diff --git a/contrib/mesos/pkg/minion/server.go b/contrib/mesos/pkg/minion/server.go index 83003971aa9..3eee739ac1c 100644 --- a/contrib/mesos/pkg/minion/server.go +++ b/contrib/mesos/pkg/minion/server.go @@ -69,6 +69,7 @@ type MinionServer struct { runProxy bool proxyLogV int proxyBindall bool + proxyMode string } // NewMinionServer creates the MinionServer struct with default values to be used by hyperkube @@ -82,6 +83,7 @@ func NewMinionServer() *MinionServer { logMaxBackups: config.DefaultLogMaxBackups, logMaxAgeInDays: config.DefaultLogMaxAgeInDays, runProxy: true, + proxyMode: "userspace", // upstream default is "iptables" post-v1.1 } // cache this for later use @@ -136,6 +138,7 @@ func (ms *MinionServer) launchProxyServer() { fmt.Sprintf("--v=%d", ms.proxyLogV), "--logtostderr=true", "--resource-container=" + path.Join("/", ms.mesosCgroup, "kube-proxy"), + "--proxy-mode=" + ms.proxyMode, } if ms.clientConfig.Host != "" { @@ -342,4 +345,5 @@ func (ms *MinionServer) AddMinionFlags(fs *pflag.FlagSet) { fs.BoolVar(&ms.runProxy, "run-proxy", ms.runProxy, "Maintain a running kube-proxy instance as a child proc of this kubelet-executor.") fs.IntVar(&ms.proxyLogV, "proxy-logv", ms.proxyLogV, "Log verbosity of the child kube-proxy.") fs.BoolVar(&ms.proxyBindall, "proxy-bindall", ms.proxyBindall, "When true will cause kube-proxy to bind to 0.0.0.0.") + fs.StringVar(&ms.proxyMode, "proxy-mode", ms.proxyMode, "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.") } diff --git a/contrib/mesos/pkg/scheduler/service/service.go b/contrib/mesos/pkg/scheduler/service/service.go index ce892e433b3..ba67fc5f941 100644 --- a/contrib/mesos/pkg/scheduler/service/service.go +++ b/contrib/mesos/pkg/scheduler/service/service.go @@ -121,6 +121,7 @@ type SchedulerServer struct { runProxy bool proxyBindall bool proxyLogV int + proxyMode string minionPathOverride string minionLogMaxSize resource.Quantity @@ -186,6 +187,8 @@ func NewSchedulerServer() *SchedulerServer { defaultContainerCPULimit: mresource.DefaultDefaultContainerCPULimit, defaultContainerMemLimit: mresource.DefaultDefaultContainerMemLimit, + proxyMode: "userspace", // upstream default is "iptables" post-v1.1 + minionLogMaxSize: minioncfg.DefaultLogMaxSize(), minionLogMaxBackups: minioncfg.DefaultLogMaxBackups, minionLogMaxAgeInDays: minioncfg.DefaultLogMaxAgeInDays, @@ -271,6 +274,7 @@ func (s *SchedulerServer) addCoreFlags(fs *pflag.FlagSet) { fs.BoolVar(&s.proxyBindall, "proxy-bindall", s.proxyBindall, "When true pass -proxy-bindall to the executor.") fs.BoolVar(&s.runProxy, "run-proxy", s.runProxy, "Run the kube-proxy as a side process of the executor.") fs.IntVar(&s.proxyLogV, "proxy-logv", s.proxyLogV, "Logging verbosity of spawned minion proxy processes.") + fs.StringVar(&s.proxyMode, "proxy-mode", s.proxyMode, "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.") fs.StringVar(&s.minionPathOverride, "minion-path-override", s.minionPathOverride, "Override the PATH in the environment of the minion sub-processes.") fs.Var(resource.NewQuantityFlagValue(&s.minionLogMaxSize), "minion-max-log-size", "Maximum log file size for the executor and proxy before rotation") @@ -360,6 +364,7 @@ func (s *SchedulerServer) prepareExecutorInfo(hks hyperkube.Interface) (*mesos.E ci.Arguments = append(ci.Arguments, fmt.Sprintf("--run-proxy=%v", s.runProxy)) ci.Arguments = append(ci.Arguments, fmt.Sprintf("--proxy-bindall=%v", s.proxyBindall)) ci.Arguments = append(ci.Arguments, fmt.Sprintf("--proxy-logv=%d", s.proxyLogV)) + ci.Arguments = append(ci.Arguments, fmt.Sprintf("--proxy-mode=%v", s.proxyMode)) ci.Arguments = append(ci.Arguments, fmt.Sprintf("--path-override=%s", s.minionPathOverride)) ci.Arguments = append(ci.Arguments, fmt.Sprintf("--max-log-size=%v", s.minionLogMaxSize.String()))