teach kubenet to use hostport_manager

2025-07-23 19:56:01 +00:00 · 2017-02-03 13:26:42 -08:00 · 2017-02-03 13:26:42 -08:00 · be9eca6b51
commit be9eca6b51
parent bd05e1af2b
5 changed files with 69 additions and 36 deletions
--- a/pkg/kubelet/dockershim/BUILD
+++ b/pkg/kubelet/dockershim/BUILD
@ -39,6 +39,7 @@ go_library(
        "//pkg/kubelet/leaky:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/cni:go_default_library",
+        "//pkg/kubelet/network/hostport:go_default_library",
        "//pkg/kubelet/network/kubenet:go_default_library",
        "//pkg/kubelet/qos:go_default_library",
        "//pkg/kubelet/server/streaming:go_default_library",
--- a/pkg/kubelet/network/BUILD
+++ b/pkg/kubelet/network/BUILD
@ -20,6 +20,7 @@ go_library(
        "//pkg/apis/componentconfig:go_default_library",
        "//pkg/client/clientset_generated/clientset:go_default_library",
        "//pkg/kubelet/container:go_default_library",
+        "//pkg/kubelet/network/hostport:go_default_library",
        "//pkg/util/exec:go_default_library",
        "//pkg/util/sysctl:go_default_library",
        "//vendor:github.com/golang/glog",
--- a/pkg/kubelet/network/cni/BUILD
+++ b/pkg/kubelet/network/cni/BUILD
@ -37,6 +37,7 @@ go_test(
        "//pkg/kubelet/container/testing:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/cni/testing:go_default_library",
+        "//pkg/kubelet/network/testing:go_default_library",
        "//pkg/util/exec:go_default_library",
        "//vendor:github.com/containernetworking/cni/pkg/types",
        "//vendor:github.com/stretchr/testify/mock",
--- a/pkg/kubelet/network/kubenet/kubenet_linux.go
+++ b/pkg/kubelet/network/kubenet/kubenet_linux.go
@ -89,7 +89,11 @@ type kubenetNetworkPlugin struct {
 	execer          utilexec.Interface
 	nsenterPath     string
 	hairpinMode     componentconfig.HairpinMode
+	// kubenet can use either hostportSyncer and hostportManager to implement hostports
+	// Currently, if network host supports legacy features, hostportSyncer will be used,
+	// otherwise, hostportManager will be used.
 	hostportSyncer  hostport.HostportSyncer
+	hostportManager hostport.HostPortManager
 	iptables        utiliptables.Interface
 	sysctl          utilsysctl.Interface
 	ebtables        utilebtables.Interface
@ -114,6 +118,7 @@ func NewPlugin(networkPluginDir string) network.NetworkPlugin {
 		sysctl:            sysctl,
 		vendorDir:         networkPluginDir,
 		hostportSyncer:    hostport.NewHostportSyncer(),
+		hostportManager:   hostport.NewHostportManager(),
 		nonMasqueradeCIDR: "10.0.0.0/8",
 	}
 }
@ -356,35 +361,48 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube

 	// The host can choose to not support "legacy" features. The remote
 	// shim doesn't support it (#35457), but the kubelet does.
-	if !plugin.host.SupportsLegacyFeatures() {
-		return nil
-	}
+	if plugin.host.SupportsLegacyFeatures() {
+		// The first SetUpPod call creates the bridge; get a shaper for the sake of
+		// initialization
+		shaper := plugin.shaper()

-	// The first SetUpPod call creates the bridge; get a shaper for the sake of
-	// initialization
-	shaper := plugin.shaper()
+		ingress, egress, err := bandwidth.ExtractPodBandwidthResources(pod.Annotations)
+		if err != nil {
+			return fmt.Errorf("Error reading pod bandwidth annotations: %v", err)
+		}
+		if egress != nil || ingress != nil {
+			if err := shaper.ReconcileCIDR(fmt.Sprintf("%s/32", ip4.String()), egress, ingress); err != nil {
+				return fmt.Errorf("Failed to add pod to shaper: %v", err)
+			}
+		}

-	ingress, egress, err := bandwidth.ExtractPodBandwidthResources(pod.Annotations)
-	if err != nil {
-		return fmt.Errorf("Error reading pod bandwidth annotations: %v", err)
-	}
-	if egress != nil || ingress != nil {
-		if err := shaper.ReconcileCIDR(fmt.Sprintf("%s/32", ip4.String()), egress, ingress); err != nil {
-			return fmt.Errorf("Failed to add pod to shaper: %v", err)
+		// Open any hostports the pod's containers want
+		activePodPortMapping, err := plugin.getPodPortMapping()
+		if err != nil {
+			return err
+		}
+
+		newPodPortMapping := constructPodPortMapping(pod, ip4)
+		if err := plugin.hostportSyncer.OpenPodHostportsAndSync(newPodPortMapping, BridgeName, activePodPortMapping); err != nil {
+			return err
+		}
+	} else {
+		portMappings, err := plugin.host.GetPodPortMappings(id.ID)
+		if err != nil {
+			return err
+		}
+		if portMappings != nil && len(portMappings) > 0 {
+			if err := plugin.hostportManager.Add(id.ID, &hostport.PodPortMapping{
+				Namespace:    namespace,
+				Name:         name,
+				PortMappings: portMappings,
+				IP:           ip4,
+				HostNetwork:  false,
+			}, BridgeName); err != nil {
+				return err
+			}
 		}
 	}
-
-	// Open any hostports the pod's containers want
-	activePodPortMapping, err := plugin.getPodPortMapping()
-	if err != nil {
-		return err
-	}
-
-	newPodPortMapping := constructPodPortMapping(pod, ip4)
-	if err := plugin.hostportSyncer.OpenPodHostportsAndSync(newPodPortMapping, BridgeName, activePodPortMapping); err != nil {
-		return err
-	}
-
 	return nil
 }

@ -467,18 +485,29 @@ func (plugin *kubenetNetworkPlugin) teardown(namespace string, name string, id k

 	// The host can choose to not support "legacy" features. The remote
 	// shim doesn't support it (#35457), but the kubelet does.
-	if !plugin.host.SupportsLegacyFeatures() {
-		return utilerrors.NewAggregate(errList)
+	if plugin.host.SupportsLegacyFeatures() {
+		activePodPortMapping, err := plugin.getPodPortMapping()
+		if err == nil {
+			err = plugin.hostportSyncer.SyncHostports(BridgeName, activePodPortMapping)
+		}
+		if err != nil {
+			errList = append(errList, err)
+		}
+	} else {
+		portMappings, err := plugin.host.GetPodPortMappings(id.ID)
+		if err != nil {
+			errList = append(errList, err)
+		} else if portMappings != nil && len(portMappings) > 0 {
+			if err = plugin.hostportManager.Remove(id.ID, &hostport.PodPortMapping{
+				Namespace:    namespace,
+				Name:         name,
+				PortMappings: portMappings,
+				HostNetwork:  false,
+			}); err != nil {
+				errList = append(errList, err)
+			}
+		}
 	}
-
-	activePodPortMapping, err := plugin.getPodPortMapping()
-	if err == nil {
-		err = plugin.hostportSyncer.SyncHostports(BridgeName, activePodPortMapping)
-	}
-	if err != nil {
-		errList = append(errList, err)
-	}
-
 	return utilerrors.NewAggregate(errList)
 }

--- a/pkg/kubelet/network/testing/BUILD
+++ b/pkg/kubelet/network/testing/BUILD
@ -16,6 +16,7 @@ go_library(
        "//pkg/client/clientset_generated/clientset:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/container/testing:go_default_library",
+        "//pkg/kubelet/network/hostport:go_default_library",
    ],
 )