diff --git a/cmd/kube-proxy/app/server.go b/cmd/kube-proxy/app/server.go index 8a6f3d82568..200a035ad43 100644 --- a/cmd/kube-proxy/app/server.go +++ b/cmd/kube-proxy/app/server.go @@ -19,7 +19,6 @@ limitations under the License. package app import ( - "errors" goflag "flag" "fmt" "net" @@ -75,9 +74,6 @@ import ( "k8s.io/kubernetes/pkg/proxy/apis/config/validation" "k8s.io/kubernetes/pkg/proxy/config" "k8s.io/kubernetes/pkg/proxy/healthcheck" - "k8s.io/kubernetes/pkg/proxy/iptables" - "k8s.io/kubernetes/pkg/proxy/ipvs" - "k8s.io/kubernetes/pkg/proxy/userspace" proxyutil "k8s.io/kubernetes/pkg/proxy/util" "k8s.io/kubernetes/pkg/util/filesystem" utilflag "k8s.io/kubernetes/pkg/util/flag" @@ -90,17 +86,9 @@ import ( utilpointer "k8s.io/utils/pointer" ) -const ( - proxyModeUserspace = "userspace" - proxyModeIPTables = "iptables" - proxyModeIPVS = "ipvs" - proxyModeKernelspace = "kernelspace" //nolint:deadcode,varcheck -) - // proxyRun defines the interface to run a specified ProxyServer type proxyRun interface { Run() error - CleanupAndExit() error } // Options contains everything necessary to create and run a proxy server. @@ -314,15 +302,15 @@ func (o *Options) Run() error { return o.writeConfigFile() } + if o.CleanupAndExit { + return cleanupAndExit() + } + proxyServer, err := NewProxyServer(o) if err != nil { return err } - if o.CleanupAndExit { - return proxyServer.CleanupAndExit() - } - o.proxyServer = proxyServer return o.runLoop() } @@ -545,7 +533,7 @@ type ProxyServer struct { Recorder events.EventRecorder ConntrackConfiguration kubeproxyconfig.KubeProxyConntrackConfiguration Conntracker Conntracker // if nil, ignored - ProxyMode string + ProxyMode kubeproxyconfig.ProxyMode NodeRef *v1.ObjectReference MetricsBindAddress string BindAddressHardFail bool @@ -616,7 +604,7 @@ func serveHealthz(hz healthcheck.ProxierHealthUpdater, errCh chan error) { go wait.Until(fn, 5*time.Second, wait.NeverStop) } -func serveMetrics(bindAddress, proxyMode string, enableProfiling bool, errCh chan error) { +func serveMetrics(bindAddress string, proxyMode kubeproxyconfig.ProxyMode, enableProfiling bool, errCh chan error) { if len(bindAddress) == 0 { return } @@ -815,27 +803,6 @@ func getConntrackMax(config kubeproxyconfig.KubeProxyConntrackConfiguration) (in return 0, nil } -// CleanupAndExit remove iptables rules and ipset/ipvs rules in ipvs proxy mode -// and exit if success return nil -func (s *ProxyServer) CleanupAndExit() error { - // cleanup IPv6 and IPv4 iptables rules - ipts := []utiliptables.Interface{ - utiliptables.New(s.execer, utiliptables.ProtocolIPv4), - utiliptables.New(s.execer, utiliptables.ProtocolIPv6), - } - var encounteredError bool - for _, ipt := range ipts { - encounteredError = userspace.CleanupLeftovers(ipt) || encounteredError - encounteredError = iptables.CleanupLeftovers(ipt) || encounteredError - encounteredError = ipvs.CleanupLeftovers(s.IpvsInterface, ipt, s.IpsetInterface) || encounteredError - } - if encounteredError { - return errors.New("encountered an error while tearing down rules") - } - - return nil -} - // detectNodeIP returns the nodeIP used by the proxier // The order of precedence is: // 1. config.bindAddress if bindAddress is not 0.0.0.0 or :: diff --git a/cmd/kube-proxy/app/server_others.go b/cmd/kube-proxy/app/server_others.go index 8a5d580f93d..f203f87a738 100644 --- a/cmd/kube-proxy/app/server_others.go +++ b/cmd/kube-proxy/app/server_others.go @@ -43,7 +43,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" utilnet "k8s.io/apimachinery/pkg/util/net" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientset "k8s.io/client-go/kubernetes" toolswatch "k8s.io/client-go/tools/watch" "k8s.io/component-base/configz" @@ -74,12 +73,11 @@ var timeoutForNodePodCIDR = 5 * time.Minute // NewProxyServer returns a new ProxyServer. func NewProxyServer(o *Options) (*ProxyServer, error) { - return newProxyServer(o.config, o.CleanupAndExit, o.master) + return newProxyServer(o.config, o.master) } func newProxyServer( config *proxyconfigapi.KubeProxyConfiguration, - cleanupAndExit bool, master string) (*ProxyServer, error) { if config == nil { @@ -92,34 +90,9 @@ func newProxyServer( return nil, fmt.Errorf("unable to register configz: %s", err) } - var iptInterface utiliptables.Interface var ipvsInterface utilipvs.Interface - var kernelHandler ipvs.KernelHandler var ipsetInterface utilipset.Interface - // Create a iptables utils. - execer := exec.New() - - kernelHandler = ipvs.NewLinuxKernelHandler() - ipsetInterface = utilipset.New(execer) - canUseIPVS, err := ipvs.CanUseIPVSProxier(kernelHandler, ipsetInterface, config.IPVS.Scheduler) - if string(config.Mode) == proxyModeIPVS && err != nil { - klog.ErrorS(err, "Can't use the IPVS proxier") - } - - if canUseIPVS { - ipvsInterface = utilipvs.New() - } - - // We omit creation of pretty much everything if we run in cleanup mode - if cleanupAndExit { - return &ProxyServer{ - execer: execer, - IpvsInterface: ipvsInterface, - IpsetInterface: ipsetInterface, - }, nil - } - if len(config.ShowHiddenMetricsForVersion) > 0 { metrics.SetShowHidden() } @@ -156,7 +129,7 @@ func newProxyServer( var proxier proxy.Provider var detectLocalMode proxyconfigapi.LocalMode - proxyMode := getProxyMode(string(config.Mode), canUseIPVS, iptables.LinuxKernelCompatTester{}) + proxyMode := getProxyMode(config.Mode) detectLocalMode, err = getDetectLocalMode(config) if err != nil { return nil, fmt.Errorf("cannot determine detect-local-mode: %v", err) @@ -178,12 +151,13 @@ func newProxyServer( if netutils.IsIPv6(nodeIP) { primaryProtocol = utiliptables.ProtocolIPv6 } - iptInterface = utiliptables.New(execer, primaryProtocol) + execer := exec.New() + iptInterface := utiliptables.New(execer, primaryProtocol) var ipt [2]utiliptables.Interface dualStack := true // While we assume that node supports, we do further checks below - if proxyMode != proxyModeUserspace { + if proxyMode != proxyconfigapi.ProxyModeUserspace { // Create iptables handlers for both families, one is already created // Always ordered as IPv4, IPv6 if primaryProtocol == utiliptables.ProtocolIPv4 { @@ -202,7 +176,7 @@ func newProxyServer( } } - if proxyMode == proxyModeIPTables { + if proxyMode == proxyconfigapi.ProxyModeIPTables { klog.V(0).InfoS("Using iptables Proxier") if config.IPTables.MasqueradeBit == nil { // MasqueradeBit must be specified or defaulted. @@ -265,7 +239,14 @@ func newProxyServer( return nil, fmt.Errorf("unable to create proxier: %v", err) } proxymetrics.RegisterMetrics() - } else if proxyMode == proxyModeIPVS { + } else if proxyMode == proxyconfigapi.ProxyModeIPVS { + kernelHandler := ipvs.NewLinuxKernelHandler() + ipsetInterface = utilipset.New(execer) + if err := ipvs.CanUseIPVSProxier(kernelHandler, ipsetInterface, config.IPVS.Scheduler); err != nil { + return nil, fmt.Errorf("can't use the IPVS proxier: %v", err) + } + ipvsInterface = utilipvs.New() + klog.V(0).InfoS("Using ipvs Proxier") if dualStack { klog.V(0).InfoS("Creating dualStackProxier for ipvs") @@ -361,7 +342,7 @@ func newProxyServer( } useEndpointSlices := true - if proxyMode == proxyModeUserspace { + if proxyMode == proxyconfigapi.ProxyModeUserspace { // userspace mode doesn't support endpointslice. useEndpointSlices = false } @@ -566,40 +547,37 @@ func cidrTuple(cidrList string) [2]string { return cidrs } -func getProxyMode(proxyMode string, canUseIPVS bool, kcompat iptables.KernelCompatTester) string { - switch proxyMode { - case proxyModeUserspace: - return proxyModeUserspace - case proxyModeIPTables: - return tryIPTablesProxy(kcompat) - case proxyModeIPVS: - return tryIPVSProxy(canUseIPVS, kcompat) +func getProxyMode(proxyMode proxyconfigapi.ProxyMode) proxyconfigapi.ProxyMode { + if proxyMode == "" { + klog.InfoS("Using iptables proxy") + return proxyconfigapi.ProxyModeIPTables + } else { + return proxyMode } - klog.InfoS("Unknown proxy mode, assuming iptables proxy", "proxyMode", proxyMode) - return tryIPTablesProxy(kcompat) } -func tryIPVSProxy(canUseIPVS bool, kcompat iptables.KernelCompatTester) string { - if canUseIPVS { - return proxyModeIPVS +// cleanupAndExit remove iptables rules and ipset/ipvs rules +func cleanupAndExit() error { + execer := exec.New() + + // cleanup IPv6 and IPv4 iptables rules, regardless of current configuration + ipts := []utiliptables.Interface{ + utiliptables.New(execer, utiliptables.ProtocolIPv4), + utiliptables.New(execer, utiliptables.ProtocolIPv6), } - // Try to fallback to iptables before falling back to userspace - klog.V(1).InfoS("Can't use ipvs proxier, trying iptables proxier") - return tryIPTablesProxy(kcompat) -} + ipsetInterface := utilipset.New(execer) + ipvsInterface := utilipvs.New() -func tryIPTablesProxy(kcompat iptables.KernelCompatTester) string { - // guaranteed false on error, error only necessary for debugging - useIPTablesProxy, err := iptables.CanUseIPTablesProxier(kcompat) - if err != nil { - utilruntime.HandleError(fmt.Errorf("can't determine whether to use iptables proxy, using userspace proxier: %v", err)) - return proxyModeUserspace + var encounteredError bool + for _, ipt := range ipts { + encounteredError = userspace.CleanupLeftovers(ipt) || encounteredError + encounteredError = iptables.CleanupLeftovers(ipt) || encounteredError + encounteredError = ipvs.CleanupLeftovers(ipvsInterface, ipt, ipsetInterface) || encounteredError } - if useIPTablesProxy { - return proxyModeIPTables + if encounteredError { + return errors.New("encountered an error while tearing down rules") } - // Fallback. - klog.V(1).InfoS("Can't use iptables proxy, using userspace proxier") - return proxyModeUserspace + + return nil } diff --git a/cmd/kube-proxy/app/server_others_test.go b/cmd/kube-proxy/app/server_others_test.go index 9e20d10d786..fcaffde4ce3 100644 --- a/cmd/kube-proxy/app/server_others_test.go +++ b/cmd/kube-proxy/app/server_others_test.go @@ -20,7 +20,6 @@ limitations under the License. package app import ( - "fmt" "net" "reflect" "testing" @@ -32,154 +31,11 @@ import ( clientsetfake "k8s.io/client-go/kubernetes/fake" proxyconfigapi "k8s.io/kubernetes/pkg/proxy/apis/config" - "k8s.io/kubernetes/pkg/proxy/ipvs" proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables" utiliptables "k8s.io/kubernetes/pkg/util/iptables" utiliptablestest "k8s.io/kubernetes/pkg/util/iptables/testing" ) -type fakeIPSetVersioner struct { - version string // what to return - err error // what to return -} - -func (fake *fakeIPSetVersioner) GetVersion() (string, error) { - return fake.version, fake.err -} - -type fakeKernelCompatTester struct { - ok bool -} - -func (fake *fakeKernelCompatTester) IsCompatible() error { - if !fake.ok { - return fmt.Errorf("error") - } - return nil -} - -// fakeKernelHandler implements KernelHandler. -type fakeKernelHandler struct { - modules []string - kernelVersion string -} - -func (fake *fakeKernelHandler) GetModules() ([]string, error) { - return fake.modules, nil -} - -func (fake *fakeKernelHandler) GetKernelVersion() (string, error) { - return fake.kernelVersion, nil -} - -func Test_getProxyMode(t *testing.T) { - var cases = []struct { - flag string - ipsetVersion string - kmods []string - kernelVersion string - kernelCompat bool - ipsetError error - expected string - scheduler string - }{ - { // flag says userspace - flag: "userspace", - expected: proxyModeUserspace, - }, - { // flag says iptables, kernel not compatible - flag: "iptables", - kernelCompat: false, - expected: proxyModeUserspace, - }, - { // flag says iptables, kernel is compatible - flag: "iptables", - kernelCompat: true, - expected: proxyModeIPTables, - }, - { // detect, kernel not compatible - flag: "", - kernelCompat: false, - expected: proxyModeUserspace, - }, - { // detect, kernel is compatible - flag: "", - kernelCompat: true, - expected: proxyModeIPTables, - }, - { // flag says ipvs, ipset version ok, kernel modules installed for linux kernel before 4.19 - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack_ipv4"}, - kernelVersion: "4.18", - ipsetVersion: ipvs.MinIPSetCheckVersion, - expected: proxyModeIPVS, - scheduler: "rr", - }, - { // flag says ipvs, ipset version ok, kernel modules installed for linux kernel 4.19 - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack"}, - kernelVersion: "4.19", - ipsetVersion: ipvs.MinIPSetCheckVersion, - expected: proxyModeIPVS, - scheduler: "rr", - }, - { // flag says ipvs, ipset version too low, fallback on iptables mode - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack"}, - kernelVersion: "4.19", - ipsetVersion: "0.0", - kernelCompat: true, - expected: proxyModeIPTables, - }, - { // flag says ipvs, bad ipset version, fallback on iptables mode - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack"}, - kernelVersion: "4.19", - ipsetVersion: "a.b.c", - kernelCompat: true, - expected: proxyModeIPTables, - }, - { // flag says ipvs, required kernel modules are not installed, fallback on iptables mode - flag: "ipvs", - kmods: []string{"foo", "bar", "baz"}, - kernelVersion: "4.19", - ipsetVersion: ipvs.MinIPSetCheckVersion, - kernelCompat: true, - expected: proxyModeIPTables, - }, - { // flag says ipvs, ipset version ok, kernel modules installed for sed scheduler - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack", "ip_vs_sed"}, - kernelVersion: "4.19", - ipsetVersion: ipvs.MinIPSetCheckVersion, - expected: proxyModeIPVS, - scheduler: "sed", - }, - { // flag says ipvs, kernel modules not installed for sed scheduler, fallback to iptables - flag: "ipvs", - kmods: []string{"ip_vs", "ip_vs_rr", "ip_vs_wrr", "ip_vs_sh", "nf_conntrack"}, - kernelVersion: "4.19", - ipsetVersion: ipvs.MinIPSetCheckVersion, - expected: proxyModeIPTables, - kernelCompat: true, - scheduler: "sed", - }, - } - for i, c := range cases { - kcompater := &fakeKernelCompatTester{c.kernelCompat} - ipsetver := &fakeIPSetVersioner{c.ipsetVersion, c.ipsetError} - khandler := &fakeKernelHandler{ - modules: c.kmods, - kernelVersion: c.kernelVersion, - } - canUseIPVS, _ := ipvs.CanUseIPVSProxier(khandler, ipsetver, cases[i].scheduler) - r := getProxyMode(c.flag, canUseIPVS, kcompater) - if r != c.expected { - t.Errorf("Case[%d] Expected %q, got %q", i, c.expected, r) - } - } -} - func Test_getDetectLocalMode(t *testing.T) { cases := []struct { detectLocal string diff --git a/cmd/kube-proxy/app/server_windows.go b/cmd/kube-proxy/app/server_windows.go index b26f8e328e2..836b95a0f25 100644 --- a/cmd/kube-proxy/app/server_windows.go +++ b/cmd/kube-proxy/app/server_windows.go @@ -52,10 +52,10 @@ import ( // NewProxyServer returns a new ProxyServer. func NewProxyServer(o *Options) (*ProxyServer, error) { - return newProxyServer(o.config, o.CleanupAndExit, o.master) + return newProxyServer(o.config, o.master) } -func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExit bool, master string) (*ProxyServer, error) { +func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, master string) (*ProxyServer, error) { if config == nil { return nil, errors.New("config is required") } @@ -66,11 +66,6 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi return nil, fmt.Errorf("unable to register configz: %s", err) } - // We omit creation of pretty much everything if we run in cleanup mode - if cleanupAndExit { - return &ProxyServer{}, nil - } - if len(config.ShowHiddenMetricsForVersion) > 0 { metrics.SetShowHidden() } @@ -107,9 +102,9 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi } var proxier proxy.Provider - proxyMode := getProxyMode(string(config.Mode), winkernel.WindowsKernelCompatTester{}) + proxyMode := getProxyMode(config.Mode, winkernel.WindowsKernelCompatTester{}) dualStackMode := getDualStackMode(config.Winkernel.NetworkName, winkernel.DualStackCompatTester{}) - if proxyMode == proxyModeKernelspace { + if proxyMode == proxyconfigapi.ProxyModeKernelspace { klog.V(0).InfoS("Using Kernelspace Proxier.") if dualStackMode { klog.V(0).InfoS("Creating dualStackProxier for Windows kernel.") @@ -171,7 +166,7 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi } } useEndpointSlices := true - if proxyMode == proxyModeUserspace { + if proxyMode == proxyconfigapi.ProxyModeUserspace { // userspace mode doesn't support endpointslice. useEndpointSlices = false } @@ -197,18 +192,18 @@ func getDualStackMode(networkname string, compatTester winkernel.StackCompatTest return compatTester.DualStackCompatible(networkname) } -func getProxyMode(proxyMode string, kcompat winkernel.KernelCompatTester) string { - if proxyMode == proxyModeKernelspace { +func getProxyMode(proxyMode proxyconfigapi.ProxyMode, kcompat winkernel.KernelCompatTester) proxyconfigapi.ProxyMode { + if proxyMode == proxyconfigapi.ProxyModeKernelspace { return tryWinKernelSpaceProxy(kcompat) } - return proxyModeUserspace + return proxyconfigapi.ProxyModeUserspace } func detectNumCPU() int { return goruntime.NumCPU() } -func tryWinKernelSpaceProxy(kcompat winkernel.KernelCompatTester) string { +func tryWinKernelSpaceProxy(kcompat winkernel.KernelCompatTester) proxyconfigapi.ProxyMode { // Check for Windows Kernel Version if we can support Kernel Space proxy // Check for Windows Version @@ -216,12 +211,17 @@ func tryWinKernelSpaceProxy(kcompat winkernel.KernelCompatTester) string { useWinKernelProxy, err := winkernel.CanUseWinKernelProxier(kcompat) if err != nil { klog.ErrorS(err, "Can't determine whether to use windows kernel proxy, using userspace proxier") - return proxyModeUserspace + return proxyconfigapi.ProxyModeUserspace } if useWinKernelProxy { - return proxyModeKernelspace + return proxyconfigapi.ProxyModeKernelspace } // Fallback. klog.V(1).InfoS("Can't use winkernel proxy, using userspace proxier") - return proxyModeUserspace + return proxyconfigapi.ProxyModeUserspace +} + +// cleanupAndExit cleans up after a previous proxy run +func cleanupAndExit() error { + return errors.New("--cleanup-and-exit is not implemented on Windows") } diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index a5c9f695639..1cc9dfb5055 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -85,34 +85,6 @@ const ( largeClusterEndpointsThreshold = 1000 ) -// KernelCompatTester tests whether the required kernel capabilities are -// present to run the iptables proxier. -type KernelCompatTester interface { - IsCompatible() error -} - -// CanUseIPTablesProxier returns true if we should use the iptables Proxier -// instead of the "classic" userspace Proxier. -func CanUseIPTablesProxier(kcompat KernelCompatTester) (bool, error) { - if err := kcompat.IsCompatible(); err != nil { - return false, err - } - return true, nil -} - -var _ KernelCompatTester = LinuxKernelCompatTester{} - -// LinuxKernelCompatTester is the Linux implementation of KernelCompatTester -type LinuxKernelCompatTester struct{} - -// IsCompatible checks for the required sysctls. We don't care about the value, just -// that it exists. If this Proxier is chosen, we'll initialize it as we -// need. -func (lkct LinuxKernelCompatTester) IsCompatible() error { - _, err := utilsysctl.New().GetSysctl(sysctlRouteLocalnet) - return err -} - const sysctlRouteLocalnet = "net/ipv4/conf/all/route_localnet" const sysctlBridgeCallIPTables = "net/bridge/bridge-nf-call-iptables" diff --git a/pkg/proxy/ipvs/proxier.go b/pkg/proxy/ipvs/proxier.go index de9348e5ec4..be72cc9ce2f 100644 --- a/pkg/proxy/ipvs/proxier.go +++ b/pkg/proxy/ipvs/proxier.go @@ -706,25 +706,25 @@ func (handle *LinuxKernelHandler) GetKernelVersion() (string, error) { return strings.TrimSpace(string(fileContent)), nil } -// CanUseIPVSProxier returns true if we can use the ipvs Proxier. +// CanUseIPVSProxier checks if we can use the ipvs Proxier. // This is determined by checking if all the required kernel modules can be loaded. It may // return an error if it fails to get the kernel modules information without error, in which // case it will also return false. -func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner, scheduler string) (bool, error) { +func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner, scheduler string) error { mods, err := handle.GetModules() if err != nil { - return false, fmt.Errorf("error getting installed ipvs required kernel modules: %v", err) + return fmt.Errorf("error getting installed ipvs required kernel modules: %v", err) } loadModules := sets.NewString() loadModules.Insert(mods...) kernelVersionStr, err := handle.GetKernelVersion() if err != nil { - return false, fmt.Errorf("error determining kernel version to find required kernel modules for ipvs support: %v", err) + return fmt.Errorf("error determining kernel version to find required kernel modules for ipvs support: %v", err) } kernelVersion, err := version.ParseGeneric(kernelVersionStr) if err != nil { - return false, fmt.Errorf("error parsing kernel version %q: %v", kernelVersionStr, err) + return fmt.Errorf("error parsing kernel version %q: %v", kernelVersionStr, err) } mods = utilipvs.GetRequiredIPVSModules(kernelVersion) wantModules := sets.NewString() @@ -751,18 +751,18 @@ func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner, scheduler } if len(missingMods) != 0 { - return false, fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", missingMods) + return fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", missingMods) } // Check ipset version versionString, err := ipsetver.GetVersion() if err != nil { - return false, fmt.Errorf("error getting ipset version, error: %v", err) + return fmt.Errorf("error getting ipset version, error: %v", err) } if !checkMinVersion(versionString) { - return false, fmt.Errorf("ipset version: %s is less than min required version: %s", versionString, MinIPSetCheckVersion) + return fmt.Errorf("ipset version: %s is less than min required version: %s", versionString, MinIPSetCheckVersion) } - return true, nil + return nil } // CleanupIptablesLeftovers removes all iptables rules and chains created by the Proxier diff --git a/pkg/proxy/ipvs/proxier_test.go b/pkg/proxy/ipvs/proxier_test.go index e0871f37142..1cc9b65596d 100644 --- a/pkg/proxy/ipvs/proxier_test.go +++ b/pkg/proxy/ipvs/proxier_test.go @@ -364,9 +364,9 @@ func TestCanUseIPVSProxier(t *testing.T) { for i := range testCases { handle := &fakeKernelHandler{modules: testCases[i].mods, kernelVersion: testCases[i].kernelVersion} versioner := &fakeIPSetVersioner{version: testCases[i].ipsetVersion, err: testCases[i].ipsetErr} - ok, err := CanUseIPVSProxier(handle, versioner, testCases[i].scheduler) - if ok != testCases[i].ok { - t.Errorf("Case [%d], expect %v, got %v: err: %v", i, testCases[i].ok, ok, err) + err := CanUseIPVSProxier(handle, versioner, testCases[i].scheduler) + if (err == nil) != testCases[i].ok { + t.Errorf("Case [%d], expect %v, got err: %v", i, testCases[i].ok, err) } } }