upstream/kubernetes
1
0
Fork 0
mirror of https://github.com/kubernetes/kubernetes.git synced 2026-03-11 11:00:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
kubernetes/pkg/proxy
History
Kubernetes Submit Queue 4492337dbf
Merge pull request #65803 from honkiko/ipvs-add-addrtype-match 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

ipvs: add addrtype match for nodeport

**What this PR does / why we need it**:
before this PR:
```
-A KUBE-SERVICES -m comment --comment "Kubernetes nodeport TCP port for masquerade purpose" -m set --match-set KUBE-NODE-PORT-TCP dst -j KUBE-NODE-PORT
-A KUBE-SERVICES -m comment --comment "Kubernetes service cluster ip + port for masquerade purpose" -m set --match-set KUBE-CLUSTER-IP dst,dst -j KUBE-MARK-MASQ
-A KUBE-SERVICES -m set --match-set KUBE-CLUSTER-IP dst,dst -j ACCEPT
-A KUBE-NODE-PORT -p tcp -m comment --comment "Kubernetes nodeport TCP port with externalTrafficPolicy=local" -m set --match-set KUBE-NODE-PORT-LOCAL-TCP dst -j RETURN
-A KUBE-NODE-PORT -j KUBE-MARK-MASQ
```
after this PR:
```
-A KUBE-NODE-PORT -p tcp -m comment --comment "Kubernetes nodeport TCP port with externalTrafficPolicy=local" -m set --match-set KUBE-NODE-PORT-LOCAL-TCP dst -j RETURN
-A KUBE-NODE-PORT -p tcp -m comment --comment "Kubernetes nodeport TCP port for masquerade purpose" -m set --match-set KUBE-NODE-PORT-TCP dst -j KUBE-MARK-MASQ
-A KUBE-SERVICES -m comment --comment "Kubernetes service cluster ip + port for masquerade purpose" -m set --match-set KUBE-CLUSTER-IP dst,dst -j KUBE-MARK-MASQ
-A KUBE-SERVICES -m set --match-set KUBE-CLUSTER-IP dst,dst -j ACCEPT
-A KUBE-SERVICES -m addrtype --dst-type LOCAL -j KUBE-NODE-PORT
```

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #65459

**Special notes for your reviewer**:
manually tested cases:
- ClusterIP distributed to pod on same node
- ClusterIP distributed to pod on other node
- NodePort distributed to pod on same node
- NodePort distributed to pod on other node

**Release note**:

```release-note

```
2018-08-13 00:28:43 -07:00
..
apis/kubeproxyconfig make package name match all the import aliases 2018-08-01 15:31:12 -04:00
config Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
healthcheck Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
iptables fix spell 2018-07-14 10:05:56 +08:00
ipvs Merge pull request #65803 from honkiko/ipvs-add-addrtype-match 2018-08-13 00:28:43 -07:00
metrics add proxy metrics in app level 2017-10-16 21:10:51 +08:00
userspace reuse iptablesContainerPortalArgs 2018-07-23 11:35:16 +08:00
util Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
winkernel fix spell 2018-07-14 10:05:56 +08:00
winuserspace Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
BUILD Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
doc.go Use Go canonical import paths 2016-07-16 13:48:21 -04:00
endpoints.go [kube-proxy] Mass service/endpoint info functions rename and comments 2018-02-27 11:14:02 -08:00
endpoints_test.go [kube-proxy] Mass service/endpoint info functions rename and comments 2018-02-27 11:14:02 -08:00
OWNERS add me to iptables/kube-proxy reviewers 2018-02-22 17:36:57 -05:00
service.go LoadBalancerStatus make use of generated deep copy method 2018-03-28 14:08:50 +08:00
service_test.go [kube-proxy] Mass service/endpoint info functions rename and comments 2018-02-27 11:14:02 -08:00
types.go [kube-proxy] Mass service/endpoint info functions rename and comments 2018-02-27 11:14:02 -08:00