diff --git a/pkg/kubelet/network/hostport/hostport.go b/pkg/kubelet/network/hostport/hostport.go index 23587e2fde3..10ce366ec82 100644 --- a/pkg/kubelet/network/hostport/hostport.go +++ b/pkg/kubelet/network/hostport/hostport.go @@ -42,7 +42,7 @@ const ( ) type HostportHandler interface { - OpenPodHostportsAndSync(newPod *api.Pod, natInterfaceName string, runningPods []*RunningPod) error + OpenPodHostportsAndSync(newPod *RunningPod, natInterfaceName string, runningPods []*RunningPod) error SyncHostports(natInterfaceName string, runningPods []*RunningPod) error } @@ -172,12 +172,24 @@ func hostportChainName(cp api.ContainerPort, podFullName string) utiliptables.Ch // OpenPodHostportsAndSync opens hostports for a new pod, gathers all hostports on // node, sets up iptables rules enable them. And finally clean up stale hostports -func (h *handler) OpenPodHostportsAndSync(newPod *api.Pod, natInterfaceName string, runningPods []*RunningPod) error { +func (h *handler) OpenPodHostportsAndSync(newPod *RunningPod, natInterfaceName string, runningPods []*RunningPod) error { // try to open pod host port if specified - if err := h.openHostports(newPod); err != nil { + if err := h.openHostports(newPod.Pod); err != nil { return err } + // Add the new pod to running pods if it's not running already (e.g. in rkt's case). + var found bool + for _, p := range runningPods { + if p.Pod.UID == newPod.Pod.UID { + found = true + break + } + } + if !found { + runningPods = append(runningPods, newPod) + } + return h.SyncHostports(natInterfaceName, runningPods) } diff --git a/pkg/kubelet/network/hostport/hostport_test.go b/pkg/kubelet/network/hostport/hostport_test.go index 5b8159c3ef0..18fa8651653 100644 --- a/pkg/kubelet/network/hostport/hostport_test.go +++ b/pkg/kubelet/network/hostport/hostport_test.go @@ -185,7 +185,7 @@ func TestOpenPodHostports(t *testing.T) { }) } - err := h.OpenPodHostportsAndSync(tests[0].pod, "br0", runningPods) + err := h.OpenPodHostportsAndSync(&RunningPod{Pod: tests[0].pod, IP: net.ParseIP(tests[0].ip)}, "br0", runningPods) if err != nil { t.Fatalf("Failed to OpenPodHostportsAndSync: %v", err) } diff --git a/pkg/kubelet/network/hostport/testing/fake.go b/pkg/kubelet/network/hostport/testing/fake.go index d2032741375..f5ce6b94cf0 100644 --- a/pkg/kubelet/network/hostport/testing/fake.go +++ b/pkg/kubelet/network/hostport/testing/fake.go @@ -19,7 +19,6 @@ package testing import ( "fmt" - "k8s.io/kubernetes/pkg/api" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/network/hostport" ) @@ -30,8 +29,8 @@ func NewFakeHostportHandler() hostport.HostportHandler { return &fakeHandler{} } -func (h *fakeHandler) OpenPodHostportsAndSync(newPod *api.Pod, natInterfaceName string, runningPods []*hostport.RunningPod) error { - return h.SyncHostports(natInterfaceName, runningPods) +func (h *fakeHandler) OpenPodHostportsAndSync(newPod *hostport.RunningPod, natInterfaceName string, runningPods []*hostport.RunningPod) error { + return h.SyncHostports(natInterfaceName, append(runningPods, newPod)) } func (h *fakeHandler) SyncHostports(natInterfaceName string, runningPods []*hostport.RunningPod) error { diff --git a/pkg/kubelet/network/kubenet/kubenet_linux.go b/pkg/kubelet/network/kubenet/kubenet_linux.go index 9df74596612..e91b74889cf 100644 --- a/pkg/kubelet/network/kubenet/kubenet_linux.go +++ b/pkg/kubelet/network/kubenet/kubenet_linux.go @@ -349,7 +349,9 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube if err != nil { return err } - if err := plugin.hostportHandler.OpenPodHostportsAndSync(pod, BridgeName, runningPods); err != nil { + + newPod := &hostport.RunningPod{Pod: pod, IP: ip4} + if err := plugin.hostportHandler.OpenPodHostportsAndSync(newPod, BridgeName, runningPods); err != nil { return err }