Make kube-proxy default to iptables (regression)

This was accidentally introduced as part of the component config changes.
mattf · Feb 2, 2016 · 7ed83ad · 7ed83ad
1 parent ba13454
commit 7ed83ad
Show file tree

Hide file tree

Showing 6 changed files with 25 additions and 8 deletions.
diff --git a/cmd/kube-proxy/app/options/options.go b/cmd/kube-proxy/app/options/options.go
@@ -57,7 +57,6 @@ func NewProxyConfig() *ProxyServerConfig {
 			ResourceContainer:              "/kube-proxy",
 			IPTablesSyncPeriod:             unversioned.Duration{30 * time.Second},
 			UDPIdleTimeout:                 unversioned.Duration{250 * time.Millisecond},
-			Mode:                           componentconfig.ProxyModeUserspace,
 			ConntrackMax:                   256 * 1024,                                     // 4x default (64k)
 			ConntrackTCPEstablishedTimeout: unversioned.Duration{Duration: 24 * time.Hour}, // 1 day (1/5 default)
 		},

diff --git a/cmd/kube-proxy/app/server.go b/cmd/kube-proxy/app/server.go
@@ -20,6 +20,7 @@ package app
 
 import (
 	"errors"
+	"fmt"
 	"net"
 	"net/http"
 	_ "net/http/pprof"
@@ -58,6 +59,7 @@ type ProxyServer struct {
 	Broadcaster  record.EventBroadcaster
 	Recorder     record.EventRecorder
 	Conntracker  Conntracker // if nil, ignored
+	ProxyMode    string
 }
 
 const (
@@ -83,6 +85,7 @@ func NewProxyServer(
 	broadcaster record.EventBroadcaster,
 	recorder record.EventRecorder,
 	conntracker Conntracker,
+	proxyMode string,
 ) (*ProxyServer, error) {
 	return &ProxyServer{
 		Client:       client,
@@ -92,6 +95,7 @@ func NewProxyServer(
 		Broadcaster:  broadcaster,
 		Recorder:     recorder,
 		Conntracker:  conntracker,
+		ProxyMode:    proxyMode,
 	}, nil
 }
 
@@ -248,7 +252,7 @@ func NewProxyServerDefault(config *options.ProxyServerConfig) (*ProxyServer, err
 
 	conntracker := realConntracker{}
 
-	return NewProxyServer(client, config, iptInterface, proxier, eventBroadcaster, recorder, conntracker)
+	return NewProxyServer(client, config, iptInterface, proxier, eventBroadcaster, recorder, conntracker, proxyMode)
 }
 
 // Run runs the specified ProxyServer.  This should never exit (unless CleanupAndExit is set).
@@ -265,8 +269,11 @@ func (s *ProxyServer) Run() error {
 
 	s.Broadcaster.StartRecordingToSink(s.Client.Events(""))
 
-	// Start up Healthz service if requested
+	// Start up a webserver if requested
 	if s.Config.HealthzPort > 0 {
+		http.HandleFunc("/proxyMode", func(w http.ResponseWriter, r *http.Request) {
+			fmt.Fprintf(w, "%s", s.ProxyMode)
+		})
 		go util.Until(func() {
 			err := http.ListenAndServe(s.Config.HealthzBindAddress+":"+strconv.Itoa(s.Config.HealthzPort), nil)
 			if err != nil {

diff --git a/docs/admin/kube-proxy.md b/docs/admin/kube-proxy.md
@@ -71,12 +71,12 @@ kube-proxy
       --masquerade-all[=false]: If using the pure iptables proxy, SNAT everything
       --master="": The address of the Kubernetes API server (overrides any value in kubeconfig)
       --oom-score-adj=-999: The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000]
-      --proxy-mode=userspace: Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, look at the Node object on the Kubernetes API and respect the 'net.experimental.kubernetes.io/proxy-mode' annotation if provided.  Otherwise use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.
+      --proxy-mode=: Which proxy mode to use: 'userspace' (older) or 'iptables' (faster). If blank, look at the Node object on the Kubernetes API and respect the 'net.experimental.kubernetes.io/proxy-mode' annotation if provided.  Otherwise use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.
       --proxy-port-range=: Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
       --udp-timeout=250ms: How long an idle UDP connection will be kept open (e.g. '250ms', '2s').  Must be greater than 0. Only applicable for proxy-mode=userspace
 ```
 
-###### Auto generated by spf13/cobra on 27-Jan-2016
+###### Auto generated by spf13/cobra on 1-Feb-2016
 
 
 <!-- BEGIN MUNGE: GENERATED_ANALYTICS -->

diff --git a/pkg/apis/componentconfig/types.go b/pkg/apis/componentconfig/types.go
@@ -63,9 +63,9 @@ type KubeProxyConfiguration struct {
 }
 
 // Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
-// (experimental). If blank, look at the Node object on the Kubernetes API and respect the
+// (newer, faster). If blank, look at the Node object on the Kubernetes API and respect the
 // 'net.experimental.kubernetes.io/proxy-mode' annotation if provided.  Otherwise use the
-// best-available proxy (currently userspace, but may change in future versions).  If the
+// best-available proxy (currently iptables, but may change in future versions).  If the
 // iptables proxy is selected, regardless of how, but the system's kernel or iptables
 // versions are insufficient, this always falls back to the userspace proxy.
 type ProxyMode string

diff --git a/pkg/kubemark/hollow_proxy.go b/pkg/kubemark/hollow_proxy.go
@@ -75,7 +75,7 @@ func NewHollowProxyOrDie(
 		endpointsConfig.Channel("api"),
 	)
 
-	hollowProxy, err := proxyapp.NewProxyServer(client, config, iptInterface, &FakeProxier{}, broadcaster, recorder, nil)
+	hollowProxy, err := proxyapp.NewProxyServer(client, config, iptInterface, &FakeProxier{}, broadcaster, recorder, nil, "fake")
 	if err != nil {
 		glog.Fatalf("Error while creating ProxyServer: %v\n", err)
 	}

diff --git a/test/e2e/kubeproxy.go b/test/e2e/kubeproxy.go
@@ -197,6 +197,10 @@ func (config *KubeProxyTestConfig) hitNodePort(epCount int) {
 	config.dialFromNode("udp", node2_IP, nodeUdpPort, tries, epCount)
 	By("dialing(http) node1 --> node2:nodeHttpPort")
 	config.dialFromNode("http", node2_IP, nodeHttpPort, tries, epCount)
+
+	By("checking kube-proxy URLs")
+	config.getSelfURL("/healthz", "ok")
+	config.getSelfURL("/proxyMode", "iptables") // the default
 }
 
 func (config *KubeProxyTestConfig) hitEndpoints() {
@@ -252,6 +256,13 @@ func (config *KubeProxyTestConfig) dialFromNode(protocol, targetIP string, targe
 	Expect(strconv.Atoi(strings.TrimSpace(stdout))).To(BeNumerically("==", expectedCount))
 }
 
+func (config *KubeProxyTestConfig) getSelfURL(path string, expected string) {
+	cmd := fmt.Sprintf("curl -s --connect-timeout 1 http://localhost:10249%s", path)
+	By(fmt.Sprintf("Getting kube-proxy self URL %s", path))
+	stdout := RunHostCmdOrDie(config.f.Namespace.Name, config.hostTestContainerPod.Name, cmd)
+	Expect(strings.Contains(stdout, expected)).To(BeTrue())
+}
+
 func (config *KubeProxyTestConfig) createNetShellPodSpec(podName string, node string) *api.Pod {
 	pod := &api.Pod{
 		TypeMeta: unversioned.TypeMeta{