New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
change health-check port to listen to node port addresses #104742
Conversation
@khenidak: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
the unit test failing seems related
|
I think this should be aligned to current logic kubernetes/pkg/proxy/iptables/proxier.go Lines 996 to 1000 in eb72962
|
1cabef5
to
e29d0c1
Compare
Yes. I kept that one failing until i clean up the old code. The current commits are the change i want to make. But i am not happy with unit testing coverage so i am keeping the |
e29d0c1
to
ea34c0b
Compare
@danwinship @aojea -- Can you help reviewing this? (it is ready now) |
ea34c0b
to
aa0c88b
Compare
/test pull-kubernetes-unit |
1 similar comment
/test pull-kubernetes-unit |
aa0c88b
to
aa8078e
Compare
"intended" 🙂 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mostly looks good
aa8078e
to
831a21f
Compare
/test pull-kubernetes-e2e-gci-gce-ipvs |
/lgtm |
The hold is to get as many eyes as possible on it. One can argue it is a behavior change so i am not sure how to deal with this one. There is no api change, just behavior change. Do we need anything more than release notes? @thockin ? |
831a21f
to
acdf50f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems OK to me, but I wonder if there are use-cases we're missing. I guess we'll find out. I expected to see map[types.NamespacedName][]*hcInstance
but this works, too :)
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: khenidak, thockin The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/unhold |
What type of PR is this?
/kind bug
What this PR does / why we need it:
kube-proxy health check ports used to listen to
:<port>
for each of the services. This is not needed and opens ports in addresses the cluster user may not have intended. The PR limits listening to all node address which are controlled by--nodeport-addresses
flag.Which issue(s) this PR fixes:
Fixes #103184
Special notes for your reviewer:
WIP don't review yet.
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
/sig network
/hold