConfiguration contains details for constructing a client.
|
||||||
|
type ClientConnectionConfiguration struct {
|
||||||
|
// kubeConfigFile is the path to a kubeconfig file.
|
||||||
|
KubeConfigFile string
|
||||||
|
// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
|
||||||
|
// default value of 'application/json'. This field will control all connections to the server used by a particular
|
||||||
|
// client.
|
||||||
|
AcceptContentTypes string
|
||||||
|
// contentType is the content type used when sending data to the server from this client.
|
||||||
|
ContentType string
|
||||||
|
// qps controls the number of queries per second allowed for this connection.
|
||||||
|
QPS float32
|
||||||
|
// burst allows extra queries to accumulate when a client is exceeding its rate.
|
||||||
|
Burst int
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyIPTablesConfiguration contains iptables-related configuration
|
||||||
|
// details for the Kubernetes proxy server.
|
||||||
|
type KubeProxyIPTablesConfiguration struct {
|
||||||
|
// masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
|
||||||
|
// the pure iptables proxy mode. Values must be within the range [0, 31].
|
||||||
|
MasqueradeBit *int32
|
||||||
|
// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
|
||||||
|
MasqueradeAll bool
|
||||||
|
// syncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m'). Must be greater than 0.
|
||||||
|
SyncPeriod metav1.Duration
|
||||||
|
// minSyncPeriod is the minimum period that iptables rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m').
|
||||||
|
MinSyncPeriod metav1.Duration
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyIPVSConfiguration contains ipvs-related configuration
|
||||||
|
// details for the Kubernetes proxy server.
|
||||||
|
type KubeProxyIPVSConfiguration struct {
|
||||||
|
// syncPeriod is the period that ipvs rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m'). Must be greater than 0.
|
||||||
|
SyncPeriod metav1.Duration
|
||||||
|
// minSyncPeriod is the minimum period that ipvs rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m').
|
||||||
|
MinSyncPeriod metav1.Duration
|
||||||
|
// ipvs scheduler
|
||||||
|
Scheduler string
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyConntrackConfiguration contains conntrack settings for
|
||||||
|
// the Kubernetes proxy server.
|
||||||
|
type KubeProxyConntrackConfiguration struct {
|
||||||
|
// max is the maximum number of NAT connections to track (0 to
|
||||||
|
// leave as-is). This takes precedence over conntrackMaxPerCore and conntrackMin.
|
||||||
|
Max int32
|
||||||
|
// maxPerCore is the maximum number of NAT connections to track
|
||||||
|
// per CPU core (0 to leave the limit as-is and ignore conntrackMin).
|
||||||
|
MaxPerCore int32
|
||||||
|
// min is the minimum value of connect-tracking records to allocate,
|
||||||
|
// regardless of conntrackMaxPerCore (set conntrackMaxPerCore=0 to leave the limit as-is).
|
||||||
|
Min int32
|
||||||
|
// tcpEstablishedTimeout is how long an idle TCP connection will be kept open
|
||||||
|
// (e.g. '2s'). Must be greater than 0.
|
||||||
|
TCPEstablishedTimeout metav1.Duration
|
||||||
|
// tcpCloseWaitTimeout is how long an idle conntrack entry
|
||||||
|
// in CLOSE_WAIT state will remain in the conntrack
|
||||||
|
// table. (e.g. '60s'). Must be greater than 0 to set.
|
||||||
|
TCPCloseWaitTimeout metav1.Duration
|
||||||
|
}
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
|
// KubeProxyConfiguration contains everything necessary to configure the
|
||||||
|
// Kubernetes proxy server.
|
||||||
|
type KubeProxyConfiguration struct {
|
||||||
|
metav1.TypeMeta
|
||||||
|
|
||||||
|
// featureGates is a comma-separated list of key=value pairs that control
|
||||||
|
// which alpha/beta features are enabled.
|
||||||
|
//
|
||||||
|
// TODO this really should be a map but that requires refactoring all
|
||||||
|
// components to use config files because local-up-cluster.sh only supports
|
||||||
|
// the --feature-gates flag right now, which is comma-separated key=value
|
||||||
|
// pairs.
|
||||||
|
FeatureGates string
|
||||||
|
|
||||||
|
// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
|
||||||
|
// for all interfaces)
|
||||||
|
BindAddress string
|
||||||
|
// healthzBindAddress is the IP address and port for the health check server to serve on,
|
||||||
|
// defaulting to 0.0.0.0:10256
|
||||||
|
HealthzBindAddress string
|
||||||
|
// metricsBindAddress is the IP address and port for the metrics server to serve on,
|
||||||
|
// defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
|
||||||
|
MetricsBindAddress string
|
||||||
|
// enableProfiling enables profiling via web interface on /debug/pprof handler.
|
||||||
|
// Profiling handlers will be handled by metrics server.
|
||||||
|
EnableProfiling bool
|
||||||
|
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
|
||||||
|
// bridge traffic coming from outside of the cluster. If not provided,
|
||||||
|
// no off-cluster bridging will be performed.
|
||||||
|
ClusterCIDR string
|
||||||
|
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
|
||||||
|
HostnameOverride string
|
||||||
|
// clientConnection specifies the kubeconfig file and client connection settings for the proxy
|
||||||
|
// server to use when communicating with the apiserver.
|
||||||
|
ClientConnection ClientConnectionConfiguration
|
||||||
|
// iptables contains iptables-related configuration options.
|
||||||
|
IPTables KubeProxyIPTablesConfiguration
|
||||||
|
// ipvs contains ipvs-related configuration options.
|
||||||
|
IPVS KubeProxyIPVSConfiguration
|
||||||
|
// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
|
||||||
|
// the range [-1000, 1000]
|
||||||
|
OOMScoreAdj *int32
|
||||||
|
// mode specifies which proxy mode to use.
|
||||||
|
Mode ProxyMode
|
||||||
|
// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
|
||||||
|
// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
|
||||||
|
PortRange string
|
||||||
|
// resourceContainer is the absolute name of the resource-only container to create and run
|
||||||
|
// the Kube-proxy in (Default: /kube-proxy).
|
||||||
|
ResourceContainer string
|
||||||
|
// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
|
||||||
|
// Must be greater than 0. Only applicable for proxyMode=userspace.
|
||||||
|
UDPIdleTimeout metav1.Duration
|
||||||
|
// conntrack contains conntrack-related configuration options.
|
||||||
|
Conntrack KubeProxyConntrackConfiguration
|
||||||
|
// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
|
||||||
|
// than 0.
|
||||||
|
ConfigSyncPeriod metav1.Duration
|
||||||
|
}
|
||||||
|
|
||||||
|
// Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
|
||||||
|
// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
|
||||||
|
// change in future versions). If the iptables proxy is selected, regardless of how, but
|
||||||
|
// the system's kernel or iptables versions are insufficient, this always falls back to the
|
||||||
|
// userspace proxy.
|
||||||
|
type ProxyMode string
|
||||||
|
|
||||||
|
const (
|
||||||
|
ProxyModeUserspace ProxyMode = "userspace"
|
||||||
|
ProxyModeIPTables ProxyMode = "iptables"
|
||||||
|
ProxyModeIPVS ProxyMode = "ipvs"
|
||||||
|
)
|
||||||
|
|
||||||
|
// IPVSSchedulerMethod is the algorithm for allocating TCP connections and
|
||||||
|
// UDP datagrams to real servers. Scheduling algorithms are imple-
|
||||||
|
//wanted as kernel modules. Ten are shipped with the Linux Virtual Server.
|
||||||
|
type IPVSSchedulerMethod string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// Robin Robin distributes jobs equally amongst the available real servers.
|
||||||
|
RoundRobin IPVSSchedulerMethod = "rr"
|
||||||
|
// Weighted Round Robin assigns jobs to real servers proportionally to there real servers' weight.
|
||||||
|
// Servers with higher weights receive new jobs first and get more jobs than servers with lower weights.
|
||||||
|
// Servers with equal weights get an equal distribution of new jobs.
|
||||||
|
WeightedRoundRobin IPVSSchedulerMethod = "wrr"
|
||||||
|
// Least Connection assigns more jobs to real servers with fewer active jobs.
|
||||||
|
LeastConnection IPVSSchedulerMethod = "lc"
|
||||||
|
// Weighted Least Connection assigns more jobs to servers with fewer jobs and
|
||||||
|
// relative to the real servers’weight(Ci/Wi).
|
||||||
|
WeightedLeastConnection IPVSSchedulerMethod = "wlc"
|
||||||
|
// Locality Based Least Connection assigns jobs destined for the same IP address to the same server if
|
||||||
|
// the server is not overloaded and available; otherwise assign jobs to servers with fewer jobs,
|
||||||
|
// and keep it for future assignment.
|
||||||
|
LocalityBasedLeastConnection IPVSSchedulerMethod = "lblc"
|
||||||
|
// Locality Based Least Connection with Replication assigns jobs destined for the same IP address to the
|
||||||
|
// least-connection node in the server set for the IP address. If all the node in the server set are over loaded,
|
||||||
|
// it picks up a node with fewer jobs in the cluster and adds it in the sever set for the target.
|
||||||
|
// If the server set has not been modified for the specified time, the most loaded node is removed from the server set,
|
||||||
|
// in order to avoid high degree of replication.
|
||||||
|
LocalityBasedLeastConnectionWithReplication IPVSSchedulerMethod = "lblcr"
|
||||||
|
// Source Hashing assigns jobs to servers through looking up a statically assigned hash table
|
||||||
|
// by their source IP addresses.
|
||||||
|
SourceHashing IPVSSchedulerMethod = "sh"
|
||||||
|
// Destination Hashing assigns jobs to servers through looking up a statically assigned hash table
|
||||||
|
// by their destination IP addresses.
|
||||||
|
DestinationHashing IPVSSchedulerMethod = "dh"
|
||||||
|
// Shortest Expected Delay assigns an incoming job to the server with the shortest expected delay.
|
||||||
|
// The expected delay that the job will experience is (Ci + 1) / Ui if sent to the ith server, in which
|
||||||
|
// Ci is the number of jobs on the the ith server and Ui is the fixed service rate (weight) of the ith server.
|
||||||
|
ShortestExpectedDelay IPVSSchedulerMethod = "sed"
|
||||||
|
// Never Queue assigns an incoming job to an idle server if there is, instead of waiting for a fast one;
|
||||||
|
// if all the servers are busy, it adopts the Shortest Expected Delay policy to assign the job.
|
||||||
|
NeverQueue IPVSSchedulerMethod = "nq"
|
||||||
|
)
|
||||||
|
|
||||||
|
func (m *ProxyMode) Set(s string) error {
|
||||||
|
*m = ProxyMode(s)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *ProxyMode) String() string {
|
||||||
|
if m != nil {
|
||||||
|
return string(*m)
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *ProxyMode) Type() string {
|
||||||
|
return "ProxyMode"
|
||||||
|
}
|
||||||
|
|
||||||
|
type ConfigurationMap map[string]string
|
||||||
|
|
||||||
|
func (m *ConfigurationMap) String() string {
|
||||||
|
pairs := []string{}
|
||||||
|
for k, v := range *m {
|
||||||
|
pairs = append(pairs, fmt.Sprintf("%s=%s", k, v))
|
||||||
|
}
|
||||||
|
sort.Strings(pairs)
|
||||||
|
return strings.Join(pairs, ",")
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *ConfigurationMap) Set(value string) error {
|
||||||
|
for _, s := range strings.Split(value, ",") {
|
||||||
|
if len(s) == 0 {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
arr := strings.SplitN(s, "=", 2)
|
||||||
|
if len(arr) == 2 {
|
||||||
|
(*m)[strings.TrimSpace(arr[0])] = strings.TrimSpace(arr[1])
|
||||||
|
} else {
|
||||||
|
(*m)[strings.TrimSpace(arr[0])] = ""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*ConfigurationMap) Type() string {
|
||||||
|
return "mapStringString"
|
||||||
|
}
|
118
pkg/proxy/apis/proxyconfig/v1alpha1/defaults.go
Normal file
118
pkg/proxy/apis/proxyconfig/v1alpha1/defaults.go
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2015 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
kruntime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/kubernetes/pkg/kubelet/qos"
|
||||||
|
"k8s.io/kubernetes/pkg/master/ports"
|
||||||
|
)
|
||||||
|
|
||||||
|
func addDefaultingFuncs(scheme *kruntime.Scheme) error {
|
||||||
|
return RegisterDefaults(scheme)
|
||||||
|
}
|
||||||
|
|
||||||
|
func SetDefaults_KubeProxyConfiguration(obj *KubeProxyConfiguration) {
|
||||||
|
if len(obj.BindAddress) == 0 {
|
||||||
|
obj.BindAddress = "0.0.0.0"
|
||||||
|
}
|
||||||
|
if obj.HealthzBindAddress == "" {
|
||||||
|
obj.HealthzBindAddress = fmt.Sprintf("0.0.0.0:%v", ports.ProxyHealthzPort)
|
||||||
|
} else if !strings.Contains(obj.HealthzBindAddress, ":") {
|
||||||
|
obj.HealthzBindAddress += fmt.Sprintf(":%v", ports.ProxyHealthzPort)
|
||||||
|
}
|
||||||
|
if obj.MetricsBindAddress == "" {
|
||||||
|
obj.MetricsBindAddress = fmt.Sprintf("127.0.0.1:%v", ports.ProxyStatusPort)
|
||||||
|
} else if !strings.Contains(obj.MetricsBindAddress, ":") {
|
||||||
|
obj.MetricsBindAddress += fmt.Sprintf(":%v", ports.ProxyStatusPort)
|
||||||
|
}
|
||||||
|
if obj.OOMScoreAdj == nil {
|
||||||
|
temp := int32(qos.KubeProxyOOMScoreAdj)
|
||||||
|
obj.OOMScoreAdj = &temp
|
||||||
|
}
|
||||||
|
if obj.ResourceContainer == "" {
|
||||||
|
obj.ResourceContainer = "/kube-proxy"
|
||||||
|
}
|
||||||
|
if obj.IPTables.SyncPeriod.Duration == 0 {
|
||||||
|
obj.IPTables.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
|
||||||
|
}
|
||||||
|
if obj.IPVS.SyncPeriod.Duration == 0 {
|
||||||
|
obj.IPVS.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
|
||||||
|
}
|
||||||
|
zero := metav1.Duration{}
|
||||||
|
if obj.UDPIdleTimeout == zero {
|
||||||
|
obj.UDPIdleTimeout = metav1.Duration{Duration: 250 * time.Millisecond}
|
||||||
|
}
|
||||||
|
// If ConntrackMax is set, respect it.
|
||||||
|
if obj.Conntrack.Max == 0 {
|
||||||
|
// If ConntrackMax is *not* set, use per-core scaling.
|
||||||
|
if obj.Conntrack.MaxPerCore == 0 {
|
||||||
|
obj.Conntrack.MaxPerCore = 32 * 1024
|
||||||
|
}
|
||||||
|
if obj.Conntrack.Min == 0 {
|
||||||
|
obj.Conntrack.Min = 128 * 1024
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if obj.IPTables.MasqueradeBit == nil {
|
||||||
|
temp := int32(14)
|
||||||
|
obj.IPTables.MasqueradeBit = &temp
|
||||||
|
}
|
||||||
|
if obj.Conntrack.TCPEstablishedTimeout == zero {
|
||||||
|
obj.Conntrack.TCPEstablishedTimeout = metav1.Duration{Duration: 24 * time.Hour} // 1 day (1/5 default)
|
||||||
|
}
|
||||||
|
if obj.Conntrack.TCPCloseWaitTimeout == zero {
|
||||||
|
// See https://github.com/kubernetes/kubernetes/issues/32551.
|
||||||
|
//
|
||||||
|
// CLOSE_WAIT conntrack state occurs when the Linux kernel
|
||||||
|
// sees a FIN from the remote server. Note: this is a half-close
|
||||||
|
// condition that persists as long as the local side keeps the
|
||||||
|
// socket open. The condition is rare as it is typical in most
|
||||||
|
// protocols for both sides to issue a close; this typically
|
||||||
|
// occurs when the local socket is lazily garbage collected.
|
||||||
|
//
|
||||||
|
// If the CLOSE_WAIT conntrack entry expires, then FINs from the
|
||||||
|
// local socket will not be properly SNAT'd and will not reach the
|
||||||
|
// remote server (if the connection was subject to SNAT). If the
|
||||||
|
// remote timeouts for FIN_WAIT* states exceed the CLOSE_WAIT
|
||||||
|
// timeout, then there will be an inconsistency in the state of
|
||||||
|
// the connection and a new connection reusing the SNAT (src,
|
||||||
|
// port) pair may be rejected by the remote side with RST. This
|
||||||
|
// can cause new calls to connect(2) to return with ECONNREFUSED.
|
||||||
|
//
|
||||||
|
// We set CLOSE_WAIT to one hour by default to better match
|
||||||
|
// typical server timeouts.
|
||||||
|
obj.Conntrack.TCPCloseWaitTimeout = metav1.Duration{Duration: 1 * time.Hour}
|
||||||
|
}
|
||||||
|
if obj.ConfigSyncPeriod.Duration == 0 {
|
||||||
|
obj.ConfigSyncPeriod.Duration = 15 * time.Minute
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(obj.ClientConnection.ContentType) == 0 {
|
||||||
|
obj.ClientConnection.ContentType = "application/vnd.kubernetes.protobuf"
|
||||||
|
}
|
||||||
|
if obj.ClientConnection.QPS == 0.0 {
|
||||||
|
obj.ClientConnection.QPS = 5.0
|
||||||
|
}
|
||||||
|
if obj.ClientConnection.Burst == 0 {
|
||||||
|
obj.ClientConnection.Burst = 10
|
||||||
|
}
|
||||||
|
}
|
22
pkg/proxy/apis/proxyconfig/v1alpha1/doc.go
Normal file
22
pkg/proxy/apis/proxyconfig/v1alpha1/doc.go
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2017 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen=package,register
|
||||||
|
// +k8s:conversion-gen=k8s.io/kubernetes/pkg/proxy/apis/proxyconfig
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
|
||||||
|
package v1alpha1 // import "k8s.io/kubernetes/pkg/proxy/apis/proxyconfig/v1alpha1"
|
50
pkg/proxy/apis/proxyconfig/v1alpha1/register.go
Normal file
50
pkg/proxy/apis/proxyconfig/v1alpha1/register.go
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2015 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
// GroupName is the group name use in this package
|
||||||
|
const GroupName = "proxyconfig"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
|
||||||
|
// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs)
|
||||||
|
}
|
||||||
|
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&KubeProxyConfiguration{},
|
||||||
|
)
|
||||||
|
return nil
|
||||||
|
}
|
161
pkg/proxy/apis/proxyconfig/v1alpha1/types.go
Normal file
161
pkg/proxy/apis/proxyconfig/v1alpha1/types.go
Normal file
@ -0,0 +1,161 @@
|
|||||||
|
/*
|
||||||
|
Copyright 2017 The Kubernetes Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// ClientConnectionConfiguration contains details for constructing a client.
|
||||||
|
type ClientConnectionConfiguration struct {
|
||||||
|
// kubeConfigFile is the path to a kubeconfig file.
|
||||||
|
KubeConfigFile string `json:"kubeconfig"`
|
||||||
|
// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
|
||||||
|
// default value of 'application/json'. This field will control all connections to the server used by a particular
|
||||||
|
// client.
|
||||||
|
AcceptContentTypes string `json:"acceptContentTypes"`
|
||||||
|
// contentType is the content type used when sending data to the server from this client.
|
||||||
|
ContentType string `json:"contentType"`
|
||||||
|
// cps controls the number of queries per second allowed for this connection.
|
||||||
|
QPS float32 `json:"qps"`
|
||||||
|
// burst allows extra queries to accumulate when a client is exceeding its rate.
|
||||||
|
Burst int `json:"burst"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyIPTablesConfiguration contains iptables-related configuration
|
||||||
|
// details for the Kubernetes proxy server.
|
||||||
|
type KubeProxyIPTablesConfiguration struct {
|
||||||
|
// masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
|
||||||
|
// the pure iptables proxy mode. Values must be within the range [0, 31].
|
||||||
|
MasqueradeBit *int32 `json:"masqueradeBit"`
|
||||||
|
// masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
|
||||||
|
MasqueradeAll bool `json:"masqueradeAll"`
|
||||||
|
// syncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m'). Must be greater than 0.
|
||||||
|
SyncPeriod metav1.Duration `json:"syncPeriod"`
|
||||||
|
// minSyncPeriod is the minimum period that iptables rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m').
|
||||||
|
MinSyncPeriod metav1.Duration `json:"minSyncPeriod"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyIPVSConfiguration contains ipvs-related configuration
|
||||||
|
// details for the Kubernetes proxy server.
|
||||||
|
type KubeProxyIPVSConfiguration struct {
|
||||||
|
// syncPeriod is the period that ipvs rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m'). Must be greater than 0.
|
||||||
|
SyncPeriod metav1.Duration `json:"syncPeriod"`
|
||||||
|
// minSyncPeriod is the minimum period that ipvs rules are refreshed (e.g. '5s', '1m',
|
||||||
|
// '2h22m').
|
||||||
|
MinSyncPeriod metav1.Duration `json:"minSyncPeriod"`
|
||||||
|
// ipvs scheduler
|
||||||
|
Scheduler string `json:"scheduler"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// KubeProxyConntrackConfiguration contains conntrack settings for
|
||||||
|
// the Kubernetes proxy server.
|
||||||
|
type KubeProxyConntrackConfiguration struct {
|
||||||
|
// max is the maximum number of NAT connections to track (0 to
|
||||||
|
// leave as-is). This takes precedence over conntrackMaxPerCore and conntrackMin.
|
||||||
|
Max int32 `json:"max"`
|
||||||
|
// maxPerCore is the maximum number of NAT connections to track
|
||||||
|
// per CPU core (0 to leave the limit as-is and ignore conntrackMin).
|
||||||
|
MaxPerCore int32 `json:"maxPerCore"`
|
||||||
|
// min is the minimum value of connect-tracking records to allocate,
|
||||||
|
// regardless of conntrackMaxPerCore (set conntrackMaxPerCore=0 to leave the limit as-is).
|
||||||
|
Min int32 `json:"min"`
|
||||||
|
// tcpEstablishedTimeout is how long an idle TCP connection will be kept open
|
||||||
|
// (e.g. '2s'). Must be greater than 0.
|
||||||
|
TCPEstablishedTimeout metav1.Duration `json:"tcpEstablishedTimeout"`
|
||||||
|
// tcpCloseWaitTimeout is how long an idle conntrack entry
|
||||||
|
// in CLOSE_WAIT state will remain in the conntrack
|
||||||
|
// table. (e.g. '60s'). Must be greater than 0 to set.
|
||||||
|
TCPCloseWaitTimeout metav1.Duration `json:"tcpCloseWaitTimeout"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
|
||||||
|
// KubeProxyConfiguration contains everything necessary to configure the
|
||||||
|
// Kubernetes proxy server.
|
||||||
|
type KubeProxyConfiguration struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
|
||||||
|
// featureGates is a comma-separated list of key=value pairs that control
|
||||||
|
// which alpha/beta features are enabled.
|
||||||
|
//
|
||||||
|
// TODO this really should be a map but that requires refactoring all
|
||||||
|
// components to use config files because local-up-cluster.sh only supports
|
||||||
|
// the --feature-gates flag right now, which is comma-separated key=value
|
||||||
|
// pairs.
|
||||||
|
FeatureGates string `json:"featureGates"`
|
||||||
|
|
||||||
|
// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
|
||||||
|
// for all interfaces)
|
||||||
|
BindAddress string `json:"bindAddress"`
|
||||||
|
// healthzBindAddress is the IP address and port for the health check server to serve on,
|
||||||
|
// defaulting to 0.0.0.0:10256
|
||||||
|
HealthzBindAddress string `json:"healthzBindAddress"`
|
||||||
|
// metricsBindAddress is the IP address and port for the metrics server to serve on,
|
||||||
|
// defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
|
||||||
|
MetricsBindAddress string `json:"metricsBindAddress"`
|
||||||
|
// enableProfiling enables profiling via web interface on /debug/pprof handler.
|
||||||
|
// Profiling handlers will be handled by metrics server.
|
||||||
|
EnableProfiling bool `json:"enableProfiling"`
|
||||||
|
// clusterCIDR is the CIDR range of the pods in the cluster. It is used to
|
||||||
|
// bridge traffic coming from outside of the cluster. If not provided,
|
||||||
|
// no off-cluster bridging will be performed.
|
||||||
|
ClusterCIDR string `json:"clusterCIDR"`
|
||||||
|
// hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
|
||||||
|
HostnameOverride string `json:"hostnameOverride"`
|
||||||
|
// clientConnection specifies the kubeconfig file and client connection settings for the proxy
|
||||||
|
// server to use when communicating with the apiserver.
|
||||||
|
ClientConnection ClientConnectionConfiguration `json:"clientConnection"`
|
||||||
|
// iptables contains iptables-related configuration options.
|
||||||
|
IPTables KubeProxyIPTablesConfiguration `json:"iptables"`
|
||||||
|
// ipvs contains ipvs-related configuration options.
|
||||||
|
IPVS KubeProxyIPVSConfiguration `json:"ipvs"`
|
||||||
|
// oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
|
||||||
|
// the range [-1000, 1000]
|
||||||
|
OOMScoreAdj *int32 `json:"oomScoreAdj"`
|
||||||
|
// mode specifies which proxy mode to use.
|
||||||
|
Mode ProxyMode `json:"mode"`
|
||||||
|
// portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
|
||||||
|
// in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
|
||||||
|
PortRange string `json:"portRange"`
|
||||||
|
// resourceContainer is the bsolute name of the resource-only container to create and run
|
||||||
|
// the Kube-proxy in (Default: /kube-proxy).
|
||||||
|
ResourceContainer string `json:"resourceContainer"`
|
||||||
|
// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
|
||||||
|
// Must be greater than 0. Only applicable for proxyMode=userspace.
|
||||||
|
UDPIdleTimeout metav1.Duration `json:"udpTimeoutMilliseconds"`
|
||||||
|
// conntrack contains conntrack-related configuration options.
|
||||||
|
Conntrack KubeProxyConntrackConfiguration `json:"conntrack"`
|
||||||
|
// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
|
||||||
|
// than 0.
|
||||||
|
ConfigSyncPeriod metav1.Duration `json:"configSyncPeriod"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
|
||||||
|
// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
|
||||||
|
// change in future versions). If the iptables proxy is selected, regardless of how, but
|
||||||
|
// the system's kernel or iptables versions are insufficient, this always falls back to the
|
||||||
|
// userspace proxy.
|
||||||
|
type ProxyMode string
|
||||||
|
|
||||||
|
const (
|
||||||
|
ProxyModeUserspace ProxyMode = "userspace"
|
||||||
|
ProxyModeIPTables ProxyMode = "iptables"
|
||||||
|
)
|
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package app
|
package validation
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
@ -25,11 +25,11 @@ import (
|
|||||||
utilnet "k8s.io/apimachinery/pkg/util/net"
|
utilnet "k8s.io/apimachinery/pkg/util/net"
|
||||||
"k8s.io/apimachinery/pkg/util/validation/field"
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
||||||
apivalidation "k8s.io/kubernetes/pkg/api/validation"
|
apivalidation "k8s.io/kubernetes/pkg/api/validation"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Validate validates the configuration of kube-proxy
|
// Validate validates the configuration of kube-proxy
|
||||||
func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList {
|
func Validate(config *proxyconfig.KubeProxyConfiguration) field.ErrorList {
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
||||||
|
|
||||||
newPath := field.NewPath("KubeProxyConfiguration")
|
newPath := field.NewPath("KubeProxyConfiguration")
|
||||||
@ -38,7 +38,7 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList {
|
|||||||
allErrs = append(allErrs, validateKubeProxyConntrackConfiguration(config.Conntrack, newPath.Child("KubeProxyConntrackConfiguration"))...)
|
allErrs = append(allErrs, validateKubeProxyConntrackConfiguration(config.Conntrack, newPath.Child("KubeProxyConntrackConfiguration"))...)
|
||||||
allErrs = append(allErrs, validateProxyMode(config.Mode, newPath.Child("Mode"))...)
|
allErrs = append(allErrs, validateProxyMode(config.Mode, newPath.Child("Mode"))...)
|
||||||
allErrs = append(allErrs, validateClientConnectionConfiguration(config.ClientConnection, newPath.Child("ClientConnection"))...)
|
allErrs = append(allErrs, validateClientConnectionConfiguration(config.ClientConnection, newPath.Child("ClientConnection"))...)
|
||||||
allErrs = append(allErrs, validateIPVSSchedulerMethod(componentconfig.IPVSSchedulerMethod(config.IPVS.Scheduler), newPath.Child("KubeProxyIPVSConfiguration").Child("Scheduler"))...)
|
allErrs = append(allErrs, validateIPVSSchedulerMethod(proxyconfig.IPVSSchedulerMethod(config.IPVS.Scheduler), newPath.Child("KubeProxyIPVSConfiguration").Child("Scheduler"))...)
|
||||||
|
|
||||||
if config.OOMScoreAdj != nil && (*config.OOMScoreAdj < -1000 || *config.OOMScoreAdj > 1000) {
|
if config.OOMScoreAdj != nil && (*config.OOMScoreAdj < -1000 || *config.OOMScoreAdj > 1000) {
|
||||||
allErrs = append(allErrs, field.Invalid(newPath.Child("OOMScoreAdj"), *config.OOMScoreAdj, "must be within the range [-1000, 1000]"))
|
allErrs = append(allErrs, field.Invalid(newPath.Child("OOMScoreAdj"), *config.OOMScoreAdj, "must be within the range [-1000, 1000]"))
|
||||||
@ -72,7 +72,7 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList {
|
|||||||
return allErrs
|
return allErrs
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateKubeProxyIPTablesConfiguration(config componentconfig.KubeProxyIPTablesConfiguration, fldPath *field.Path) field.ErrorList {
|
func validateKubeProxyIPTablesConfiguration(config proxyconfig.KubeProxyIPTablesConfiguration, fldPath *field.Path) field.ErrorList {
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
||||||
|
|
||||||
if config.MasqueradeBit != nil && (*config.MasqueradeBit < 0 || *config.MasqueradeBit > 31) {
|
if config.MasqueradeBit != nil && (*config.MasqueradeBit < 0 || *config.MasqueradeBit > 31) {
|
||||||
@ -90,7 +90,7 @@ func validateKubeProxyIPTablesConfiguration(config componentconfig.KubeProxyIPTa
|
|||||||
return allErrs
|
return allErrs
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateKubeProxyConntrackConfiguration(config componentconfig.KubeProxyConntrackConfiguration, fldPath *field.Path) field.ErrorList {
|
func validateKubeProxyConntrackConfiguration(config proxyconfig.KubeProxyConntrackConfiguration, fldPath *field.Path) field.ErrorList {
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
||||||
|
|
||||||
if config.Max < 0 {
|
if config.Max < 0 {
|
||||||
@ -116,22 +116,22 @@ func validateKubeProxyConntrackConfiguration(config componentconfig.KubeProxyCon
|
|||||||
return allErrs
|
return allErrs
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateProxyMode(mode componentconfig.ProxyMode, fldPath *field.Path) field.ErrorList {
|
func validateProxyMode(mode proxyconfig.ProxyMode, fldPath *field.Path) field.ErrorList {
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
||||||
switch mode {
|
switch mode {
|
||||||
case componentconfig.ProxyModeUserspace:
|
case proxyconfig.ProxyModeUserspace:
|
||||||
case componentconfig.ProxyModeIPTables:
|
case proxyconfig.ProxyModeIPTables:
|
||||||
case componentconfig.ProxyModeIPVS:
|
case proxyconfig.ProxyModeIPVS:
|
||||||
case "":
|
case "":
|
||||||
default:
|
default:
|
||||||
modes := []string{string(componentconfig.ProxyModeUserspace), string(componentconfig.ProxyModeIPTables), string(componentconfig.ProxyModeIPVS)}
|
modes := []string{string(proxyconfig.ProxyModeUserspace), string(proxyconfig.ProxyModeIPTables), string(proxyconfig.ProxyModeIPVS)}
|
||||||
errMsg := fmt.Sprintf("must be %s or blank (blank means the best-available proxy (currently iptables)", strings.Join(modes, ","))
|
errMsg := fmt.Sprintf("must be %s or blank (blank means the best-available proxy (currently iptables)", strings.Join(modes, ","))
|
||||||
allErrs = append(allErrs, field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg))
|
allErrs = append(allErrs, field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg))
|
||||||
}
|
}
|
||||||
return allErrs
|
return allErrs
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateClientConnectionConfiguration(config componentconfig.ClientConnectionConfiguration, fldPath *field.Path) field.ErrorList {
|
func validateClientConnectionConfiguration(config proxyconfig.ClientConnectionConfiguration, fldPath *field.Path) field.ErrorList {
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
||||||
allErrs = append(allErrs, apivalidation.ValidateNonnegativeField(int64(config.Burst), fldPath.Child("Burst"))...)
|
allErrs = append(allErrs, apivalidation.ValidateNonnegativeField(int64(config.Burst), fldPath.Child("Burst"))...)
|
||||||
return allErrs
|
return allErrs
|
||||||
@ -159,18 +159,18 @@ func validateHostPort(input string, fldPath *field.Path) field.ErrorList {
|
|||||||
return allErrs
|
return allErrs
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateIPVSSchedulerMethod(scheduler componentconfig.IPVSSchedulerMethod, fldPath *field.Path) field.ErrorList {
|
func validateIPVSSchedulerMethod(scheduler proxyconfig.IPVSSchedulerMethod, fldPath *field.Path) field.ErrorList {
|
||||||
supportedMethod := []componentconfig.IPVSSchedulerMethod{
|
supportedMethod := []proxyconfig.IPVSSchedulerMethod{
|
||||||
componentconfig.RoundRobin,
|
proxyconfig.RoundRobin,
|
||||||
componentconfig.WeightedRoundRobin,
|
proxyconfig.WeightedRoundRobin,
|
||||||
componentconfig.LeastConnection,
|
proxyconfig.LeastConnection,
|
||||||
componentconfig.WeightedLeastConnection,
|
proxyconfig.WeightedLeastConnection,
|
||||||
componentconfig.LocalityBasedLeastConnection,
|
proxyconfig.LocalityBasedLeastConnection,
|
||||||
componentconfig.LocalityBasedLeastConnectionWithReplication,
|
proxyconfig.LocalityBasedLeastConnectionWithReplication,
|
||||||
componentconfig.SourceHashing,
|
proxyconfig.SourceHashing,
|
||||||
componentconfig.DestinationHashing,
|
proxyconfig.DestinationHashing,
|
||||||
componentconfig.ShortestExpectedDelay,
|
proxyconfig.ShortestExpectedDelay,
|
||||||
componentconfig.NeverQueue,
|
proxyconfig.NeverQueue,
|
||||||
"",
|
"",
|
||||||
}
|
}
|
||||||
allErrs := field.ErrorList{}
|
allErrs := field.ErrorList{}
|
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package app
|
package validation
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
@ -23,11 +23,11 @@ import (
|
|||||||
|
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/validation/field"
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
||||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
"k8s.io/kubernetes/pkg/proxy/apis/proxyconfig"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestValidateKubeProxyConfiguration(t *testing.T) {
|
func TestValidateKubeProxyConfiguration(t *testing.T) {
|
||||||
successCases := []componentconfig.KubeProxyConfiguration{
|
successCases := []proxyconfig.KubeProxyConfiguration{
|
||||||
{
|
{
|
||||||
BindAddress: "192.168.59.103",
|
BindAddress: "192.168.59.103",
|
||||||
HealthzBindAddress: "0.0.0.0:10256",
|
HealthzBindAddress: "0.0.0.0:10256",
|
||||||
@ -35,12 +35,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
ClusterCIDR: "192.168.59.0/24",
|
ClusterCIDR: "192.168.59.0/24",
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -57,11 +57,11 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
config componentconfig.KubeProxyConfiguration
|
config proxyconfig.KubeProxyConfiguration
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
// only BindAddress is invalid
|
// only BindAddress is invalid
|
||||||
BindAddress: "10.10.12.11:2000",
|
BindAddress: "10.10.12.11:2000",
|
||||||
HealthzBindAddress: "0.0.0.0:10256",
|
HealthzBindAddress: "0.0.0.0:10256",
|
||||||
@ -69,12 +69,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
ClusterCIDR: "192.168.59.0/24",
|
ClusterCIDR: "192.168.59.0/24",
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -85,7 +85,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
msg: "not a valid textual representation of an IP address",
|
msg: "not a valid textual representation of an IP address",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: "10.10.12.11",
|
BindAddress: "10.10.12.11",
|
||||||
// only HealthzBindAddress is invalid
|
// only HealthzBindAddress is invalid
|
||||||
HealthzBindAddress: "0.0.0.0",
|
HealthzBindAddress: "0.0.0.0",
|
||||||
@ -93,12 +93,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
ClusterCIDR: "192.168.59.0/24",
|
ClusterCIDR: "192.168.59.0/24",
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -109,7 +109,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
msg: "must be IP:port",
|
msg: "must be IP:port",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: "10.10.12.11",
|
BindAddress: "10.10.12.11",
|
||||||
HealthzBindAddress: "0.0.0.0:12345",
|
HealthzBindAddress: "0.0.0.0:12345",
|
||||||
// only MetricsBindAddress is invalid
|
// only MetricsBindAddress is invalid
|
||||||
@ -117,12 +117,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
ClusterCIDR: "192.168.59.0/24",
|
ClusterCIDR: "192.168.59.0/24",
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -133,7 +133,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
msg: "must be IP:port",
|
msg: "must be IP:port",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: "10.10.12.11",
|
BindAddress: "10.10.12.11",
|
||||||
HealthzBindAddress: "0.0.0.0:12345",
|
HealthzBindAddress: "0.0.0.0:12345",
|
||||||
MetricsBindAddress: "127.0.0.1:10249",
|
MetricsBindAddress: "127.0.0.1:10249",
|
||||||
@ -141,12 +141,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
ClusterCIDR: "192.168.59.0",
|
ClusterCIDR: "192.168.59.0",
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -157,7 +157,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
msg: "must be a valid CIDR block (e.g. 10.100.0.0/16)",
|
msg: "must be a valid CIDR block (e.g. 10.100.0.0/16)",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: "10.10.12.11",
|
BindAddress: "10.10.12.11",
|
||||||
HealthzBindAddress: "0.0.0.0:12345",
|
HealthzBindAddress: "0.0.0.0:12345",
|
||||||
MetricsBindAddress: "127.0.0.1:10249",
|
MetricsBindAddress: "127.0.0.1:10249",
|
||||||
@ -165,12 +165,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
// only UDPIdleTimeout is invalid
|
// only UDPIdleTimeout is invalid
|
||||||
UDPIdleTimeout: metav1.Duration{Duration: -1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: -1 * time.Second},
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: 1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -181,7 +181,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than 0",
|
msg: "must be greater than 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConfiguration{
|
config: proxyconfig.KubeProxyConfiguration{
|
||||||
BindAddress: "10.10.12.11",
|
BindAddress: "10.10.12.11",
|
||||||
HealthzBindAddress: "0.0.0.0:12345",
|
HealthzBindAddress: "0.0.0.0:12345",
|
||||||
MetricsBindAddress: "127.0.0.1:10249",
|
MetricsBindAddress: "127.0.0.1:10249",
|
||||||
@ -189,12 +189,12 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
UDPIdleTimeout: metav1.Duration{Duration: 1 * time.Second},
|
||||||
// only ConfigSyncPeriod is invalid
|
// only ConfigSyncPeriod is invalid
|
||||||
ConfigSyncPeriod: metav1.Duration{Duration: -1 * time.Second},
|
ConfigSyncPeriod: metav1.Duration{Duration: -1 * time.Second},
|
||||||
IPTables: componentconfig.KubeProxyIPTablesConfiguration{
|
IPTables: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
},
|
},
|
||||||
Conntrack: componentconfig.KubeProxyConntrackConfiguration{
|
Conntrack: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -217,7 +217,7 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
|
|||||||
|
|
||||||
func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
||||||
valid := int32(5)
|
valid := int32(5)
|
||||||
successCases := []componentconfig.KubeProxyIPTablesConfiguration{
|
successCases := []proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
{
|
{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
@ -239,11 +239,11 @@ func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
|||||||
|
|
||||||
invalid := int32(-10)
|
invalid := int32(-10)
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
config componentconfig.KubeProxyIPTablesConfiguration
|
config proxyconfig.KubeProxyIPTablesConfiguration
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyIPTablesConfiguration{
|
config: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: -5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: -5 * time.Second},
|
||||||
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
|
||||||
@ -251,7 +251,7 @@ func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than 0",
|
msg: "must be greater than 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyIPTablesConfiguration{
|
config: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeBit: &valid,
|
MasqueradeBit: &valid,
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
@ -260,7 +260,7 @@ func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than or equal to 0",
|
msg: "must be greater than or equal to 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyIPTablesConfiguration{
|
config: proxyconfig.KubeProxyIPTablesConfiguration{
|
||||||
MasqueradeBit: &invalid,
|
MasqueradeBit: &invalid,
|
||||||
MasqueradeAll: true,
|
MasqueradeAll: true,
|
||||||
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
SyncPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||||
@ -280,7 +280,7 @@ func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
||||||
successCases := []componentconfig.KubeProxyConntrackConfiguration{
|
successCases := []proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
{
|
{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
@ -304,11 +304,11 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
config componentconfig.KubeProxyConntrackConfiguration
|
config proxyconfig.KubeProxyConntrackConfiguration
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConntrackConfiguration{
|
config: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(-1),
|
Max: int32(-1),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -318,7 +318,7 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than or equal to 0",
|
msg: "must be greater than or equal to 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConntrackConfiguration{
|
config: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(-1),
|
MaxPerCore: int32(-1),
|
||||||
Min: int32(1),
|
Min: int32(1),
|
||||||
@ -328,7 +328,7 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than or equal to 0",
|
msg: "must be greater than or equal to 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConntrackConfiguration{
|
config: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(2),
|
Max: int32(2),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(-1),
|
Min: int32(-1),
|
||||||
@ -338,7 +338,7 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than or equal to 0",
|
msg: "must be greater than or equal to 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConntrackConfiguration{
|
config: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(4),
|
Max: int32(4),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(3),
|
Min: int32(3),
|
||||||
@ -348,7 +348,7 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
msg: "must be greater than 0",
|
msg: "must be greater than 0",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
config: componentconfig.KubeProxyConntrackConfiguration{
|
config: proxyconfig.KubeProxyConntrackConfiguration{
|
||||||
Max: int32(4),
|
Max: int32(4),
|
||||||
MaxPerCore: int32(1),
|
MaxPerCore: int32(1),
|
||||||
Min: int32(3),
|
Min: int32(3),
|
||||||
@ -371,11 +371,11 @@ func TestValidateKubeProxyConntrackConfiguration(t *testing.T) {
|
|||||||
func TestValidateProxyMode(t *testing.T) {
|
func TestValidateProxyMode(t *testing.T) {
|
||||||
newPath := field.NewPath("KubeProxyConfiguration")
|
newPath := field.NewPath("KubeProxyConfiguration")
|
||||||
|
|
||||||
successCases := []componentconfig.ProxyMode{
|
successCases := []proxyconfig.ProxyMode{
|
||||||
componentconfig.ProxyModeUserspace,
|
proxyconfig.ProxyModeUserspace,
|
||||||
componentconfig.ProxyModeIPTables,
|
proxyconfig.ProxyModeIPTables,
|
||||||
componentconfig.ProxyModeIPVS,
|
proxyconfig.ProxyModeIPVS,
|
||||||
componentconfig.ProxyMode(""),
|
proxyconfig.ProxyMode(""),
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, successCase := range successCases {
|
for _, successCase := range successCases {
|
||||||
@ -385,11 +385,11 @@ func TestValidateProxyMode(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
mode componentconfig.ProxyMode
|
mode proxyconfig.ProxyMode
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
mode: componentconfig.ProxyMode("non-existing"),
|
mode: proxyconfig.ProxyMode("non-existing"),
|
||||||
msg: "or blank (blank means the best-available proxy (currently iptables)",
|
msg: "or blank (blank means the best-available proxy (currently iptables)",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -406,7 +406,7 @@ func TestValidateProxyMode(t *testing.T) {
|
|||||||
func TestValidateClientConnectionConfiguration(t *testing.T) {
|
func TestValidateClientConnectionConfiguration(t *testing.T) {
|
||||||
newPath := field.NewPath("KubeProxyConfiguration")
|
newPath := field.NewPath("KubeProxyConfiguration")
|
||||||
|
|
||||||
successCases := []componentconfig.ClientConnectionConfiguration{
|
successCases := []proxyconfig.ClientConnectionConfiguration{
|
||||||
{
|
{
|
||||||
Burst: 0,
|
Burst: 0,
|
||||||
},
|
},
|
||||||
@ -422,11 +422,11 @@ func TestValidateClientConnectionConfiguration(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
ccc componentconfig.ClientConnectionConfiguration
|
ccc proxyconfig.ClientConnectionConfiguration
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
ccc: componentconfig.ClientConnectionConfiguration{Burst: -5},
|
ccc: proxyconfig.ClientConnectionConfiguration{Burst: -5},
|
||||||
msg: "must be greater than or equal to 0",
|
msg: "must be greater than or equal to 0",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -493,17 +493,17 @@ func TestValidateHostPort(t *testing.T) {
|
|||||||
func TestValidateIPVSSchedulerMethod(t *testing.T) {
|
func TestValidateIPVSSchedulerMethod(t *testing.T) {
|
||||||
newPath := field.NewPath("KubeProxyConfiguration")
|
newPath := field.NewPath("KubeProxyConfiguration")
|
||||||
|
|
||||||
successCases := []componentconfig.IPVSSchedulerMethod{
|
successCases := []proxyconfig.IPVSSchedulerMethod{
|
||||||
componentconfig.RoundRobin,
|
proxyconfig.RoundRobin,
|
||||||
componentconfig.WeightedRoundRobin,
|
proxyconfig.WeightedRoundRobin,
|
||||||
componentconfig.LeastConnection,
|
proxyconfig.LeastConnection,
|
||||||
componentconfig.WeightedLeastConnection,
|
proxyconfig.WeightedLeastConnection,
|
||||||
componentconfig.LocalityBasedLeastConnection,
|
proxyconfig.LocalityBasedLeastConnection,
|
||||||
componentconfig.LocalityBasedLeastConnectionWithReplication,
|
proxyconfig.LocalityBasedLeastConnectionWithReplication,
|
||||||
componentconfig.SourceHashing,
|
proxyconfig.SourceHashing,
|
||||||
componentconfig.DestinationHashing,
|
proxyconfig.DestinationHashing,
|
||||||
componentconfig.ShortestExpectedDelay,
|
proxyconfig.ShortestExpectedDelay,
|
||||||
componentconfig.NeverQueue,
|
proxyconfig.NeverQueue,
|
||||||
"",
|
"",
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -514,11 +514,11 @@ func TestValidateIPVSSchedulerMethod(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
errorCases := []struct {
|
errorCases := []struct {
|
||||||
mode componentconfig.IPVSSchedulerMethod
|
mode proxyconfig.IPVSSchedulerMethod
|
||||||
msg string
|
msg string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
mode: componentconfig.IPVSSchedulerMethod("non-existing"),
|
mode: proxyconfig.IPVSSchedulerMethod("non-existing"),
|
||||||
msg: "blank means the default algorithm method (currently rr)",
|
msg: "blank means the default algorithm method (currently rr)",
|
||||||
},
|
},
|
||||||
}
|
}
|
@ -459,7 +459,6 @@ var ephemeralWhiteList = createEphemeralWhiteList(
|
|||||||
|
|
||||||
// k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1
|
// k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1
|
||||||
gvr("componentconfig", "v1alpha1", "kubeschedulerconfigurations"), // not stored in etcd
|
gvr("componentconfig", "v1alpha1", "kubeschedulerconfigurations"), // not stored in etcd
|
||||||
gvr("componentconfig", "v1alpha1", "kubeproxyconfigurations"), // not stored in etcd
|
|
||||||
// --
|
// --
|
||||||
|
|
||||||
// k8s.io/kubernetes/pkg/apis/extensions/v1beta1
|
// k8s.io/kubernetes/pkg/apis/extensions/v1beta1
|
||||||
|
Loading…
Reference in New Issue
Block a user