From 176d49300d1474cc98cc1aa568bb5c87a8da2570 Mon Sep 17 00:00:00 2001 From: JieJhih Jhang Date: Wed, 1 May 2019 18:35:52 +0800 Subject: [PATCH] combine two logics avoid for range the same thing --- pkg/proxy/iptables/proxier.go | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index bf9e1195616..e4b13b17c9f 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -1152,7 +1152,16 @@ func (proxier *Proxier) syncProxyRules() { // Now write loadbalancing & DNAT rules. n := len(endpointChains) + localEndpoints := make([]*endpointsInfo, 0) + localEndpointChains := make([]utiliptables.Chain, 0) for i, endpointChain := range endpointChains { + // Write ingress loadbalancing & DNAT rules only for services that request OnlyLocal traffic. + if svcInfo.OnlyNodeLocalEndpoints && endpoints[i].IsLocal { + // These slices parallel each other; must be kept in sync + localEndpoints = append(localEndpoints, endpoints[i]) + localEndpointChains = append(localEndpointChains, endpointChains[i]) + } + epIP := endpoints[i].IP() if epIP == "" { // Error parsing this endpoint has been logged. Skip to next endpoint. @@ -1193,17 +1202,6 @@ func (proxier *Proxier) syncProxyRules() { continue } - // Now write ingress loadbalancing & DNAT rules only for services that request OnlyLocal traffic. - // TODO - This logic may be combinable with the block above that creates the svc balancer chain - localEndpoints := make([]*endpointsInfo, 0) - localEndpointChains := make([]utiliptables.Chain, 0) - for i := range endpointChains { - if endpoints[i].IsLocal { - // These slices parallel each other; must be kept in sync - localEndpoints = append(localEndpoints, endpoints[i]) - localEndpointChains = append(localEndpointChains, endpointChains[i]) - } - } // First rule in the chain redirects all pod -> external VIP traffic to the // Service's ClusterIP instead. This happens whether or not we have local // endpoints; only if clusterCIDR is specified