Merge pull request #121814 from danwinship/kubemark-iptables

Remove --use-real-proxier support from kubemark

cmd/kubemark/app/hollow_node.go

@@ -18,7 +18,6 @@ package app
 
 import (
 	"context"
-	"errors"
 	goflag "flag"
 	"fmt"
 	"time"
@@ -42,7 +41,6 @@ import (
 	_ "k8s.io/component-base/metrics/prometheus/version"    // for version metric registration
 	"k8s.io/component-base/version"
 	"k8s.io/component-base/version/verflag"
-	fakesysctl "k8s.io/component-helpers/node/util/sysctl/testing"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/cluster/ports"
 	cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
@@ -53,8 +51,6 @@ import (
 	"k8s.io/kubernetes/pkg/kubemark"
 	kubemarkproxy "k8s.io/kubernetes/pkg/proxy/kubemark"
 	utilflag "k8s.io/kubernetes/pkg/util/flag"
-	fakeiptables "k8s.io/kubernetes/pkg/util/iptables/testing"
-	fakeexec "k8s.io/utils/exec/testing"
 )
 
 type hollowNodeConfig struct {
@@ -67,14 +63,16 @@ type hollowNodeConfig struct {
 	NodeName                string
 	ServerPort              int
 	ContentType             string
-	UseRealProxier          bool
-	ProxierSyncPeriod       time.Duration
-	ProxierMinSyncPeriod    time.Duration
 	NodeLabels              map[string]string
 	RegisterWithTaints      []v1.Taint
 	MaxPods                 int
 	ExtendedResources       map[string]string
 	UseHostImageService     bool
+
+	// Deprecated config; remove these with the corresponding flags
+	UseRealProxier       bool
+	ProxierSyncPeriod    time.Duration
+	ProxierMinSyncPeriod time.Duration
 }
 
 const (
@@ -96,9 +94,6 @@ func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) {
 	fs.IntVar(&c.ServerPort, "api-server-port", 443, "Port on which API server is listening.")
 	fs.StringVar(&c.Morph, "morph", "", fmt.Sprintf("Specifies into which Hollow component this binary should morph. Allowed values: %v", knownMorphs.List()))
 	fs.StringVar(&c.ContentType, "kube-api-content-type", "application/vnd.kubernetes.protobuf", "ContentType of requests sent to apiserver.")
-	fs.BoolVar(&c.UseRealProxier, "use-real-proxier", true, "Set to true if you want to use real proxier inside hollow-proxy.")
-	fs.DurationVar(&c.ProxierSyncPeriod, "proxier-sync-period", 30*time.Second, "Period that proxy rules are refreshed in hollow-proxy.")
-	fs.DurationVar(&c.ProxierMinSyncPeriod, "proxier-min-sync-period", 0, "Minimum period that proxy rules are refreshed in hollow-proxy.")
 	bindableNodeLabels := cliflag.ConfigurationMap(c.NodeLabels)
 	fs.Var(&bindableNodeLabels, "node-labels", "Additional node labels")
 	fs.Var(utilflag.RegisterWithTaintsVar{Value: &c.RegisterWithTaints}, "register-with-taints", "Register the node with the given list of taints (comma separated \"<key>=<value>:<effect>\"). No-op if register-node is false.")
@@ -106,6 +101,13 @@ func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) {
 	bindableExtendedResources := cliflag.ConfigurationMap(c.ExtendedResources)
 	fs.Var(&bindableExtendedResources, "extended-resources", "Register the node with extended resources (comma separated \"<name>=<quantity>\")")
 	fs.BoolVar(&c.UseHostImageService, "use-host-image-service", true, "Set to true if the hollow-kubelet should use the host image service. If set to false the fake image service will be used")
+
+	fs.BoolVar(&c.UseRealProxier, "use-real-proxier", true, "Has no effect.")
+	_ = fs.MarkDeprecated("use-real-proxier", "This flag is deprecated and will be removed in a future release.")
+	fs.DurationVar(&c.ProxierSyncPeriod, "proxier-sync-period", 30*time.Second, "Has no effect.")
+	_ = fs.MarkDeprecated("proxier-sync-period", "This flag is deprecated and will be removed in a future release.")
+	fs.DurationVar(&c.ProxierMinSyncPeriod, "proxier-min-sync-period", 0, "Has no effect.")
+	_ = fs.MarkDeprecated("proxier-min-sync-period", "This flag is deprecated and will be removed in a future release.")
 }
 
 func (c *hollowNodeConfig) createClientConfigFromFile() (*restclient.Config, error) {
@@ -272,30 +274,16 @@ func run(config *hollowNodeConfig) error {
 		if err != nil {
 			return fmt.Errorf("Failed to create API Server client, error: %w", err)
 		}
-		iptInterface := fakeiptables.NewFake()
-		sysctl := fakesysctl.NewFake()
-		execer := &fakeexec.FakeExec{
-			LookPathFunc: func(_ string) (string, error) { return "", errors.New("fake execer") },
-		}
 		eventBroadcaster := events.NewBroadcaster(&events.EventSinkImpl{Interface: client.EventsV1()})
 		recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, "kube-proxy")
 
-		hollowProxy, err := kubemarkproxy.NewHollowProxyOrDie(
+		hollowProxy := kubemarkproxy.NewHollowProxy(
 			config.NodeName,
 			client,
 			client.CoreV1(),
-			iptInterface,
-			sysctl,
-			execer,
 			eventBroadcaster,
 			recorder,
-			config.UseRealProxier,
-			config.ProxierSyncPeriod,
-			config.ProxierMinSyncPeriod,
 		)
-		if err != nil {
-			return fmt.Errorf("Failed to create hollowProxy instance, error: %w", err)
-		}
 		return hollowProxy.Run()
 	}
 

pkg/proxy/kubemark/hollow_proxy.go

@@ -27,20 +27,10 @@ import (
 	clientset "k8s.io/client-go/kubernetes"
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/tools/events"
-	utilsysctl "k8s.io/component-helpers/node/util/sysctl"
 	proxyapp "k8s.io/kubernetes/cmd/kube-proxy/app"
-	"k8s.io/kubernetes/pkg/proxy"
 	proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config"
 	proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
-	"k8s.io/kubernetes/pkg/proxy/iptables"
-	proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables"
-	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
-	utilnode "k8s.io/kubernetes/pkg/util/node"
-	utilexec "k8s.io/utils/exec"
-	netutils "k8s.io/utils/net"
 	"k8s.io/utils/ptr"
-
-	"k8s.io/klog/v2"
 )
 
 type HollowProxy struct {
@@ -64,67 +54,13 @@ func (*FakeProxier) OnEndpointSliceUpdate(oldSlice, slice *discoveryv1.EndpointS
 func (*FakeProxier) OnEndpointSliceDelete(slice *discoveryv1.EndpointSlice)           {}
 func (*FakeProxier) OnEndpointSlicesSynced()                                          {}
 
-func NewHollowProxyOrDie(
+func NewHollowProxy(
 	nodeName string,
 	client clientset.Interface,
 	eventClient v1core.EventsGetter,
-	iptInterface utiliptables.Interface,
-	sysctl utilsysctl.Interface,
-	execer utilexec.Interface,
 	broadcaster events.EventBroadcaster,
 	recorder events.EventRecorder,
-	useRealProxier bool,
-	proxierSyncPeriod time.Duration,
-	proxierMinSyncPeriod time.Duration,
-) (*HollowProxy, error) {
-	// Create proxier and service/endpoint handlers.
-	var proxier proxy.Provider
-	var err error
-
-	if useRealProxier {
-		nodeIP := utilnode.GetNodeIP(client, nodeName)
-		if nodeIP == nil {
-			klog.InfoS("Can't determine this node's IP, assuming 127.0.0.1")
-			nodeIP = netutils.ParseIPSloppy("127.0.0.1")
-		}
-		family := v1.IPv4Protocol
-		if iptInterface.IsIPv6() {
-			family = v1.IPv6Protocol
-		}
-		// Real proxier with fake iptables, sysctl, etc underneath it.
-		//var err error
-		proxier, err = iptables.NewProxier(
-			family,
-			iptInterface,
-			sysctl,
-			execer,
-			proxierSyncPeriod,
-			proxierMinSyncPeriod,
-			false,
-			false,
-			0,
-			proxyutiliptables.NewNoOpLocalDetector(),
-			nodeName,
-			nodeIP,
-			recorder,
-			nil,
-			[]string{},
-			false,
-		)
-		if err != nil {
-			return nil, fmt.Errorf("unable to create proxier: %v", err)
-		}
-	} else {
-		proxier = &FakeProxier{}
-	}
-
-	// Create a Hollow Proxy instance.
-	nodeRef := &v1.ObjectReference{
-		Kind:      "Node",
-		Name:      nodeName,
-		UID:       types.UID(nodeName),
-		Namespace: "",
-	}
+) *HollowProxy {
 	return &HollowProxy{
 		ProxyServer: &proxyapp.ProxyServer{
 			Config: &proxyconfigapi.KubeProxyConfiguration{
@@ -134,12 +70,17 @@ func NewHollowProxyOrDie(
 			},
 
 			Client:      client,
-			Proxier:     proxier,
+			Proxier:     &FakeProxier{},
 			Broadcaster: broadcaster,
 			Recorder:    recorder,
-			NodeRef:     nodeRef,
+			NodeRef: &v1.ObjectReference{
+				Kind:      "Node",
+				Name:      nodeName,
+				UID:       types.UID(nodeName),
+				Namespace: "",
+			},
 		},
-	}, nil
+	}
 }
 
 func (hp *HollowProxy) Run() error {

vendor/modules.txt

@@ -2067,7 +2067,6 @@ k8s.io/component-helpers/auth/rbac/validation
 k8s.io/component-helpers/node/topology
 k8s.io/component-helpers/node/util
 k8s.io/component-helpers/node/util/sysctl
-k8s.io/component-helpers/node/util/sysctl/testing
 k8s.io/component-helpers/scheduling/corev1
 k8s.io/component-helpers/scheduling/corev1/nodeaffinity
 k8s.io/component-helpers/storage/ephemeral