Merge pull request #91886 from sbangari/fixsourcevip

Fix access to Kubernetes Service from inside Windows Pod when two ser…
2025-07-30 15:05:27 +00:00 · 2020-06-09 14:49:50 -07:00 · 2020-06-09 14:49:50 -07:00 · 6ac3ca4b17
commit 6ac3ca4b17
parent dbfc3aa877 c3eb69c1f1
2 changed files with 53 additions and 15 deletions
--- a/pkg/proxy/winkernel/proxier.go
+++ b/pkg/proxy/winkernel/proxier.go
@ -290,6 +290,24 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, ser
 	return info
 }
 func (network hnsNetworkInfo) findRemoteSubnetProviderAddress(ip string) string {
 	var providerAddress string
 	for _, rs := range network.remoteSubnets {
 		_, ipNet, err := net.ParseCIDR(rs.destinationPrefix)
 		if err != nil {
 			klog.Fatalf("%v", err)
 		}
 		if ipNet.Contains(net.ParseIP(ip)) {
 			providerAddress = rs.providerAddress
 		}
 		if ip == rs.providerAddress {
 			providerAddress = rs.providerAddress
 		}
 	}
 	return providerAddress
 }
 type endpointsChange struct {
 	previous proxyEndpointsMap
 	current  proxyEndpointsMap
@ -1169,24 +1187,12 @@ func (proxier *Proxier) syncProxyRules() {
 						return
 					}
 					proxier.network = *updatedNetwork
-					var providerAddress string
+
-					for _, rs := range proxier.network.remoteSubnets {
+					providerAddress := proxier.network.findRemoteSubnetProviderAddress(ep.ip)
-						_, ipNet, err := net.ParseCIDR(rs.destinationPrefix)
+
 						if err != nil {
 							klog.Fatalf("%v", err)
 						}
 						if ipNet.Contains(net.ParseIP(ep.ip)) {
 							providerAddress = rs.providerAddress
 						}
 						if ep.ip == rs.providerAddress {
 							providerAddress = rs.providerAddress
 							containsNodeIP = true
 						}
 					}
 					if len(providerAddress) == 0 {
 						klog.Infof("Could not find provider address for %s. Assuming it is a public IP", ep.ip)
 						providerAddress = proxier.nodeIP.String()
 						containsPublicIP = true
 					}
 					hnsEndpoint := &endpointsInfo{
@ -1216,6 +1222,17 @@ func (proxier *Proxier) syncProxyRules() {
 				}
 			}
 			if proxier.network.networkType == "Overlay" {
 				providerAddress := proxier.network.findRemoteSubnetProviderAddress(ep.ip)
 				isNodeIP := (ep.ip == providerAddress)
 				isPublicIP := (len(providerAddress) == 0)
 				klog.Infof("Endpoint %s on overlay network %s is classified as NodeIp: %v, Public Ip: %v", ep.ip, hnsNetworkName, isNodeIP, isPublicIP)
 				containsNodeIP = containsNodeIP || isNodeIP
 				containsPublicIP = containsPublicIP || isPublicIP
 			}
 			// Save the hnsId for reference
 			LogJson(newHnsEndpoint, "Hns Endpoint resource", 1)
 			hnsEndpoints = append(hnsEndpoints, *newHnsEndpoint)
--- a/pkg/proxy/winkernel/proxier_test.go
+++ b/pkg/proxy/winkernel/proxier_test.go
@ -340,6 +340,27 @@ func TestNoopEndpointSlice(t *testing.T) {
 	p.OnEndpointSlicesSynced()
 }
 func TestFindRemoteSubnetProviderAddress(t *testing.T) {
 	networkInfo, _ := newFakeHNS().getNetworkByName("TestNetwork")
 	pa := networkInfo.findRemoteSubnetProviderAddress(providerAddress)
 	if pa != providerAddress {
 		t.Errorf("%v does not match %v", pa, providerAddress)
 	}
 	pa = networkInfo.findRemoteSubnetProviderAddress(epIpAddressRemote)
 	if pa != providerAddress {
 		t.Errorf("%v does not match %v", pa, providerAddress)
 	}
 	pa = networkInfo.findRemoteSubnetProviderAddress(serviceVip)
 	if len(pa) != 0 {
 		t.Errorf("Provider address is not empty as expected")
 	}
 }
 func makeNSN(namespace, name string) types.NamespacedName {
 	return types.NamespacedName{Namespace: namespace, Name: name}
 }