github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-04 09:49:50 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #76109 from vllry/kubeproxy-autocleanup

Browse Source 
Remove kube-proxy autocleanup for inactive modes
This commit is contained in:
Kubernetes Prow Robot 2019-04-04 22:31:31 -07:00 committed by GitHub
commit 71f4c9a51c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 2 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kube-proxy/app/server.go
View File

@ -143,7 +143,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
fs.BoolVar(&o.CleanupAndExit, "cleanup-iptables", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.") fs.BoolVar(&o.CleanupAndExit, "cleanup-iptables", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
fs.MarkDeprecated("cleanup-iptables", "This flag is replaced by --cleanup.") fs.MarkDeprecated("cleanup-iptables", "This flag is replaced by --cleanup.")
fs.BoolVar(&o.CleanupAndExit, "cleanup", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.") fs.BoolVar(&o.CleanupAndExit, "cleanup", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
fs.BoolVar(&o.CleanupIPVS, "cleanup-ipvs", o.CleanupIPVS, "If true make kube-proxy cleanup ipvs rules before running. Default is true") fs.BoolVar(&o.CleanupIPVS, "cleanup-ipvs", o.CleanupIPVS, "If true and --cleanup is specified, kube-proxy will also flush IPVS rules, in addition to normal cleanup.")
// All flags below here are deprecated and will eventually be removed. // All flags below here are deprecated and will eventually be removed.

30
cmd/kube-proxy/app/server_others.go
View File

@ -53,13 +53,12 @@ import (
// NewProxyServer returns a new ProxyServer. // NewProxyServer returns a new ProxyServer.
func NewProxyServer(o *Options) (*ProxyServer, error) { func NewProxyServer(o *Options) (*ProxyServer, error) {
return newProxyServer(o.config, o.CleanupAndExit, o.CleanupIPVS, o.scheme, o.master) return newProxyServer(o.config, o.CleanupAndExit, o.scheme, o.master)
} }
func newProxyServer( func newProxyServer(
config *proxyconfigapi.KubeProxyConfiguration, config *proxyconfigapi.KubeProxyConfiguration,
cleanupAndExit bool, cleanupAndExit bool,
cleanupIPVS bool,
scheme *runtime.Scheme, scheme *runtime.Scheme,
master string) (*ProxyServer, error) { master string) (*ProxyServer, error) {
@ -174,17 +173,6 @@ func newProxyServer(
proxier = proxierIPTables proxier = proxierIPTables
serviceEventHandler = proxierIPTables serviceEventHandler = proxierIPTables
endpointsEventHandler = proxierIPTables endpointsEventHandler = proxierIPTables
// No turning back. Remove artifacts that might still exist from the userspace Proxier.
klog.V(0).Info("Tearing down inactive rules.")
// TODO this has side effects that should only happen when Run() is invoked.
userspace.CleanupLeftovers(iptInterface)
// IPVS Proxier will generate some iptables rules, need to clean them before switching to other proxy mode.
// Besides, ipvs proxier will create some ipvs rules as well. Because there is no way to tell if a given
// ipvs rule is created by IPVS proxier or not. Users should explicitly specify `--clean-ipvs=true` to flush
// all ipvs rules when kube-proxy start up. Users do this operation should be with caution.
if canUseIPVS {
ipvs.CleanupLeftovers(ipvsInterface, iptInterface, ipsetInterface, cleanupIPVS)
}
} else if proxyMode == proxyModeIPVS { } else if proxyMode == proxyModeIPVS {
klog.V(0).Info("Using ipvs Proxier.") klog.V(0).Info("Using ipvs Proxier.")
proxierIPVS, err := ipvs.NewProxier( proxierIPVS, err := ipvs.NewProxier(
@ -214,10 +202,6 @@ func newProxyServer(
proxier = proxierIPVS proxier = proxierIPVS
serviceEventHandler = proxierIPVS serviceEventHandler = proxierIPVS
endpointsEventHandler = proxierIPVS endpointsEventHandler = proxierIPVS
klog.V(0).Info("Tearing down inactive rules.")
// TODO this has side effects that should only happen when Run() is invoked.
userspace.CleanupLeftovers(iptInterface)
iptables.CleanupLeftovers(iptInterface)
} else { } else {
klog.V(0).Info("Using userspace Proxier.") klog.V(0).Info("Using userspace Proxier.")
// This is a proxy.LoadBalancer which NewProxier needs but has methods we don't need for // This is a proxy.LoadBalancer which NewProxier needs but has methods we don't need for
@ -243,18 +227,6 @@ func newProxyServer(
} }
serviceEventHandler = proxierUserspace serviceEventHandler = proxierUserspace
proxier = proxierUserspace proxier = proxierUserspace
// Remove artifacts from the iptables and ipvs Proxier, if not on Windows.
klog.V(0).Info("Tearing down inactive rules.")
// TODO this has side effects that should only happen when Run() is invoked.
iptables.CleanupLeftovers(iptInterface)
// IPVS Proxier will generate some iptables rules, need to clean them before switching to other proxy mode.
// Besides, ipvs proxier will create some ipvs rules as well. Because there is no way to tell if a given
// ipvs rule is created by IPVS proxier or not. Users should explicitly specify `--clean-ipvs=true` to flush
// all ipvs rules when kube-proxy start up. Users do this operation should be with caution.
if canUseIPVS {
ipvs.CleanupLeftovers(ipvsInterface, iptInterface, ipsetInterface, cleanupIPVS)
}
} }
iptInterface.AddReloadFunc(proxier.Sync) iptInterface.AddReloadFunc(proxier.Sync)

2
cmd/kube-proxy/app/server_windows.go
View File

@ -144,8 +144,6 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi
} }
proxier = proxierUserspace proxier = proxierUserspace
serviceEventHandler = proxierUserspace serviceEventHandler = proxierUserspace
klog.V(0).Info("Tearing down pure-winkernel proxy rules.")
winkernel.CleanupLeftovers()
} }
return &ProxyServer{ return &ProxyServer{