Merge pull request #91886 from sbangari/fixsourcevip

Fix access to Kubernetes Service from inside Windows Pod when two ser…
This commit is contained in:
Kubernetes Prow Robot 2020-06-09 14:49:50 -07:00 committed by GitHub
commit 6ac3ca4b17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 53 additions and 15 deletions

View File

@ -290,6 +290,24 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, ser
return info return info
} }
func (network hnsNetworkInfo) findRemoteSubnetProviderAddress(ip string) string {
var providerAddress string
for _, rs := range network.remoteSubnets {
_, ipNet, err := net.ParseCIDR(rs.destinationPrefix)
if err != nil {
klog.Fatalf("%v", err)
}
if ipNet.Contains(net.ParseIP(ip)) {
providerAddress = rs.providerAddress
}
if ip == rs.providerAddress {
providerAddress = rs.providerAddress
}
}
return providerAddress
}
type endpointsChange struct { type endpointsChange struct {
previous proxyEndpointsMap previous proxyEndpointsMap
current proxyEndpointsMap current proxyEndpointsMap
@ -1169,24 +1187,12 @@ func (proxier *Proxier) syncProxyRules() {
return return
} }
proxier.network = *updatedNetwork proxier.network = *updatedNetwork
var providerAddress string
for _, rs := range proxier.network.remoteSubnets { providerAddress := proxier.network.findRemoteSubnetProviderAddress(ep.ip)
_, ipNet, err := net.ParseCIDR(rs.destinationPrefix)
if err != nil {
klog.Fatalf("%v", err)
}
if ipNet.Contains(net.ParseIP(ep.ip)) {
providerAddress = rs.providerAddress
}
if ep.ip == rs.providerAddress {
providerAddress = rs.providerAddress
containsNodeIP = true
}
}
if len(providerAddress) == 0 { if len(providerAddress) == 0 {
klog.Infof("Could not find provider address for %s. Assuming it is a public IP", ep.ip) klog.Infof("Could not find provider address for %s. Assuming it is a public IP", ep.ip)
providerAddress = proxier.nodeIP.String() providerAddress = proxier.nodeIP.String()
containsPublicIP = true
} }
hnsEndpoint := &endpointsInfo{ hnsEndpoint := &endpointsInfo{
@ -1216,6 +1222,17 @@ func (proxier *Proxier) syncProxyRules() {
} }
} }
if proxier.network.networkType == "Overlay" {
providerAddress := proxier.network.findRemoteSubnetProviderAddress(ep.ip)
isNodeIP := (ep.ip == providerAddress)
isPublicIP := (len(providerAddress) == 0)
klog.Infof("Endpoint %s on overlay network %s is classified as NodeIp: %v, Public Ip: %v", ep.ip, hnsNetworkName, isNodeIP, isPublicIP)
containsNodeIP = containsNodeIP || isNodeIP
containsPublicIP = containsPublicIP || isPublicIP
}
// Save the hnsId for reference // Save the hnsId for reference
LogJson(newHnsEndpoint, "Hns Endpoint resource", 1) LogJson(newHnsEndpoint, "Hns Endpoint resource", 1)
hnsEndpoints = append(hnsEndpoints, *newHnsEndpoint) hnsEndpoints = append(hnsEndpoints, *newHnsEndpoint)

View File

@ -340,6 +340,27 @@ func TestNoopEndpointSlice(t *testing.T) {
p.OnEndpointSlicesSynced() p.OnEndpointSlicesSynced()
} }
func TestFindRemoteSubnetProviderAddress(t *testing.T) {
networkInfo, _ := newFakeHNS().getNetworkByName("TestNetwork")
pa := networkInfo.findRemoteSubnetProviderAddress(providerAddress)
if pa != providerAddress {
t.Errorf("%v does not match %v", pa, providerAddress)
}
pa = networkInfo.findRemoteSubnetProviderAddress(epIpAddressRemote)
if pa != providerAddress {
t.Errorf("%v does not match %v", pa, providerAddress)
}
pa = networkInfo.findRemoteSubnetProviderAddress(serviceVip)
if len(pa) != 0 {
t.Errorf("Provider address is not empty as expected")
}
}
func makeNSN(namespace, name string) types.NamespacedName { func makeNSN(namespace, name string) types.NamespacedName {
return types.NamespacedName{Namespace: namespace, Name: name} return types.NamespacedName{Namespace: namespace, Name: name}
} }