mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2025-11-04 04:08:16 +00:00
Filter nodePortAddresses to the proxiers.
Log a warning for addresses of wrong family.
This commit is contained in:
Lars Ekman
@@ -290,6 +290,11 @@ func NewProxier(ipt utiliptables.Interface,
|
|||||||
serviceHealthServer := healthcheck.NewServiceHealthServer(hostname, recorder)
|
serviceHealthServer := healthcheck.NewServiceHealthServer(hostname, recorder)
|
||||||
|
|
||||||
isIPv6 := ipt.IsIPv6()
|
isIPv6 := ipt.IsIPv6()
|
||||||
|
var incorrectAddresses []string
|
||||||
|
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
|
||||||
|
if len(incorrectAddresses) > 0 {
|
||||||
|
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
|
||||||
|
}
|
||||||
proxier := &Proxier{
|
proxier := &Proxier{
|
||||||
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
||||||
serviceMap: make(proxy.ServiceMap),
|
serviceMap: make(proxy.ServiceMap),
|
||||||
@@ -357,16 +362,17 @@ func NewDualStackProxier(
|
|||||||
nodePortAddresses []string,
|
nodePortAddresses []string,
|
||||||
) (proxy.Provider, error) {
|
) (proxy.Provider, error) {
|
||||||
// Create an ipv4 instance of the single-stack proxier
|
// Create an ipv4 instance of the single-stack proxier
|
||||||
|
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
|
||||||
ipv4Proxier, err := NewProxier(ipt[0], sysctl,
|
ipv4Proxier, err := NewProxier(ipt[0], sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[0], hostname,
|
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[0], hostname,
|
||||||
nodeIP[0], recorder, healthzServer, nodePortAddresses)
|
nodeIP[0], recorder, healthzServer, nodePortAddresses4)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
ipv6Proxier, err := NewProxier(ipt[1], sysctl,
|
ipv6Proxier, err := NewProxier(ipt[1], sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[1], hostname,
|
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[1], hostname,
|
||||||
nodeIP[1], recorder, healthzServer, nodePortAddresses)
|
nodeIP[1], recorder, healthzServer, nodePortAddresses6)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -433,6 +433,11 @@ func NewProxier(ipt utiliptables.Interface,
|
|||||||
|
|
||||||
endpointSlicesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying)
|
endpointSlicesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying)
|
||||||
|
|
||||||
|
var incorrectAddresses []string
|
||||||
|
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
|
||||||
|
if len(incorrectAddresses) > 0 {
|
||||||
|
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
|
||||||
|
}
|
||||||
proxier := &Proxier{
|
proxier := &Proxier{
|
||||||
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
|
||||||
serviceMap: make(proxy.ServiceMap),
|
serviceMap: make(proxy.ServiceMap),
|
||||||
@@ -509,12 +514,14 @@ func NewDualStackProxier(
|
|||||||
|
|
||||||
safeIpset := newSafeIpset(ipset)
|
safeIpset := newSafeIpset(ipset)
|
||||||
|
|
||||||
|
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
|
||||||
|
|
||||||
// Create an ipv4 instance of the single-stack proxier
|
// Create an ipv4 instance of the single-stack proxier
|
||||||
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
|
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
|
||||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
|
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
|
||||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||||
localDetectors[0], hostname, nodeIP[0],
|
localDetectors[0], hostname, nodeIP[0],
|
||||||
recorder, healthzServer, scheduler, nodePortAddresses, kernelHandler)
|
recorder, healthzServer, scheduler, nodePortAddresses4, kernelHandler)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
|
||||||
}
|
}
|
||||||
@@ -523,7 +530,7 @@ func NewDualStackProxier(
|
|||||||
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
|
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
|
||||||
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
|
||||||
localDetectors[1], hostname, nodeIP[1],
|
localDetectors[1], hostname, nodeIP[1],
|
||||||
nil, nil, scheduler, nodePortAddresses, kernelHandler)
|
nil, nil, scheduler, nodePortAddresses6, kernelHandler)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user