github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 19:56:01 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #71355 from bradhoekstra/kube-proxy-services-optional

Browse Source 
Make kube-proxy service abstraction optional
This commit is contained in:
Kubernetes Prow Robot 2018-12-19 15:27:12 -08:00 committed by GitHub
commit 7ce7a80cda
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 67 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/kube-proxy/app/BUILD
View File

@ -43,6 +43,7 @@ go_library(
"//pkg/version/verflag:go_default_library", "//pkg/version/verflag:go_default_library",
"//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/apis/config:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/config:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",

6
cmd/kube-proxy/app/server.go
View File

@ -30,6 +30,7 @@ import (
"k8s.io/api/core/v1" "k8s.io/api/core/v1"
apimachineryconfig "k8s.io/apimachinery/pkg/apis/config" apimachineryconfig "k8s.io/apimachinery/pkg/apis/config"
v1meta "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/apimachinery/pkg/runtime/serializer"
"k8s.io/apimachinery/pkg/runtime/serializer/json" "k8s.io/apimachinery/pkg/runtime/serializer/json"
@ -560,7 +561,10 @@ func (s *ProxyServer) Run() error {
} }
} }
informerFactory := informers.NewSharedInformerFactory(s.Client, s.ConfigSyncPeriod) informerFactory := informers.NewSharedInformerFactoryWithOptions(s.Client, s.ConfigSyncPeriod,
informers.WithTweakListOptions(func(options *v1meta.ListOptions) {
options.LabelSelector = "!service.kubernetes.io/service-proxy-name"
}))
// Create configs (i.e. Watches for Services and Endpoints) // Create configs (i.e. Watches for Services and Endpoints)
// Note: RegisterHandler() calls need to happen before creation of Sources because sources // Note: RegisterHandler() calls need to happen before creation of Sources because sources

61
test/e2e/network/service.go
View File

@ -1687,6 +1687,67 @@ var _ = SIGDescribe("Services", func() {
svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeCluster svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeCluster
execAffinityTestForLBService(f, cs, svc, true) execAffinityTestForLBService(f, cs, svc, true)
}) })
It("should implement service.kubernetes.io/service-proxy-name", func() {
// this test uses framework.NodeSSHHosts that does not work if a Node only reports LegacyHostIP
framework.SkipUnlessProviderIs(framework.ProvidersWithSSH...)
// this test does not work if the Node does not support SSH Key
framework.SkipUnlessSSHKeyPresent()
ns := f.Namespace.Name
numPods, servicePort := 3, defaultServeHostnameServicePort
serviceProxyNameLabels := map[string]string{"service.kubernetes.io/service-proxy-name": "foo-bar"}
// We will create 2 services to test creating services in both states and also dynamic updates
// svcDisabled: Created with the label, will always be disabled. We create this early and
// test again late to make sure it never becomes available.
// svcToggled: Created without the label then the label is toggled verifying reachability at each step.
By("creating service-disabled in namespace " + ns)
svcDisabled := getServeHostnameService("service-disabled")
svcDisabled.ObjectMeta.Labels = serviceProxyNameLabels
_, svcDisabledIP, err := framework.StartServeHostnameService(cs, internalClientset, svcDisabled, ns, numPods)
Expect(err).NotTo(HaveOccurred())
By("creating service in namespace " + ns)
svcToggled := getServeHostnameService("service")
podToggledNames, svcToggledIP, err := framework.StartServeHostnameService(cs, internalClientset, svcToggled, ns, numPods)
Expect(err).NotTo(HaveOccurred())
jig := framework.NewServiceTestJig(cs, svcToggled.ObjectMeta.Name)
hosts, err := framework.NodeSSHHosts(cs)
Expect(err).NotTo(HaveOccurred())
if len(hosts) == 0 {
framework.Failf("No ssh-able nodes")
}
host := hosts[0]
By("verifying service is up")
framework.ExpectNoError(framework.VerifyServeHostnameServiceUp(cs, ns, host, podToggledNames, svcToggledIP, servicePort))
By("verifying service-disabled is not up")
framework.ExpectNoError(framework.VerifyServeHostnameServiceDown(cs, host, svcDisabledIP, servicePort))
By("adding service-proxy-name label")
jig.UpdateServiceOrFail(ns, svcToggled.ObjectMeta.Name, func(svc *v1.Service) {
svc.ObjectMeta.Labels = serviceProxyNameLabels
})
By("verifying service is not up")
framework.ExpectNoError(framework.VerifyServeHostnameServiceDown(cs, host, svcToggledIP, servicePort))
By("removing service-proxy-name annotation")
jig.UpdateServiceOrFail(ns, svcToggled.ObjectMeta.Name, func(svc *v1.Service) {
svc.ObjectMeta.Labels = nil
})
By("verifying service is up")
framework.ExpectNoError(framework.VerifyServeHostnameServiceUp(cs, ns, host, podToggledNames, svcToggledIP, servicePort))
By("verifying service-disabled is still not up")
framework.ExpectNoError(framework.VerifyServeHostnameServiceDown(cs, host, svcDisabledIP, servicePort))
})
}) })
// TODO: Get rid of [DisabledForLargeClusters] tag when issue #56138 is fixed. // TODO: Get rid of [DisabledForLargeClusters] tag when issue #56138 is fixed.