github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-26 21:17:23 +00:00
Code Issues Projects Releases Wiki Activity

kube-proxy: move GetNodeAddresses call out of internal loop to avoid repeated computation

Browse Source 
Signed-off-by: SataQiu <1527062125@qq.com>
This commit is contained in:
SataQiu 2020-05-26 15:32:05 +08:00
parent b17ddac4df
commit b68312e688
1 changed files with 26 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/proxy/iptables/proxier.go
View File

@ -809,6 +809,11 @@ func (proxier *Proxier) syncProxyRules() {
localAddrSet := utilnet.IPSet{} localAddrSet := utilnet.IPSet{}
localAddrSet.Insert(localAddrs...) localAddrSet.Insert(localAddrs...)
nodeAddresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
if err != nil {
klog.Errorf("Failed to get node ip address matching nodeport cidrs %v, services with nodeport may not work as intended: %v", proxier.nodePortAddresses, err)
}
// We assume that if this was called, we really want to sync them, // We assume that if this was called, we really want to sync them,
// even if nothing changed in the meantime. In other words, callers are // even if nothing changed in the meantime. In other words, callers are
// responsible for detecting no-op changes and not calling this function. // responsible for detecting no-op changes and not calling this function.
@ -1195,14 +1200,12 @@ func (proxier *Proxier) syncProxyRules() {
if svcInfo.NodePort() != 0 { if svcInfo.NodePort() != 0 {
// Hold the local port open so no other process can open it // Hold the local port open so no other process can open it
// (because the socket might open but it would never work). // (because the socket might open but it would never work).
addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer) if len(nodeAddresses) == 0 {
if err != nil {
klog.Errorf("Failed to get node ip address matching nodeport cidr: %v", err)
continue continue
} }
lps := make([]utilproxy.LocalPort, 0) lps := make([]utilproxy.LocalPort, 0)
for address := range addresses { for address := range nodeAddresses {
lp := utilproxy.LocalPort{ lp := utilproxy.LocalPort{
Description: "nodePort for " + svcNameString, Description: "nodePort for " + svcNameString,
IP: address, IP: address,
@ -1464,12 +1467,8 @@ func (proxier *Proxier) syncProxyRules() {
// Finally, tail-call to the nodeports chain. This needs to be after all // Finally, tail-call to the nodeports chain. This needs to be after all
// other service portal rules. // other service portal rules.
addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
if err != nil {
klog.Errorf("Failed to get node ip address matching nodeport cidr")
} else {
isIPv6 := proxier.iptables.IsIPv6() isIPv6 := proxier.iptables.IsIPv6()
for address := range addresses { for address := range nodeAddresses {
// TODO(thockin, m1093782566): If/when we have dual-stack support we will want to distinguish v4 from v6 zero-CIDRs. // TODO(thockin, m1093782566): If/when we have dual-stack support we will want to distinguish v4 from v6 zero-CIDRs.
if utilproxy.IsZeroCIDR(address) { if utilproxy.IsZeroCIDR(address) {
args = append(args[:0], args = append(args[:0],
@ -1494,7 +1493,6 @@ func (proxier *Proxier) syncProxyRules() {
"-j", string(kubeNodePortsChain)) "-j", string(kubeNodePortsChain))
writeLine(proxier.natRules, args...) writeLine(proxier.natRules, args...)
} }
}
// Drop the packets in INVALID state, which would potentially cause // Drop the packets in INVALID state, which would potentially cause
// unexpected connection reset. // unexpected connection reset.