Remove proxy-mode annotation from kube-proxy

This removes the net.experimental.kubernetes.io/proxy-mode and net.beta.kubernetes.io/proxy-mode annotations from kube-proxy.

cmd/kube-proxy/app/options/options.go

@@ -36,10 +36,6 @@ import (
 	"github.com/spf13/pflag"
 )
 
-const (
-	ExperimentalProxyModeAnnotation = "net.experimental.kubernetes.io/proxy-mode"
-)
-
 // ProxyServerConfig configures and runs a Kubernetes proxy server
 type ProxyServerConfig struct {
 	componentconfig.KubeProxyConfiguration
@@ -80,7 +76,7 @@ func (s *ProxyServerConfig) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.Kubeconfig, "kubeconfig", s.Kubeconfig, "Path to kubeconfig file with authorization information (the master location is set by the master flag).")
 	fs.Var(componentconfig.PortRangeVar{Val: &s.PortRange}, "proxy-port-range", "Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.")
 	fs.StringVar(&s.HostnameOverride, "hostname-override", s.HostnameOverride, "If non-empty, will use this string as identification instead of the actual hostname.")
-	fs.Var(&s.Mode, "proxy-mode", "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, look at the Node object on the Kubernetes API and respect the '"+ExperimentalProxyModeAnnotation+"' annotation if provided.  Otherwise use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.")
+	fs.Var(&s.Mode, "proxy-mode", "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.")
 	fs.Int32Var(s.IPTablesMasqueradeBit, "iptables-masquerade-bit", util.Int32PtrDerefOr(s.IPTablesMasqueradeBit, 14), "If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with.  Must be within the range [0, 31].")
 	fs.DurationVar(&s.IPTablesSyncPeriod.Duration, "iptables-sync-period", s.IPTablesSyncPeriod.Duration, "The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m').  Must be greater than 0.")
 	fs.DurationVar(&s.IPTablesMinSyncPeriod.Duration, "iptables-min-sync-period", s.IPTablesMinSyncPeriod.Duration, "The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').")

cmd/kube-proxy/app/server.go

@@ -72,10 +72,8 @@ type ProxyServer struct {
 }
 
 const (
-	proxyModeUserspace              = "userspace"
-	proxyModeIPTables               = "iptables"
-	experimentalProxyModeAnnotation = options.ExperimentalProxyModeAnnotation
-	betaProxyModeAnnotation         = "net.beta.kubernetes.io/proxy-mode"
+	proxyModeUserspace = "userspace"
+	proxyModeIPTables  = "iptables"
 )
 
 func checkKnownProxyMode(proxyMode string) bool {
@@ -425,34 +423,6 @@ func getProxyMode(proxyMode string, client nodeGetter, hostname string, iptver i
 		glog.Warningf("Flag proxy-mode=%q unknown, assuming iptables proxy", proxyMode)
 		return tryIPTablesProxy(iptver, kcompat)
 	}
-	// proxyMode == "" - choose the best option.
-	if client == nil {
-		glog.Errorf("nodeGetter is nil: assuming iptables proxy")
-		return tryIPTablesProxy(iptver, kcompat)
-	}
-	node, err := client.Get(hostname, metav1.GetOptions{})
-	if err != nil {
-		glog.Errorf("Can't get Node %q, assuming iptables proxy, err: %v", hostname, err)
-		return tryIPTablesProxy(iptver, kcompat)
-	}
-	if node == nil {
-		glog.Errorf("Got nil Node %q, assuming iptables proxy", hostname)
-		return tryIPTablesProxy(iptver, kcompat)
-	}
-	proxyMode, found := node.Annotations[betaProxyModeAnnotation]
-	if found {
-		glog.V(1).Infof("Found beta annotation %q = %q", betaProxyModeAnnotation, proxyMode)
-	} else {
-		// We already published some information about this annotation with the "experimental" name, so we will respect it.
-		proxyMode, found = node.Annotations[experimentalProxyModeAnnotation]
-		if found {
-			glog.V(1).Infof("Found experimental annotation %q = %q", experimentalProxyModeAnnotation, proxyMode)
-		}
-	}
-	if proxyMode == proxyModeUserspace {
-		glog.V(1).Infof("Annotation demands userspace proxy")
-		return proxyModeUserspace
-	}
 	return tryIPTablesProxy(iptver, kcompat)
 }
 

cmd/kube-proxy/app/server_test.go

@@ -120,140 +120,6 @@ func Test_getProxyMode(t *testing.T) {
 			kernelCompat:    true,
 			expected:        proxyModeIPTables,
 		},
-		{ // annotation says userspace
-			flag:          "",
-			annotationKey: "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal: "userspace",
-			expected:      proxyModeUserspace,
-		},
-		{ // annotation says iptables, error detecting
-			flag:          "",
-			annotationKey: "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal: "iptables",
-			iptablesError: fmt.Errorf("oops!"),
-			expected:      proxyModeUserspace,
-		},
-		{ // annotation says iptables, version too low
-			flag:            "",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: "0.0.0",
-			expected:        proxyModeUserspace,
-		},
-		{ // annotation says iptables, version ok, kernel not compatible
-			flag:            "",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    false,
-			expected:        proxyModeUserspace,
-		},
-		{ // annotation says iptables, version ok, kernel is compatible
-			flag:            "",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // annotation says something else, version ok
-			flag:            "",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "other",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // annotation says nothing, version ok
-			flag:            "",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // annotation says userspace
-			flag:          "",
-			annotationKey: "net.beta.kubernetes.io/proxy-mode",
-			annotationVal: "userspace",
-			expected:      proxyModeUserspace,
-		},
-		{ // annotation says iptables, error detecting
-			flag:          "",
-			annotationKey: "net.beta.kubernetes.io/proxy-mode",
-			annotationVal: "iptables",
-			iptablesError: fmt.Errorf("oops!"),
-			expected:      proxyModeUserspace,
-		},
-		{ // annotation says iptables, version too low
-			flag:            "",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: "0.0.0",
-			expected:        proxyModeUserspace,
-		},
-		{ // annotation says iptables, version ok, kernel not compatible
-			flag:            "",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    false,
-			expected:        proxyModeUserspace,
-		},
-		{ // annotation says iptables, version ok, kernel is compatible
-			flag:            "",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // annotation says something else, version ok
-			flag:            "",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "other",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // annotation says nothing, version ok
-			flag:            "",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // flag says userspace, annotation disagrees
-			flag:            "userspace",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			expected:        proxyModeUserspace,
-		},
-		{ // flag says iptables, annotation disagrees
-			flag:            "iptables",
-			annotationKey:   "net.experimental.kubernetes.io/proxy-mode",
-			annotationVal:   "userspace",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
-		{ // flag says userspace, annotation disagrees
-			flag:            "userspace",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "iptables",
-			iptablesVersion: iptables.MinCheckVersion,
-			expected:        proxyModeUserspace,
-		},
-		{ // flag says iptables, annotation disagrees
-			flag:            "iptables",
-			annotationKey:   "net.beta.kubernetes.io/proxy-mode",
-			annotationVal:   "userspace",
-			iptablesVersion: iptables.MinCheckVersion,
-			kernelCompat:    true,
-			expected:        proxyModeIPTables,
-		},
 	}
 	for i, c := range cases {
 		getter := &fakeNodeInterface{}

pkg/apis/componentconfig/types.go

@@ -92,11 +92,10 @@ type KubeProxyConfiguration struct {
 }
 
 // Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
-// (newer, faster). If blank, look at the Node object on the Kubernetes API and respect the
-// 'net.experimental.kubernetes.io/proxy-mode' annotation if provided.  Otherwise use the
-// best-available proxy (currently iptables, but may change in future versions).  If the
-// iptables proxy is selected, regardless of how, but the system's kernel or iptables
-// versions are insufficient, this always falls back to the userspace proxy.
+// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
+// change in future versions).  If the iptables proxy is selected, regardless of how, but
+// the system's kernel or iptables versions are insufficient, this always falls back to the
+// userspace proxy.
 type ProxyMode string
 
 const (

pkg/apis/componentconfig/v1alpha1/types.go

@@ -88,11 +88,10 @@ type KubeProxyConfiguration struct {
 }
 
 // Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
-// (experimental). If blank, look at the Node object on the Kubernetes API and respect the
-// 'net.experimental.kubernetes.io/proxy-mode' annotation if provided.  Otherwise use the
-// best-available proxy (currently userspace, but may change in future versions).  If the
-// iptables proxy is selected, regardless of how, but the system's kernel or iptables
-// versions are insufficient, this always falls back to the userspace proxy.
+// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
+// change in future versions).  If the iptables proxy is selected, regardless of how, but
+// the system's kernel or iptables versions are insufficient, this always falls back to the
+// userspace proxy.
 type ProxyMode string
 
 const (