From 83595f500a412e8cb4a3073a0a68e52a95a1c884 Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Wed, 15 Jan 2025 15:55:02 -0500 Subject: [PATCH] NFTablesProxyMode to GA --- cmd/kube-proxy/app/server_linux.go | 10 +++------- pkg/features/versioned_kube_features.go | 1 + pkg/proxy/apis/config/validation/validation.go | 6 +----- .../test_data/versioned_feature_list.yaml | 4 ++++ 4 files changed, 9 insertions(+), 12 deletions(-) diff --git a/cmd/kube-proxy/app/server_linux.go b/cmd/kube-proxy/app/server_linux.go index 46873e821ea..56fb9d5e45e 100644 --- a/cmd/kube-proxy/app/server_linux.go +++ b/cmd/kube-proxy/app/server_linux.go @@ -36,13 +36,11 @@ import ( "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" - utilfeature "k8s.io/apiserver/pkg/util/feature" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/cache" toolswatch "k8s.io/client-go/tools/watch" utilsysctl "k8s.io/component-helpers/node/util/sysctl" "k8s.io/klog/v2" - "k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/proxy" proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config" "k8s.io/kubernetes/pkg/proxy/iptables" @@ -527,11 +525,9 @@ func platformCleanup(ctx context.Context, mode proxyconfigapi.ProxyMode, cleanup } } - if utilfeature.DefaultFeatureGate.Enabled(features.NFTablesProxyMode) { - // Clean up nftables rules when switching to iptables or ipvs, or if cleanupAndExit - if isIPTablesBased(mode) || cleanupAndExit { - encounteredError = nftables.CleanupLeftovers(ctx) || encounteredError - } + // Clean up nftables rules when switching to iptables or ipvs, or if cleanupAndExit + if isIPTablesBased(mode) || cleanupAndExit { + encounteredError = nftables.CleanupLeftovers(ctx) || encounteredError } if encounteredError { diff --git a/pkg/features/versioned_kube_features.go b/pkg/features/versioned_kube_features.go index 5f49f6b3f47..65decade524 100644 --- a/pkg/features/versioned_kube_features.go +++ b/pkg/features/versioned_kube_features.go @@ -542,6 +542,7 @@ var defaultVersionedKubernetesFeatureGates = map[featuregate.Feature]featuregate NFTablesProxyMode: { {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, + {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, }, NodeInclusionPolicyInPodTopologySpread: { diff --git a/pkg/proxy/apis/config/validation/validation.go b/pkg/proxy/apis/config/validation/validation.go index 3568f50b29e..6ce772d2f2c 100644 --- a/pkg/proxy/apis/config/validation/validation.go +++ b/pkg/proxy/apis/config/validation/validation.go @@ -30,7 +30,6 @@ import ( logsapi "k8s.io/component-base/logs/api/v1" "k8s.io/component-base/metrics" apivalidation "k8s.io/kubernetes/pkg/apis/core/validation" - "k8s.io/kubernetes/pkg/features" kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config" netutils "k8s.io/utils/net" ) @@ -173,12 +172,9 @@ func validateProxyModeLinux(mode kubeproxyconfig.ProxyMode, fldPath *field.Path) validModes := sets.New[string]( string(kubeproxyconfig.ProxyModeIPTables), string(kubeproxyconfig.ProxyModeIPVS), + string(kubeproxyconfig.ProxyModeNFTables), ) - if utilfeature.DefaultFeatureGate.Enabled(features.NFTablesProxyMode) { - validModes.Insert(string(kubeproxyconfig.ProxyModeNFTables)) - } - if mode == "" || validModes.Has(string(mode)) { return nil } diff --git a/test/featuregates_linter/test_data/versioned_feature_list.yaml b/test/featuregates_linter/test_data/versioned_feature_list.yaml index 33f350f70d6..84c59d322ac 100644 --- a/test/featuregates_linter/test_data/versioned_feature_list.yaml +++ b/test/featuregates_linter/test_data/versioned_feature_list.yaml @@ -842,6 +842,10 @@ lockToDefault: false preRelease: Beta version: "1.31" + - default: true + lockToDefault: true + preRelease: GA + version: "1.33" - name: NodeInclusionPolicyInPodTopologySpread versionedSpecs: - default: false