GCE Cloud provider changes for ESIPP

Add feature gate (ExternalTrafficLocalOnly) for alpha feature
2025-11-03 19:58:17 +00:00 · 2016-08-15 11:22:44 -07:00
parent 4b55492570
commit b82c028f77
8 changed files with 629 additions and 62 deletions
--- a/pkg/api/service/annotations.go
+++ b/pkg/api/service/annotations.go
@@ -16,6 +16,13 @@ limitations under the License.

 package service

+import (
+	"strconv"
+
+	"github.com/golang/glog"
+	"k8s.io/kubernetes/pkg/api"
+)
+
 const (
 	// AnnotationLoadBalancerSourceRangesKey is the key of the annotation on a service to set allowed ingress ranges on their LoadBalancers
 	//
@@ -25,4 +32,58 @@ const (
 	//
 	// Not all cloud providers support this annotation, though AWS & GCE do.
 	AnnotationLoadBalancerSourceRangesKey = "service.beta.kubernetes.io/load-balancer-source-ranges"
+
+	// AnnotationExternalTraffic An annotation that denotes if this Service desires to route external traffic to local
+	// endpoints only. This preserves Source IP and avoids a second hop.
+	AnnotationExternalTraffic = "service.alpha.kubernetes.io/external-traffic"
+	// AnnotationValueExternalTrafficLocal Value of annotation to specify local endpoints behaviour
+	AnnotationValueExternalTrafficLocal = "OnlyLocal"
+	// AnnotationValueExternalTrafficGlobal Value of annotation to specify global (legacy) behaviour
+	AnnotationValueExternalTrafficGlobal = "Global"
+	// AnnotationHealthCheckNodePort Annotation specifying the healthcheck nodePort for the service
+	// If not specified, annotation is created by the service api backend with the allocated nodePort
+	// Will use user-specified nodePort value if specified by the client
+	AnnotationHealthCheckNodePort = "service.alpha.kubernetes.io/healthcheck-nodeport"
 )
+
+// NeedsHealthCheck Check service for health check annotations
+func NeedsHealthCheck(service *api.Service) bool {
+	if l, ok := service.Annotations[AnnotationExternalTraffic]; ok {
+		if l == AnnotationValueExternalTrafficLocal {
+			return true
+		} else if l == AnnotationValueExternalTrafficGlobal {
+			return false
+		} else {
+			glog.Errorf("Invalid value for annotation %v", AnnotationExternalTraffic)
+			return false
+		}
+	}
+	return false
+}
+
+// GetServiceHealthCheckNodePort Return health check node port annotation for service, if one exists
+func GetServiceHealthCheckNodePort(service *api.Service) int32 {
+	if NeedsHealthCheck(service) {
+		if l, ok := service.Annotations[AnnotationHealthCheckNodePort]; ok {
+			p, err := strconv.Atoi(l)
+			if err != nil {
+				glog.Errorf("Failed to parse annotation %v: %v", AnnotationHealthCheckNodePort, err)
+				return 0
+			}
+			return int32(p)
+		}
+	}
+	return 0
+}
+
+// GetServiceHealthCheckPathPort Return the path and nodePort programmed into the Cloud LB Health Check
+func GetServiceHealthCheckPathPort(service *api.Service) (string, int32) {
+	if !NeedsHealthCheck(service) {
+		return "", 0
+	}
+	port := GetServiceHealthCheckNodePort(service)
+	if port == 0 {
+		return "", 0
+	}
+	return "/healthz", port
+}