github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-22 19:31:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #101023 from Nordix/ipvs-cleanup-localhost

Browse Source 
Disable localhost:nodeport for proxy-mode=ipvs
This commit is contained in:
Kubernetes Prow Robot 2021-04-16 22:22:10 -07:00 committed by GitHub
commit d090d17cb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pkg/proxy/ipvs/proxier.go
View File

@ -300,7 +300,8 @@ type realIPGetter struct {
// 172.17.0.1 dev docker0 scope host src 172.17.0.1
// 192.168.122.1 dev virbr0 scope host src 192.168.122.1
// Then filter out dev==kube-ipvs0, and cut the unique src IP fields,
// Node IP set: [100.106.89.164, 127.0.0.1, 172.17.0.1, 192.168.122.1]
// Node IP set: [100.106.89.164, 172.17.0.1, 192.168.122.1]
// Note that loopback addresses are excluded.
func (r *realIPGetter) NodeIPs() (ips []net.IP, err error) {
// Pass in empty filter device name for list all LOCAL type addresses.
nodeAddress, err := r.nl.GetLocalAddresses("", DefaultDummyDevice)
@ -309,7 +310,11 @@ func (r *realIPGetter) NodeIPs() (ips []net.IP, err error) {
}
// translate ip string to IP
for _, ipStr := range nodeAddress.UnsortedList() {
ips = append(ips, net.ParseIP(ipStr))
a := net.ParseIP(ipStr)
if a.IsLoopback() {
continue
}
ips = append(ips, a)
}
return ips, nil
}
@ -1131,6 +1136,10 @@ func (proxier *Proxier) syncProxyRules() {
} else {
nodeAddresses = nodeAddrSet.List()
for _, address := range nodeAddresses {
a := net.ParseIP(address)
if a.IsLoopback() {
continue
}
if utilproxy.IsZeroCIDR(address) {
nodeIPs, err = proxier.ipGetter.NodeIPs()
if err != nil {
@ -1138,7 +1147,7 @@ func (proxier *Proxier) syncProxyRules() {
}
break
}
nodeIPs = append(nodeIPs, net.ParseIP(address))
nodeIPs = append(nodeIPs, a)
}
}
}

16
pkg/proxy/ipvs/proxier_test.go
View File

@ -393,12 +393,12 @@ func TestGetNodeIPs(t *testing.T) {
// case 0
{
devAddresses: map[string][]string{"eth0": {"1.2.3.4"}, "lo": {"127.0.0.1"}},
expectIPs: []string{"1.2.3.4", "127.0.0.1"},
expectIPs: []string{"1.2.3.4"},
},
// case 1
{
devAddresses: map[string][]string{"lo": {"127.0.0.1"}},
expectIPs: []string{"127.0.0.1"},
expectIPs: []string{},
},
// case 2
{
@ -408,22 +408,22 @@ func TestGetNodeIPs(t *testing.T) {
// case 3
{
devAddresses: map[string][]string{"encap0": {"10.20.30.40"}, "lo": {"127.0.0.1"}, "docker0": {"172.17.0.1"}},
expectIPs: []string{"10.20.30.40", "127.0.0.1", "172.17.0.1"},
expectIPs: []string{"10.20.30.40", "172.17.0.1"},
},
// case 4
{
devAddresses: map[string][]string{"encaps9": {"10.20.30.40"}, "lo": {"127.0.0.1"}, "encap7": {"10.20.30.31"}},
expectIPs: []string{"10.20.30.40", "127.0.0.1", "10.20.30.31"},
expectIPs: []string{"10.20.30.40", "10.20.30.31"},
},
// case 5
{
devAddresses: map[string][]string{"kube-ipvs0": {"1.2.3.4"}, "lo": {"127.0.0.1"}, "encap7": {"10.20.30.31"}},
expectIPs: []string{"127.0.0.1", "10.20.30.31"},
expectIPs: []string{"10.20.30.31"},
},
// case 6
{
devAddresses: map[string][]string{"kube-ipvs0": {"1.2.3.4", "2.3.4.5"}, "lo": {"127.0.0.1"}},
expectIPs: []string{"127.0.0.1"},
expectIPs: []string{},
},
// case 7
{
@ -433,12 +433,12 @@ func TestGetNodeIPs(t *testing.T) {
// case 8
{
devAddresses: map[string][]string{"kube-ipvs0": {"1.2.3.4", "2.3.4.5"}, "eth5": {"3.4.5.6"}, "lo": {"127.0.0.1"}},
expectIPs: []string{"127.0.0.1", "3.4.5.6"},
expectIPs: []string{"3.4.5.6"},
},
// case 9
{
devAddresses: map[string][]string{"ipvs0": {"1.2.3.4"}, "lo": {"127.0.0.1"}, "encap7": {"10.20.30.31"}},
expectIPs: []string{"127.0.0.1", "10.20.30.31", "1.2.3.4"},
expectIPs: []string{"10.20.30.31", "1.2.3.4"},
},
}