github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-20 10:20:51 +00:00
Code Issues Projects Releases Wiki Activity

Fix kube-proxy dual-stack-iptables-binary-presence check

Browse Source 
Kube-proxy was checking that iptables supports both IPv4 and IPv6 and
falling back to single-stack if not. But it always fell back to the
primary IP family, regardless of which family iptables supported...
Fix it so that if the primary IP family isn't supported then it bails
out entirely.
This commit is contained in:
Dan Winship 2022-12-22 14:57:14 -05:00
parent 4e70155dbd
commit fb84c4f0f0
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/kube-proxy/app/server_others.go
View File

@ -165,12 +165,12 @@ func newProxyServer(
ipt[1] = iptInterface
}
for _, perFamilyIpt := range ipt {
if !perFamilyIpt.Present() {
klog.InfoS("kube-proxy running in single-stack mode, this ipFamily is not supported", "ipFamily", perFamilyIpt.Protocol())
if !ipt[0].Present() {
return nil, fmt.Errorf("iptables is not supported for primary IP family %q", primaryProtocol)
} else if !ipt[1].Present() {
klog.InfoS("kube-proxy running in single-stack mode: secondary ipFamily is not supported", "ipFamily", ipt[1].Protocol())
dualStack = false
}
}
if proxyMode == proxyconfigapi.ProxyModeIPTables {
klog.InfoS("Using iptables Proxier")