func TestProxyConfig(t *testing.T) {
// This is a snapshot of the default config
// If the default changes (new fields are added, or default values change), we want to know
// Once we've reacted to the changes appropriately in buildKubeProxyConfig(), update this expected default to match the new upstream defaults
oomScoreAdj := -999
ipTablesMasqueratebit := 14
expectedDefaultConfig := &proxyoptions.ProxyServerConfig{
KubeProxyConfiguration: componentconfig.KubeProxyConfiguration{
BindAddress: "0.0.0.0",
HealthzPort: 10249, // disabled
HealthzBindAddress: "127.0.0.1", // disabled
OOMScoreAdj: &oomScoreAdj, // disabled
ResourceContainer: "/kube-proxy", // disabled
IPTablesSyncPeriod: unversioned.Duration{Duration: 30 * time.Second},
// from k8s.io/kubernetes/cmd/kube-proxy/app/options/options.go
// defaults to 14.
IPTablesMasqueradeBit: &ipTablesMasqueratebit,
UDPIdleTimeout: unversioned.Duration{Duration: 250 * time.Millisecond},
ConntrackMax: 256 * 1024, // 4x default (64k)
ConntrackTCPEstablishedTimeout: unversioned.Duration{Duration: 86400 * time.Second}, // 1 day (1/5 default)
},
ConfigSyncPeriod: 15 * time.Minute,
KubeAPIQPS: 5.0,
KubeAPIBurst: 10,
}
actualDefaultConfig := proxyoptions.NewProxyConfig()
if !reflect.DeepEqual(expectedDefaultConfig, actualDefaultConfig) {
t.Errorf("Default kube proxy config has changed. Adjust buildKubeProxyConfig() as needed to disable or make use of additions.")
t.Logf("Expected default config:\n%#v\n\n", expectedDefaultConfig)
t.Logf("Actual default config:\n%#v\n\n", actualDefaultConfig)
}
}
func NewHollowProxyOrDie(
nodeName string,
client clientset.Interface,
endpointsConfig *proxyconfig.EndpointsConfig,
serviceConfig *proxyconfig.ServiceConfig,
iptInterface utiliptables.Interface,
broadcaster record.EventBroadcaster,
recorder record.EventRecorder,
) *HollowProxy {
// Create and start Hollow Proxy
config := options.NewProxyConfig()
config.OOMScoreAdj = util.Int32Ptr(0)
config.ResourceContainer = ""
config.NodeRef = &api.ObjectReference{
Kind: "Node",
Name: nodeName,
UID: types.UID(nodeName),
Namespace: "",
}
proxyconfig.NewSourceAPI(
client.Core().RESTClient(),
30*time.Second,
serviceConfig.Channel("api"),
endpointsConfig.Channel("api"),
)
hollowProxy, err := proxyapp.NewProxyServer(client, config, iptInterface, &FakeProxier{}, broadcaster, recorder, nil, "fake")
if err != nil {
glog.Fatalf("Error while creating ProxyServer: %v\n", err)
}
return &HollowProxy{
ProxyServer: hollowProxy,
}
}
func TestProxyConfig(t *testing.T) {
// This is a snapshot of the default config
// If the default changes (new fields are added, or default values change), we want to know
// Once we've reacted to the changes appropriately in buildKubeProxyConfig(), update this expected default to match the new upstream defaults
expectedDefaultConfig := &proxyoptions.ProxyServerConfig{
BindAddress: net.ParseIP("0.0.0.0"),
HealthzPort: 10249,
HealthzBindAddress: net.ParseIP("127.0.0.1"),
OOMScoreAdj: qos.KubeProxyOOMScoreAdj,
ResourceContainer: "/kube-proxy",
IptablesSyncPeriod: 30 * time.Second,
ConfigSyncPeriod: 15 * time.Minute,
KubeAPIQPS: 5.0,
KubeAPIBurst: 10,
UDPIdleTimeout: 250 * time.Millisecond,
ConntrackMax: 256 * 1024, // 4x default (64k)
ConntrackTCPTimeoutEstablished: 86400, // 1 day (1/5 default)
}
actualDefaultConfig := proxyoptions.NewProxyConfig()
if !reflect.DeepEqual(expectedDefaultConfig, actualDefaultConfig) {
t.Errorf("Default kube proxy config has changed. Adjust buildKubeProxyConfig() as needed to disable or make use of additions.")
t.Logf("Expected default config:\n%#v\n\n", expectedDefaultConfig)
t.Logf("Actual default config:\n%#v\n\n", actualDefaultConfig)
}
}
// NewProxyCommand provides a CLI handler for the 'proxy' command
func NewProxyCommand(name, fullName string, out io.Writer) *cobra.Command {
proxyConfig := proxyoptions.NewProxyConfig()
cmd := &cobra.Command{
Use: name,
Short: "Launch Kubernetes proxy (kube-proxy)",
Long: proxyLong,
Run: func(c *cobra.Command, args []string) {
startProfiler()
util.InitLogs()
defer util.FlushLogs()
s, err := proxyapp.NewProxyServerDefault(proxyConfig)
kcmdutil.CheckErr(err)
if err := s.Run(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
},
}
cmd.SetOutput(out)
flags := cmd.Flags()
flags.SetNormalizeFunc(kflag.WordSepNormalizeFunc)
proxyConfig.AddFlags(flags)
return cmd
}
// This test verifies that Proxy Server does not crash that means
// Config and iptinterface are not nil when CleanupAndExit is true.
// To avoid proxy crash: https://github.com/kubernetes/kubernetes/pull/14736
func TestProxyServerWithCleanupAndExit(t *testing.T) {
// creates default config
config := options.NewProxyConfig()
// sets CleanupAndExit manually
config.CleanupAndExit = true
// creates new proxy server
proxyserver, err := NewProxyServerDefault(config)
// verifies that nothing is nill except error
assert.Nil(t, err)
assert.NotNil(t, proxyserver)
assert.NotNil(t, proxyserver.Config)
assert.NotNil(t, proxyserver.IptInterface)
}
// NewProxyCommand creates a *cobra.Command object with default parameters
func NewProxyCommand() *cobra.Command {
s := options.NewProxyConfig()
s.AddFlags(pflag.CommandLine)
cmd := &cobra.Command{
Use: "kube-proxy",
Long: `The Kubernetes network proxy runs on each node. This
reflects services as defined in the Kubernetes API on each node and can do simple
TCP,UDP stream forwarding or round robin TCP,UDP forwarding across a set of backends.
Service cluster ips and ports are currently found through Docker-links-compatible
environment variables specifying ports opened by the service proxy. There is an optional
addon that provides cluster DNS for these cluster IPs. The user must create a service
with the apiserver API to configure the proxy.`,
Run: func(cmd *cobra.Command, args []string) {
},
}
return cmd
}
func main() {
config := options.NewProxyConfig()
config.AddFlags(pflag.CommandLine)
flag.InitFlags()
logs.InitLogs()
defer logs.FlushLogs()
verflag.PrintAndExitIfRequested()
s, err := app.NewProxyServerDefault(config)
if err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
if err = s.Run(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
}
func main() {
runtime.GOMAXPROCS(runtime.NumCPU())
config := options.NewProxyConfig()
config.AddFlags(pflag.CommandLine)
util.InitFlags()
util.InitLogs()
defer util.FlushLogs()
verflag.PrintAndExitIfRequested()
s, err := app.NewProxyServerDefault(config)
if err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
if err = s.Run(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
}
// NewKubeProxy creates a new hyperkube Server object that includes the
// description and flags.
func NewKubeProxy() *Server {
config := options.NewProxyConfig()
hks := Server{
SimpleUsage: "proxy",
Long: `The Kubernetes proxy server is responsible for taking traffic directed at
services and forwarding it to the appropriate pods. It generally runs on
nodes next to the Kubelet and proxies traffic from local pods to remote pods.
It is also used when handling incoming external traffic.`,
}
config.AddFlags(hks.Flags())
hks.Run = func(_ *Server, _ []string) error {
s, err := app.NewProxyServerDefault(config)
if err != nil {
return err
}
return s.Run()
}
return &hks
}
func buildKubeProxyConfig(options configapi.NodeConfig) (*proxyoptions.ProxyServerConfig, error) {
// get default config
proxyconfig := proxyoptions.NewProxyConfig()
// BindAddress - Override default bind address from our config
addr := options.ServingInfo.BindAddress
host, _, err := net.SplitHostPort(addr)
if err != nil {
return nil, fmt.Errorf("The provided value to bind to must be an ip:port %q", addr)
}
ip := net.ParseIP(host)
if ip == nil {
return nil, fmt.Errorf("The provided value to bind to must be an ip:port: %q", addr)
}
proxyconfig.BindAddress = ip.String()
// HealthzPort, HealthzBindAddress - disable
proxyconfig.HealthzPort = 0
proxyconfig.HealthzBindAddress = ""
// OOMScoreAdj, ResourceContainer - clear, we don't run in a container
oomScoreAdj := int32(0)
proxyconfig.OOMScoreAdj = &oomScoreAdj
proxyconfig.ResourceContainer = ""
// use the same client as the node
proxyconfig.Master = ""
proxyconfig.Kubeconfig = options.MasterKubeConfig
// PortRange, use default
// HostnameOverride, use default
// ProxyMode, set to iptables
proxyconfig.Mode = "iptables"
// IptablesSyncPeriod, set to our config value
syncPeriod, err := time.ParseDuration(options.IPTablesSyncPeriod)
if err != nil {
return nil, fmt.Errorf("Cannot parse the provided ip-tables sync period (%s) : %v", options.IPTablesSyncPeriod, err)
}
proxyconfig.IPTablesSyncPeriod = unversioned.Duration{
Duration: syncPeriod,
}
// ConfigSyncPeriod, use default
// NodeRef, build from config
proxyconfig.NodeRef = &kapi.ObjectReference{
Kind: "Node",
Name: options.NodeName,
}
// MasqueradeAll, use default
// CleanupAndExit, use default
// KubeAPIQPS, use default, doesn't apply until we build a separate client
// KubeAPIBurst, use default, doesn't apply until we build a separate client
// UDPIdleTimeout, use default
// Resolve cmd flags to add any user overrides
if err := cmdflags.Resolve(options.ProxyArguments, proxyconfig.AddFlags); len(err) > 0 {
return nil, kerrors.NewAggregate(err)
}
return proxyconfig, nil
}