From 3f506cadb040940dffbc40b8aae394bdbdd757f6 Mon Sep 17 00:00:00 2001 From: jornshen Date: Tue, 12 Jan 2021 16:51:36 +0800 Subject: [PATCH] optimize proxier duplicate localaddrset --- pkg/proxy/iptables/proxier.go | 23 +++++++---------------- pkg/proxy/ipvs/proxier.go | 14 +++----------- pkg/proxy/userspace/proxier.go | 15 +++------------ pkg/proxy/util/utils.go | 15 +++++++++++++++ 4 files changed, 28 insertions(+), 39 deletions(-) diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index 78b837c5756..edc963b0524 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -828,21 +828,6 @@ func (proxier *Proxier) syncProxyRules() { klog.V(2).InfoS("syncProxyRules complete", "elapsed", time.Since(start)) }() - localAddrs, err := utilproxy.GetLocalAddrs() - if err != nil { - klog.ErrorS(err, "Failed to get local addresses during proxy sync, assuming external IPs are not local") - } else if len(localAddrs) == 0 { - klog.InfoS("No local addresses found, assuming all external IPs are not local") - } - - localAddrSet := utilnet.IPSet{} - localAddrSet.Insert(localAddrs...) - - nodeAddresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer) - if err != nil { - klog.ErrorS(err, "Failed to get node ip address matching nodeport cidrs, services with nodeport may not work as intended", "CIDRs", proxier.nodePortAddresses) - } - // We assume that if this was called, we really want to sync them, // even if nothing changed in the meantime. In other words, callers are // responsible for detecting no-op changes and not calling this function. @@ -903,7 +888,7 @@ func (proxier *Proxier) syncProxyRules() { // This will be a map of chain name to chain with rules as stored in iptables-save/iptables-restore existingFilterChains := make(map[utiliptables.Chain][]byte) proxier.existingFilterChainsData.Reset() - err = proxier.iptables.SaveInto(utiliptables.TableFilter, proxier.existingFilterChainsData) + err := proxier.iptables.SaveInto(utiliptables.TableFilter, proxier.existingFilterChainsData) if err != nil { // if we failed to get any rules klog.ErrorS(err, "Failed to execute iptables-save, syncing all rules") } else { // otherwise parse the output @@ -1007,6 +992,12 @@ func (proxier *Proxier) syncProxyRules() { proxier.endpointChainsNumber += len(proxier.endpointsMap[svcName]) } + localAddrSet := utilproxy.GetLocalAddrSet() + nodeAddresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer) + if err != nil { + klog.ErrorS(err, "Failed to get node ip address matching nodeport cidrs, services with nodeport may not work as intended", "CIDRs", proxier.nodePortAddresses) + } + // Build rules for each service. for svcName, svc := range proxier.serviceMap { svcInfo, ok := svc.(*serviceInfo) diff --git a/pkg/proxy/ipvs/proxier.go b/pkg/proxy/ipvs/proxier.go index 2705b1657b9..c7ffed34a8e 100644 --- a/pkg/proxy/ipvs/proxier.go +++ b/pkg/proxy/ipvs/proxier.go @@ -1037,16 +1037,6 @@ func (proxier *Proxier) syncProxyRules() { klog.V(4).Infof("syncProxyRules took %v", time.Since(start)) }() - localAddrs, err := utilproxy.GetLocalAddrs() - if err != nil { - klog.Errorf("Failed to get local addresses during proxy sync: %v, assuming external IPs are not local", err) - } else if len(localAddrs) == 0 { - klog.Warning("No local addresses found, assuming all external IPs are not local") - } - - localAddrSet := utilnet.IPSet{} - localAddrSet.Insert(localAddrs...) - // We assume that if this was called, we really want to sync them, // even if nothing changed in the meantime. In other words, callers are // responsible for detecting no-op changes and not calling this function. @@ -1083,7 +1073,7 @@ func (proxier *Proxier) syncProxyRules() { proxier.createAndLinkKubeChain() // make sure dummy interface exists in the system where ipvs Proxier will bind service address on it - _, err = proxier.netlinkHandle.EnsureDummyDevice(DefaultDummyDevice) + _, err := proxier.netlinkHandle.EnsureDummyDevice(DefaultDummyDevice) if err != nil { klog.Errorf("Failed to create dummy interface: %s, error: %v", DefaultDummyDevice, err) return @@ -1159,6 +1149,8 @@ func (proxier *Proxier) syncProxyRules() { // reset slice to filtered entries nodeIPs = nodeIPs[:idx] + localAddrSet := utilproxy.GetLocalAddrSet() + // Build IPVS rules for each service. for svcName, svc := range proxier.serviceMap { svcInfo, ok := svc.(*serviceInfo) diff --git a/pkg/proxy/userspace/proxier.go b/pkg/proxy/userspace/proxier.go index 71076129f9d..32bd5e56684 100644 --- a/pkg/proxy/userspace/proxier.go +++ b/pkg/proxy/userspace/proxier.go @@ -395,16 +395,7 @@ func (proxier *Proxier) syncProxyRules() { proxier.unmergeService(change.previous, existingPorts) } - localAddrs, err := utilproxy.GetLocalAddrs() - if err != nil { - klog.Errorf("Failed to get local addresses during proxy sync: %s, assuming IPs are not local", err) - } else if len(localAddrs) == 0 { - klog.Warning("No local addresses were found, assuming all external IPs are not local") - } - - localAddrSet := netutils.IPSet{} - localAddrSet.Insert(localAddrs...) - proxier.localAddrs = localAddrSet + proxier.localAddrs = utilproxy.GetLocalAddrSet() proxier.ensurePortals() proxier.cleanupStaleStickySessions() @@ -769,7 +760,7 @@ func (proxier *Proxier) openPortal(service proxy.ServicePortName, info *ServiceI } func (proxier *Proxier) openOnePortal(portal portal, protocol v1.Protocol, proxyIP net.IP, proxyPort int, name proxy.ServicePortName) error { - if proxier.localAddrs.Len() > 0 && proxier.localAddrs.Has(portal.ip) { + if proxier.localAddrs.Has(portal.ip) { err := proxier.claimNodePort(portal.ip, portal.port, protocol, name) if err != nil { return err @@ -945,7 +936,7 @@ func (proxier *Proxier) closePortal(service proxy.ServicePortName, info *Service func (proxier *Proxier) closeOnePortal(portal portal, protocol v1.Protocol, proxyIP net.IP, proxyPort int, name proxy.ServicePortName) []error { el := []error{} - if proxier.localAddrs.Len() > 0 && proxier.localAddrs.Has(portal.ip) { + if proxier.localAddrs.Has(portal.ip) { if err := proxier.releaseNodePort(portal.ip, portal.port, protocol, name); err != nil { el = append(el, err) } diff --git a/pkg/proxy/util/utils.go b/pkg/proxy/util/utils.go index 56752b3722b..4243b34c626 100644 --- a/pkg/proxy/util/utils.go +++ b/pkg/proxy/util/utils.go @@ -156,6 +156,21 @@ func GetLocalAddrs() ([]net.IP, error) { return localAddrs, nil } +// GetLocalAddrSet return a local IPSet. +// If failed to get local addr, will assume no local ips. +func GetLocalAddrSet() utilnet.IPSet { + localAddrs, err := GetLocalAddrs() + if err != nil { + klog.ErrorS(err, "Failed to get local addresses assuming no local IPs", err) + } else if len(localAddrs) == 0 { + klog.InfoS("No local addresses were found") + } + + localAddrSet := utilnet.IPSet{} + localAddrSet.Insert(localAddrs...) + return localAddrSet +} + // ShouldSkipService checks if a given service should skip proxying func ShouldSkipService(service *v1.Service) bool { // if ClusterIP is "None" or empty, skip proxying