mirror of
https://github.com/k3s-io/kubernetes.git
synced 2026-01-04 23:17:50 +00:00
Refactor handling of local traffic detection.
This commit is contained in:
Satyadeep Musuvathy
@@ -79,6 +79,7 @@ go_library(
|
||||
] + select({
|
||||
"@io_bazel_rules_go//go/platform:android": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -87,6 +88,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:darwin": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -95,6 +97,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:dragonfly": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -103,6 +106,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:freebsd": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -111,6 +115,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:ios": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -119,6 +124,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:linux": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -127,6 +133,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:nacl": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -135,6 +142,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:netbsd": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -143,6 +151,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:openbsd": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -151,6 +160,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:plan9": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -159,6 +169,7 @@ go_library(
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:solaris": [
|
||||
"//pkg/proxy/metrics:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
|
||||
@@ -190,43 +201,76 @@ go_test(
|
||||
"//pkg/proxy/apis/config:go_default_library",
|
||||
"//pkg/util/configz:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||
"//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library",
|
||||
"//staging/src/k8s.io/component-base/config:go_default_library",
|
||||
"//vendor/github.com/google/go-cmp/cmp:go_default_library",
|
||||
"//vendor/github.com/stretchr/testify/assert:go_default_library",
|
||||
"//vendor/k8s.io/utils/pointer:go_default_library",
|
||||
] + select({
|
||||
"@io_bazel_rules_go//go/platform:android": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:darwin": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:dragonfly": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:freebsd": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:ios": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:linux": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:nacl": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:netbsd": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:openbsd": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:plan9": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:solaris": [
|
||||
"//pkg/proxy/ipvs:go_default_library",
|
||||
"//pkg/proxy/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables:go_default_library",
|
||||
"//pkg/util/iptables/testing:go_default_library",
|
||||
],
|
||||
"//conditions:default": [],
|
||||
}),
|
||||
|
||||
@@ -203,6 +203,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
|
||||
fs.BoolVar(&o.config.EnableProfiling, "profiling", o.config.EnableProfiling, "If true enables profiling via web interface on /debug/pprof handler.")
|
||||
|
||||
fs.Float32Var(&o.config.ClientConnection.QPS, "kube-api-qps", o.config.ClientConnection.QPS, "QPS to use while talking with kubernetes apiserver")
|
||||
fs.Var(&o.config.DetectLocalMode, "detect-local-mode", "Mode to use to detect local traffic")
|
||||
}
|
||||
|
||||
// NewOptions returns initialized Options
|
||||
|
||||
@@ -42,6 +42,7 @@ import (
|
||||
"k8s.io/kubernetes/pkg/proxy/ipvs"
|
||||
proxymetrics "k8s.io/kubernetes/pkg/proxy/metrics"
|
||||
"k8s.io/kubernetes/pkg/proxy/userspace"
|
||||
proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables"
|
||||
"k8s.io/kubernetes/pkg/util/configz"
|
||||
utilipset "k8s.io/kubernetes/pkg/util/ipset"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
@@ -136,8 +137,14 @@ func newProxyServer(
|
||||
}
|
||||
|
||||
var proxier proxy.Provider
|
||||
var detectLocalMode proxyconfigapi.LocalMode
|
||||
|
||||
proxyMode := getProxyMode(string(config.Mode), kernelHandler, ipsetInterface, iptables.LinuxKernelCompatTester{})
|
||||
detectLocalMode, err = getDetectLocalMode(config)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("cannot determine detect-local-mode: %v", err)
|
||||
}
|
||||
|
||||
nodeIP := net.ParseIP(config.BindAddress)
|
||||
if nodeIP.IsUnspecified() {
|
||||
nodeIP = utilnode.GetNodeIP(client, hostname)
|
||||
@@ -146,6 +153,9 @@ func newProxyServer(
|
||||
nodeIP = net.ParseIP("127.0.0.1")
|
||||
}
|
||||
}
|
||||
|
||||
klog.V(2).Info("DetectLocalMode: '", string(detectLocalMode), "'")
|
||||
|
||||
if proxyMode == proxyModeIPTables {
|
||||
klog.V(0).Info("Using iptables Proxier.")
|
||||
if config.IPTables.MasqueradeBit == nil {
|
||||
@@ -167,6 +177,13 @@ func newProxyServer(
|
||||
ipt[1] = utiliptables.New(execer, utiliptables.ProtocolIpv6)
|
||||
}
|
||||
|
||||
// Always ordered to match []ipt
|
||||
var localDetectors [2]proxyutiliptables.LocalTrafficDetector
|
||||
localDetectors, err = getDualStackLocalDetectorTuple(detectLocalMode, config, ipt)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create proxier: %v", err)
|
||||
}
|
||||
|
||||
// TODO this has side effects that should only happen when Run() is invoked.
|
||||
proxier, err = iptables.NewDualStackProxier(
|
||||
ipt,
|
||||
@@ -176,7 +193,7 @@ func newProxyServer(
|
||||
config.IPTables.MinSyncPeriod.Duration,
|
||||
config.IPTables.MasqueradeAll,
|
||||
int(*config.IPTables.MasqueradeBit),
|
||||
cidrTuple(config.ClusterCIDR),
|
||||
localDetectors,
|
||||
hostname,
|
||||
nodeIPTuple(config.BindAddress),
|
||||
recorder,
|
||||
@@ -184,6 +201,12 @@ func newProxyServer(
|
||||
config.NodePortAddresses,
|
||||
)
|
||||
} else { // Create a single-stack proxier.
|
||||
var localDetector proxyutiliptables.LocalTrafficDetector
|
||||
localDetector, err = getLocalDetector(detectLocalMode, config, iptInterface)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create proxier: %v", err)
|
||||
}
|
||||
|
||||
// TODO this has side effects that should only happen when Run() is invoked.
|
||||
proxier, err = iptables.NewProxier(
|
||||
iptInterface,
|
||||
@@ -193,7 +216,7 @@ func newProxyServer(
|
||||
config.IPTables.MinSyncPeriod.Duration,
|
||||
config.IPTables.MasqueradeAll,
|
||||
int(*config.IPTables.MasqueradeBit),
|
||||
config.ClusterCIDR,
|
||||
localDetector,
|
||||
hostname,
|
||||
nodeIP,
|
||||
recorder,
|
||||
@@ -222,6 +245,15 @@ func newProxyServer(
|
||||
ipt[1] = utiliptables.New(execer, utiliptables.ProtocolIpv6)
|
||||
}
|
||||
|
||||
nodeIPs := nodeIPTuple(config.BindAddress)
|
||||
|
||||
// Always ordered to match []ipt
|
||||
var localDetectors [2]proxyutiliptables.LocalTrafficDetector
|
||||
localDetectors, err = getDualStackLocalDetectorTuple(detectLocalMode, config, ipt)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create proxier: %v", err)
|
||||
}
|
||||
|
||||
proxier, err = ipvs.NewDualStackProxier(
|
||||
ipt,
|
||||
ipvsInterface,
|
||||
@@ -237,15 +269,21 @@ func newProxyServer(
|
||||
config.IPVS.UDPTimeout.Duration,
|
||||
config.IPTables.MasqueradeAll,
|
||||
int(*config.IPTables.MasqueradeBit),
|
||||
cidrTuple(config.ClusterCIDR),
|
||||
localDetectors,
|
||||
hostname,
|
||||
nodeIPTuple(config.BindAddress),
|
||||
nodeIPs,
|
||||
recorder,
|
||||
healthzServer,
|
||||
config.IPVS.Scheduler,
|
||||
config.NodePortAddresses,
|
||||
)
|
||||
} else {
|
||||
var localDetector proxyutiliptables.LocalTrafficDetector
|
||||
localDetector, err = getLocalDetector(detectLocalMode, config, iptInterface)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create proxier: %v", err)
|
||||
}
|
||||
|
||||
proxier, err = ipvs.NewProxier(
|
||||
iptInterface,
|
||||
ipvsInterface,
|
||||
@@ -261,7 +299,7 @@ func newProxyServer(
|
||||
config.IPVS.UDPTimeout.Duration,
|
||||
config.IPTables.MasqueradeAll,
|
||||
int(*config.IPTables.MasqueradeBit),
|
||||
config.ClusterCIDR,
|
||||
localDetector,
|
||||
hostname,
|
||||
nodeIP,
|
||||
recorder,
|
||||
@@ -317,6 +355,67 @@ func newProxyServer(
|
||||
}, nil
|
||||
}
|
||||
|
||||
func getDetectLocalMode(config *proxyconfigapi.KubeProxyConfiguration) (proxyconfigapi.LocalMode, error) {
|
||||
mode := config.DetectLocalMode
|
||||
switch mode {
|
||||
case proxyconfigapi.LocalModeClusterCIDR:
|
||||
return mode, nil
|
||||
default:
|
||||
if strings.TrimSpace(mode.String()) != "" {
|
||||
return mode, fmt.Errorf("unknown detect-local-mode: %v", mode)
|
||||
}
|
||||
klog.V(4).Info("Defaulting detect-local-mode to ", string(proxyconfigapi.LocalModeClusterCIDR))
|
||||
return proxyconfigapi.LocalModeClusterCIDR, nil
|
||||
}
|
||||
}
|
||||
|
||||
func getLocalDetector(mode proxyconfigapi.LocalMode, config *proxyconfigapi.KubeProxyConfiguration, ipt utiliptables.Interface) (proxyutiliptables.LocalTrafficDetector, error) {
|
||||
switch mode {
|
||||
case proxyconfigapi.LocalModeClusterCIDR:
|
||||
if len(strings.TrimSpace(config.ClusterCIDR)) == 0 {
|
||||
klog.Warning("detect-local-mode set to ClusterCIDR, but no cluster CIDR defined")
|
||||
break
|
||||
}
|
||||
return proxyutiliptables.NewDetectLocalByCIDR(config.ClusterCIDR, ipt)
|
||||
}
|
||||
klog.V(0).Info("detect-local-mode: ", string(mode), " , defaulting to no-op detect-local")
|
||||
return proxyutiliptables.NewNoOpLocalDetector(), nil
|
||||
}
|
||||
|
||||
func getDualStackLocalDetectorTuple(mode proxyconfigapi.LocalMode, config *proxyconfigapi.KubeProxyConfiguration, ipt [2]utiliptables.Interface) ([2]proxyutiliptables.LocalTrafficDetector, error) {
|
||||
var err error
|
||||
localDetectors := [2]proxyutiliptables.LocalTrafficDetector{proxyutiliptables.NewNoOpLocalDetector(), proxyutiliptables.NewNoOpLocalDetector()}
|
||||
switch mode {
|
||||
case proxyconfigapi.LocalModeClusterCIDR:
|
||||
if len(strings.TrimSpace(config.ClusterCIDR)) == 0 {
|
||||
klog.Warning("detect-local-mode set to ClusterCIDR, but no cluster CIDR defined")
|
||||
break
|
||||
}
|
||||
|
||||
clusterCIDRs := cidrTuple(config.ClusterCIDR)
|
||||
|
||||
if len(strings.TrimSpace(clusterCIDRs[0])) == 0 {
|
||||
klog.Warning("detect-local-mode set to ClusterCIDR, but no IPv4 cluster CIDR defined, defaulting to no-op detect-local for IPv4")
|
||||
} else {
|
||||
localDetectors[0], err = proxyutiliptables.NewDetectLocalByCIDR(clusterCIDRs[0], ipt[0])
|
||||
if err != nil { // don't loose the original error
|
||||
return localDetectors, err
|
||||
}
|
||||
}
|
||||
|
||||
if len(strings.TrimSpace(clusterCIDRs[1])) == 0 {
|
||||
klog.Warning("detect-local-mode set to ClusterCIDR, but no IPv6 cluster CIDR defined, , defaulting to no-op detect-local for IPv6")
|
||||
} else {
|
||||
localDetectors[1], err = proxyutiliptables.NewDetectLocalByCIDR(clusterCIDRs[1], ipt[1])
|
||||
}
|
||||
return localDetectors, err
|
||||
default:
|
||||
klog.Warningf("unknown detect-local-mode: %v", mode)
|
||||
}
|
||||
klog.Warning("detect-local-mode: ", string(mode), " , defaulting to no-op detect-local")
|
||||
return localDetectors, nil
|
||||
}
|
||||
|
||||
// cidrTuple takes a comma separated list of CIDRs and return a tuple (ipv4cidr,ipv6cidr)
|
||||
// The returned tuple is guaranteed to have the order (ipv4,ipv6) and if no cidr from a family is found an
|
||||
// empty string "" is inserted.
|
||||
|
||||
@@ -20,9 +20,14 @@ package app
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config"
|
||||
"k8s.io/kubernetes/pkg/proxy/ipvs"
|
||||
proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
utiliptablestest "k8s.io/kubernetes/pkg/util/iptables/testing"
|
||||
)
|
||||
|
||||
type fakeIPSetVersioner struct {
|
||||
@@ -145,3 +150,230 @@ func Test_getProxyMode(t *testing.T) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func Test_getDetectLocalMode(t *testing.T) {
|
||||
cases := []struct {
|
||||
detectLocal string
|
||||
expected proxyconfigapi.LocalMode
|
||||
errExpected bool
|
||||
}{
|
||||
{
|
||||
detectLocal: "",
|
||||
expected: proxyconfigapi.LocalModeClusterCIDR,
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
detectLocal: string(proxyconfigapi.LocalModeClusterCIDR),
|
||||
expected: proxyconfigapi.LocalModeClusterCIDR,
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
detectLocal: "abcd",
|
||||
expected: proxyconfigapi.LocalMode("abcd"),
|
||||
errExpected: true,
|
||||
},
|
||||
}
|
||||
for i, c := range cases {
|
||||
proxyConfig := &proxyconfigapi.KubeProxyConfiguration{DetectLocalMode: proxyconfigapi.LocalMode(c.detectLocal)}
|
||||
r, err := getDetectLocalMode(proxyConfig)
|
||||
if c.errExpected {
|
||||
if err == nil {
|
||||
t.Errorf("Expected error, but did not fail for mode %v", c.detectLocal)
|
||||
}
|
||||
continue
|
||||
}
|
||||
if err != nil {
|
||||
t.Errorf("Got error parsing mode: %v", err)
|
||||
continue
|
||||
}
|
||||
if r != c.expected {
|
||||
t.Errorf("Case[%d] Expected %q got %q", i, c.expected, r)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func Test_getLocalDetector(t *testing.T) {
|
||||
cases := []struct {
|
||||
mode proxyconfigapi.LocalMode
|
||||
config *proxyconfigapi.KubeProxyConfiguration
|
||||
ipt utiliptables.Interface
|
||||
expected proxyutiliptables.LocalTrafficDetector
|
||||
errExpected bool
|
||||
}{
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0/14"},
|
||||
ipt: utiliptablestest.NewFake(),
|
||||
expected: resolveLocalDetector(t)(proxyutiliptables.NewDetectLocalByCIDR("10.0.0.0/14", utiliptablestest.NewFake())),
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "2002::1234:abcd:ffff:c0a8:101/64"},
|
||||
ipt: utiliptablestest.NewIpv6Fake(),
|
||||
expected: resolveLocalDetector(t)(proxyutiliptables.NewDetectLocalByCIDR("2002::1234:abcd:ffff:c0a8:101/64", utiliptablestest.NewIpv6Fake())),
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0"},
|
||||
ipt: utiliptablestest.NewFake(),
|
||||
expected: nil,
|
||||
errExpected: true,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "2002::1234:abcd:ffff:c0a8:101"},
|
||||
ipt: utiliptablestest.NewIpv6Fake(),
|
||||
expected: nil,
|
||||
errExpected: true,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0/14"},
|
||||
ipt: utiliptablestest.NewIpv6Fake(),
|
||||
expected: nil,
|
||||
errExpected: true,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "2002::1234:abcd:ffff:c0a8:101/64"},
|
||||
ipt: utiliptablestest.NewFake(),
|
||||
expected: nil,
|
||||
errExpected: true,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalMode("abcd"),
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0/14"},
|
||||
ipt: utiliptablestest.NewFake(),
|
||||
expected: proxyutiliptables.NewNoOpLocalDetector(),
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: ""},
|
||||
ipt: utiliptablestest.NewFake(),
|
||||
expected: proxyutiliptables.NewNoOpLocalDetector(),
|
||||
errExpected: false,
|
||||
},
|
||||
}
|
||||
for i, c := range cases {
|
||||
r, err := getLocalDetector(c.mode, c.config, c.ipt)
|
||||
if c.errExpected {
|
||||
if err == nil {
|
||||
t.Errorf("Case[%d] Expected error, but succeeded with %v", i, r)
|
||||
}
|
||||
continue
|
||||
}
|
||||
if err != nil {
|
||||
t.Errorf("Case[%d] Error resolving detect-local: %v", i, err)
|
||||
continue
|
||||
}
|
||||
if !reflect.DeepEqual(r, c.expected) {
|
||||
t.Errorf("Case[%d] Unexpected detect-local implementation, expected: %q, got: %q", i, c.expected, r)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func Test_getDualStackLocalDetectorTuple(t *testing.T) {
|
||||
cases := []struct {
|
||||
mode proxyconfigapi.LocalMode
|
||||
config *proxyconfigapi.KubeProxyConfiguration
|
||||
ipt [2]utiliptables.Interface
|
||||
expected [2]proxyutiliptables.LocalTrafficDetector
|
||||
errExpected bool
|
||||
}{
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0/14,2002::1234:abcd:ffff:c0a8:101/64"},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: resolveDualStackLocalDetectors(t)(
|
||||
proxyutiliptables.NewDetectLocalByCIDR("10.0.0.0/14", utiliptablestest.NewFake()))(
|
||||
proxyutiliptables.NewDetectLocalByCIDR("2002::1234:abcd:ffff:c0a8:101/64", utiliptablestest.NewIpv6Fake())),
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "2002::1234:abcd:ffff:c0a8:101/64,10.0.0.0/14"},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: resolveDualStackLocalDetectors(t)(
|
||||
proxyutiliptables.NewDetectLocalByCIDR("10.0.0.0/14", utiliptablestest.NewFake()))(
|
||||
proxyutiliptables.NewDetectLocalByCIDR("2002::1234:abcd:ffff:c0a8:101/64", utiliptablestest.NewIpv6Fake())),
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "10.0.0.0/14"},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: [2]proxyutiliptables.LocalTrafficDetector{
|
||||
resolveLocalDetector(t)(proxyutiliptables.NewDetectLocalByCIDR("10.0.0.0/14", utiliptablestest.NewFake())),
|
||||
proxyutiliptables.NewNoOpLocalDetector()},
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: "2002::1234:abcd:ffff:c0a8:101/64"},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: [2]proxyutiliptables.LocalTrafficDetector{
|
||||
proxyutiliptables.NewNoOpLocalDetector(),
|
||||
resolveLocalDetector(t)(proxyutiliptables.NewDetectLocalByCIDR("2002::1234:abcd:ffff:c0a8:101/64", utiliptablestest.NewIpv6Fake()))},
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalModeClusterCIDR,
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: ""},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: [2]proxyutiliptables.LocalTrafficDetector{proxyutiliptables.NewNoOpLocalDetector(), proxyutiliptables.NewNoOpLocalDetector()},
|
||||
errExpected: false,
|
||||
},
|
||||
{
|
||||
mode: proxyconfigapi.LocalMode("abcd"),
|
||||
config: &proxyconfigapi.KubeProxyConfiguration{ClusterCIDR: ""},
|
||||
ipt: [2]utiliptables.Interface{utiliptablestest.NewFake(), utiliptablestest.NewIpv6Fake()},
|
||||
expected: [2]proxyutiliptables.LocalTrafficDetector{proxyutiliptables.NewNoOpLocalDetector(), proxyutiliptables.NewNoOpLocalDetector()},
|
||||
errExpected: false,
|
||||
},
|
||||
}
|
||||
for i, c := range cases {
|
||||
r, err := getDualStackLocalDetectorTuple(c.mode, c.config, c.ipt)
|
||||
if c.errExpected {
|
||||
if err == nil {
|
||||
t.Errorf("Case[%d] expected error, but succeeded with %q", i, r)
|
||||
}
|
||||
continue
|
||||
}
|
||||
if err != nil {
|
||||
t.Errorf("Case[%d] Error resolving detect-local: %v", i, err)
|
||||
continue
|
||||
}
|
||||
if !reflect.DeepEqual(r, c.expected) {
|
||||
t.Errorf("Case[%d] Unexpected detect-local implementation, expected: %q, got: %q", i, c.expected, r)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func resolveLocalDetector(t *testing.T) func(proxyutiliptables.LocalTrafficDetector, error) proxyutiliptables.LocalTrafficDetector {
|
||||
return func(localDetector proxyutiliptables.LocalTrafficDetector, err error) proxyutiliptables.LocalTrafficDetector {
|
||||
t.Helper()
|
||||
if err != nil {
|
||||
t.Fatalf("Error resolving detect-local: %v", err)
|
||||
}
|
||||
return localDetector
|
||||
}
|
||||
}
|
||||
|
||||
func resolveDualStackLocalDetectors(t *testing.T) func(localDetector proxyutiliptables.LocalTrafficDetector, err1 error) func(proxyutiliptables.LocalTrafficDetector, error) [2]proxyutiliptables.LocalTrafficDetector {
|
||||
return func(localDetector proxyutiliptables.LocalTrafficDetector, err error) func(proxyutiliptables.LocalTrafficDetector, error) [2]proxyutiliptables.LocalTrafficDetector {
|
||||
t.Helper()
|
||||
if err != nil {
|
||||
t.Fatalf("Error resolving dual stack detect-local: %v", err)
|
||||
}
|
||||
return func(otherLocalDetector proxyutiliptables.LocalTrafficDetector, err1 error) [2]proxyutiliptables.LocalTrafficDetector {
|
||||
t.Helper()
|
||||
if err1 != nil {
|
||||
t.Fatalf("Error resolving dual stack detect-local: %v", err)
|
||||
}
|
||||
return [2]proxyutiliptables.LocalTrafficDetector{localDetector, otherLocalDetector}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,12 +28,13 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/google/go-cmp/cmp"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
utilpointer "k8s.io/utils/pointer"
|
||||
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/diff"
|
||||
componentbaseconfig "k8s.io/component-base/config"
|
||||
kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config"
|
||||
"k8s.io/kubernetes/pkg/util/configz"
|
||||
@@ -148,6 +149,7 @@ mode: "%s"
|
||||
oomScoreAdj: 17
|
||||
portRange: "2-7"
|
||||
udpIdleTimeout: 123ms
|
||||
detectLocalMode: "ClusterCIDR"
|
||||
nodePortAddresses:
|
||||
- "10.20.30.40/16"
|
||||
- "fd00:1::0/64"
|
||||
@@ -288,6 +290,7 @@ nodePortAddresses:
|
||||
PortRange: "2-7",
|
||||
UDPIdleTimeout: metav1.Duration{Duration: 123 * time.Millisecond},
|
||||
NodePortAddresses: []string{"10.20.30.40/16", "fd00:1::0/64"},
|
||||
DetectLocalMode: kubeproxyconfig.LocalModeClusterCIDR,
|
||||
}
|
||||
|
||||
options := NewOptions()
|
||||
@@ -304,7 +307,7 @@ nodePortAddresses:
|
||||
assert.NoError(t, err, "unexpected error for %s: %v", tc.name, err)
|
||||
|
||||
if !reflect.DeepEqual(expected, config) {
|
||||
t.Fatalf("unexpected config for %s, diff = %s", tc.name, diff.ObjectDiff(config, expected))
|
||||
t.Fatalf("unexpected config for %s, diff = %s", tc.name, cmp.Diff(config, expected))
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -474,6 +477,7 @@ mode: ""
|
||||
nodePortAddresses: null
|
||||
oomScoreAdj: -999
|
||||
portRange: ""
|
||||
detectLocalMode: "ClusterCIDR"
|
||||
udpIdleTimeout: 250ms`)
|
||||
if err != nil {
|
||||
return nil, "", fmt.Errorf("unexpected error when writing content to temp kube-proxy config file: %v", err)
|
||||
|
||||
Reference in New Issue
Block a user