mirror of
https://github.com/k3s-io/kubernetes.git
synced 2026-01-06 16:06:51 +00:00
support configuration of kube-proxy IPVS tcp,tcpfin,udp timeout
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
This commit is contained in:
Andrew Sy Kim
committed by
andrewsykim
andrewsykim
parent
42fe74cd2c
commit
db2c048db9
@@ -327,6 +327,9 @@ func NewProxier(ipt utiliptables.Interface,
|
||||
minSyncPeriod time.Duration,
|
||||
excludeCIDRs []string,
|
||||
strictARP bool,
|
||||
tcpTimeout time.Duration,
|
||||
tcpFinTimeout time.Duration,
|
||||
udpTimeout time.Duration,
|
||||
masqueradeAll bool,
|
||||
masqueradeBit int,
|
||||
clusterCIDR string,
|
||||
@@ -402,6 +405,15 @@ func NewProxier(ipt utiliptables.Interface,
|
||||
}
|
||||
}
|
||||
|
||||
// Configure IPVS timeouts if any one of the timeout parameters have been set.
|
||||
// This is the equivalent to running ipvsadm --set, a value of 0 indicates the
|
||||
// current system timeout should be preserved
|
||||
if tcpTimeout > 0 || tcpFinTimeout > 0 || udpTimeout > 0 {
|
||||
if err := ipvs.ConfigureTimeouts(tcpTimeout, tcpFinTimeout, udpTimeout); err != nil {
|
||||
klog.Warningf("failed to configure IPVS timeouts: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
// Generate the masquerade mark to use for SNAT rules.
|
||||
masqueradeValue := 1 << uint(masqueradeBit)
|
||||
masqueradeMark := fmt.Sprintf("%#08x/%#08x", masqueradeValue, masqueradeValue)
|
||||
@@ -483,6 +495,9 @@ func NewDualStackProxier(
|
||||
minSyncPeriod time.Duration,
|
||||
excludeCIDRs []string,
|
||||
strictARP bool,
|
||||
tcpTimeout time.Duration,
|
||||
tcpFinTimeout time.Duration,
|
||||
udpTimeout time.Duration,
|
||||
masqueradeAll bool,
|
||||
masqueradeBit int,
|
||||
clusterCIDR [2]string,
|
||||
@@ -499,7 +514,8 @@ func NewDualStackProxier(
|
||||
// Create an ipv4 instance of the single-stack proxier
|
||||
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
|
||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
|
||||
masqueradeAll, masqueradeBit, clusterCIDR[0], hostname, nodeIP[0],
|
||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||
clusterCIDR[0], hostname, nodeIP[0],
|
||||
recorder, healthzServer, scheduler, nodePortAddresses)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
||||
@@ -507,7 +523,8 @@ func NewDualStackProxier(
|
||||
|
||||
ipv6Proxier, err := NewProxier(ipt[1], ipvs, safeIpset, sysctl,
|
||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
|
||||
masqueradeAll, masqueradeBit, clusterCIDR[1], hostname, nodeIP[1],
|
||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||
clusterCIDR[1], hostname, nodeIP[1],
|
||||
nil, nil, scheduler, nodePortAddresses)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
||||
|
||||
Reference in New Issue
Block a user