Improve EndpointController's handling of headless services under dual-stack

EndpointController was accidentally requiring all headless services to be IPv4-only in clusters with IPv6DualStack enabled. This still leaves "legacy" (ie, IPFamily-less) headless services as always IPv4-only because the controller doesn't currently have easy access to the information that would allow it to fix that. (EndpointSliceController had the same problem already, and still does.) This can be fixed, if needed, by manually setting IPFamily, and the proposed API for 1.20 will handle this situation better.
2025-09-21 01:50:55 +00:00 · 2020-05-24 17:48:59 -04:00
parent 9023d19c57
commit e46572ef4b
6 changed files with 39 additions and 32 deletions
--- a/pkg/controller/endpoint/endpoints_controller.go
+++ b/pkg/controller/endpoint/endpoints_controller.go
@@ -215,19 +215,13 @@ func podToEndpointAddressForService(svc *v1.Service, pod *v1.Pod) (*v1.EndpointA
 	var endpointIP string

 	if !utilfeature.DefaultFeatureGate.Enabled(features.IPv6DualStack) {
+		// In a legacy cluster, the pod IP is guaranteed to be usable
 		endpointIP = pod.Status.PodIP
 	} else {
-		// api-server service controller ensured that the service got the correct IP Family
-		// according to user setup, here we only need to match EndPoint IPs' family to service
-		// actual IP family. as in, we don't need to check service.IPFamily
-
-		ipv6ClusterIP := utilnet.IsIPv6String(svc.Spec.ClusterIP)
+		ipv6Service := endpointutil.IsIPv6Service(svc)
 		for _, podIP := range pod.Status.PodIPs {
 			ipv6PodIP := utilnet.IsIPv6String(podIP.IP)
-			// same family?
-			// TODO (khenidak) when we remove the max of 2 PodIP limit from pods
-			// we will have to return multiple endpoint addresses
-			if ipv6ClusterIP == ipv6PodIP {
+			if ipv6Service == ipv6PodIP {
 				endpointIP = podIP.IP
 				break
 			}
--- a/pkg/controller/endpoint/endpoints_controller_test.go
+++ b/pkg/controller/endpoint/endpoints_controller_test.go
@@ -1249,21 +1249,21 @@ func TestPodToEndpointAddressForService(t *testing.T) {

 			expectedEndpointFamily: ipv6,
 		},
-		// {
-		// 	name: "v6 headless service, in a dual stack cluster",
-		//
-		// 	enableDualStack: true,
-		// 	ipFamilies:      ipv4ipv6,
-		//
-		// 	service: v1.Service{
-		// 		Spec: v1.ServiceSpec{
-		// 			ClusterIP: v1.ClusterIPNone,
-		// 			IPFamily:  &ipv6,
-		// 		},
-		// 	},
-		//
-		// 	expectedEndpointFamily: ipv6,
-		// },
+		{
+			name: "v6 headless service, in a dual stack cluster",
+
+			enableDualStack: true,
+			ipFamilies:      ipv4ipv6,
+
+			service: v1.Service{
+				Spec: v1.ServiceSpec{
+					ClusterIP: v1.ClusterIPNone,
+					IPFamily:  &ipv6,
+				},
+			},
+
+			expectedEndpointFamily: ipv6,
+		},
 		{
 			name: "v6 legacy headless service, in a dual stack cluster",