github-personal/kubernetes
1
0
Fork 0
mirror of https://github.com/outbackdingo/kubernetes.git synced 2026-02-23 19:37:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0bdaa3a4cc2069ac1cb763eb732b5b8b328d7eb
kubernetes/pkg
History
Kubernetes Submit Queue 2ef566d0c3 Merge pull request #62007 from m1093782566/kube-forward 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Fix Forward chain default reject policy for IPVS proxier

**What this PR does / why we need it**:

Testing with the IPVS mode proxier on a host with iptables FORWARD policy = DROP, as configured by docker in recent versions, I found that traffic to NodePorts failed when the NodePort forwarded the traffic to another node.

Saw the iptables FORWARD=DROP counter increasing with each packet.

IPVS mode should whitelist such traffic in a similar way to the iptables mode:

PR implementing the fix for iptables mode: #52569

**Which issue(s) this PR fixes**:
Fixes #59656

**Special notes for your reviewer**:

**Release note**:

```release-note
Fix Forward chain default reject policy for IPVS proxier
```
2018-04-15 20:01:42 -07:00
..
api
remove deprecated ObjectMeta ListOptions DeleteOptions
2018-04-09 21:19:20 +08:00
apis
Merge pull request #62496 from jennybuckley/service-port-docs
2018-04-13 15:03:10 -07:00
auth
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
capabilities
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
client
Merge pull request #61608 from php-coder/psp_move_internal_types_to_policy
2018-04-13 05:22:24 -07:00
cloudprovider
update-bazel
2018-04-13 15:47:31 -07:00
controller
Merge pull request #62471 from mikedanese/certs2
2018-04-13 16:01:10 -07:00
credentialprovider
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
features
make mikedanese owner of CertRotation features
2018-04-12 08:37:29 -07:00
fieldpath
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
generated
update bindata after #61817
2018-04-11 14:24:01 -07:00
kubeapiserver
pkg/kubeapiserver/options: update Bazel files
2018-04-10 12:03:54 -07:00
kubectl
Merge pull request #62181 from juanvallejo/jvallejo/wire-print-flags-create-cmds
2018-04-13 15:03:13 -07:00
kubelet
Merge pull request #60539 from Pingan2017/infovolumnhost
2018-04-14 09:09:42 -07:00
kubemark
add nodeport-addresses flag for kube-proxy
2018-02-26 23:48:46 +08:00
master
apiserver: enforce shared RequestContextMapper in delegation chain
2018-04-05 14:41:56 +02:00
printers
begin wiring printopts through complete commands
2018-04-13 11:50:54 -04:00
probe
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
proxy
fix nodeport FORWARD chain
2018-04-12 17:25:28 +08:00
quota
Resources prefixed with *kubernetes.io/ should remain unscheduled if they are not exposed on the node.
2018-03-28 17:24:30 -07:00
registry
Merge pull request #61608 from php-coder/psp_move_internal_types_to_policy
2018-04-13 05:22:24 -07:00
routes
Remove /ui/ redirect
2018-02-12 10:54:33 -05:00
scheduler
Merge pull request #62211 from bsalamat/affinity_performance
2018-04-13 07:25:21 -07:00
security
Update generated files.
2018-04-11 18:35:24 +02:00
securitycontext
remove unused code in securitycontext
2018-03-29 23:32:48 -07:00
serviceaccount
implement token authenticator for new id tokens
2018-02-27 17:20:46 -08:00
ssh
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
util
Merge pull request #62467 from andyzhangx/nsenter-getfiletype-fix
2018-04-13 07:25:14 -07:00
version
Require boilerplate on Bazel Skylark source files
2018-02-16 13:44:04 -08:00
volume
Merge pull request #62486 from vladimirvivien/csi-fsGroup-fix
2018-04-13 16:01:06 -07:00
watch/json
remove outdate package
2018-01-15 23:17:19 +08:00
windows/service
Add support for binaries to run as Windows services
2018-03-07 00:51:36 +01:00
.import-restrictions
BUILD
pkg/api/unversioned related cleanup
2018-03-13 17:20:16 +08:00
OWNERS