github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 14:07:14 +00:00
Code Issues Projects Releases Wiki Activity

proxy/iptables: belatedly simplify local traffic policy metrics

Browse Source 
We figure out early on whether we're going to end up outputting no
endpoints, so update the metrics then.

(Also remove a redundant feature gate check; svcInfo already checks
the ServiceInternalTrafficPolicy feature gate itself and so
svcInfo.InternalPolicyLocal() will always return false if the gate is
not enabled.)
This commit is contained in:
Dan Winship 2022-07-09 06:46:48 -04:00
parent 9d577d8a29
commit 8a5801996b
1 changed files with 4 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/proxy/iptables/proxier.go
View File

@ -38,11 +38,9 @@ import (
"k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apimachinery/pkg/util/wait" "k8s.io/apimachinery/pkg/util/wait"
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/client-go/tools/events" "k8s.io/client-go/tools/events"
utilsysctl "k8s.io/component-helpers/node/util/sysctl" utilsysctl "k8s.io/component-helpers/node/util/sysctl"
"k8s.io/klog/v2" "k8s.io/klog/v2"
"k8s.io/kubernetes/pkg/features"
"k8s.io/kubernetes/pkg/proxy" "k8s.io/kubernetes/pkg/proxy"
"k8s.io/kubernetes/pkg/proxy/healthcheck" "k8s.io/kubernetes/pkg/proxy/healthcheck"
"k8s.io/kubernetes/pkg/proxy/metaproxier" "k8s.io/kubernetes/pkg/proxy/metaproxier"
@ -1082,6 +1080,7 @@ func (proxier *Proxier) syncProxyRules() {
// external traffic may still be accepted. // external traffic may still be accepted.
internalTrafficFilterTarget = "DROP" internalTrafficFilterTarget = "DROP"
internalTrafficFilterComment = fmt.Sprintf(`"%s has no local endpoints"`, svcPortNameString) internalTrafficFilterComment = fmt.Sprintf(`"%s has no local endpoints"`, svcPortNameString)
serviceNoLocalEndpointsTotalInternal++
} }
if !hasExternalEndpoints { if !hasExternalEndpoints {
// The externalTrafficPolicy is "Local" but there are no // The externalTrafficPolicy is "Local" but there are no
@ -1090,6 +1089,7 @@ func (proxier *Proxier) syncProxyRules() {
// the cluster may still be accepted. // the cluster may still be accepted.
externalTrafficFilterTarget = "DROP" externalTrafficFilterTarget = "DROP"
externalTrafficFilterComment = fmt.Sprintf(`"%s has no local endpoints"`, svcPortNameString) externalTrafficFilterComment = fmt.Sprintf(`"%s has no local endpoints"`, svcPortNameString)
serviceNoLocalEndpointsTotalExternal++
} }
} }
@ -1367,17 +1367,8 @@ func (proxier *Proxier) syncProxyRules() {
} }
if svcInfo.UsesLocalEndpoints() { if svcInfo.UsesLocalEndpoints() {
if len(localEndpoints) != 0 { // Write rules jumping from localPolicyChain to localEndpointChains
// Write rules jumping from localPolicyChain to localEndpointChains proxier.writeServiceToEndpointRules(svcPortNameString, svcInfo, localPolicyChain, localEndpoints, args)
proxier.writeServiceToEndpointRules(svcPortNameString, svcInfo, localPolicyChain, localEndpoints, args)
} else if hasEndpoints {
if svcInfo.InternalPolicyLocal() && utilfeature.DefaultFeatureGate.Enabled(features.ServiceInternalTrafficPolicy) {
serviceNoLocalEndpointsTotalInternal++
}
if svcInfo.ExternalPolicyLocal() {
serviceNoLocalEndpointsTotalExternal++
}
}
} }
} }