proxy

package
v1.35.0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 8, 2025 License: Apache-2.0 Imports: 32 Imported by: 532

Documentation

Overview

Package proxy implements the layer-3 network proxy.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BaseEndpointInfo added in v1.10.0 

type BaseEndpointInfo struct {
	// contains filtered or unexported fields
}

BaseEndpointInfo contains base information that defines an endpoint. This could be used directly by proxier while processing endpoints, or can be used for constructing a more specific EndpointInfo struct defined by the proxier if needed.

func (*BaseEndpointInfo) IP added in v1.10.0 

func (info *BaseEndpointInfo) IP() string

IP returns just the IP part of the endpoint, it's a part of proxy.Endpoint interface.

func (*BaseEndpointInfo) IsLocal added in v1.10.0 

func (info *BaseEndpointInfo) IsLocal() bool

IsLocal is part of proxy.Endpoint interface.

func (*BaseEndpointInfo) IsReady added in v1.21.0 

func (info *BaseEndpointInfo) IsReady() bool

IsReady returns true if an endpoint is ready and not terminating.

func (*BaseEndpointInfo) IsServing added in v1.21.0 

func (info *BaseEndpointInfo) IsServing() bool

IsServing returns true if an endpoint is ready, regardless of if the endpoint is terminating.

func (*BaseEndpointInfo) IsTerminating added in v1.21.0 

func (info *BaseEndpointInfo) IsTerminating() bool

IsTerminating retruns true if an endpoint is terminating. For pods, that is any pod with a deletion timestamp.

func (*BaseEndpointInfo) NodeHints added in v1.33.0 

func (info *BaseEndpointInfo) NodeHints() sets.Set[string]

NodeHints returns the node hints for the endpoint.

func (*BaseEndpointInfo) Port added in v1.10.0 

func (info *BaseEndpointInfo) Port() int

Port returns just the Port part of the endpoint.

func (*BaseEndpointInfo) String added in v1.10.0 

func (info *BaseEndpointInfo) String() string

String is part of proxy.Endpoint interface.

func (*BaseEndpointInfo) ZoneHints added in v1.21.0 

func (info *BaseEndpointInfo) ZoneHints() sets.Set[string]

ZoneHints returns the zone hints for the endpoint.

type BaseServicePortInfo added in v1.26.0 

type BaseServicePortInfo struct {
	// contains filtered or unexported fields
}

BaseServicePortInfo contains base information that defines a service. This could be used directly by proxier while processing services, or can be used for constructing a more specific ServiceInfo struct defined by the proxier if needed.

func (*BaseServicePortInfo) ClusterIP added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) ClusterIP() net.IP

ClusterIP is part of ServicePort interface.

func (*BaseServicePortInfo) ExternalIPs added in v1.30.0 

func (bsvcPortInfo *BaseServicePortInfo) ExternalIPs() []net.IP

ExternalIPs is part of ServicePort interface.

func (*BaseServicePortInfo) ExternalPolicyLocal added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) ExternalPolicyLocal() bool

ExternalPolicyLocal is part of ServicePort interface.

func (*BaseServicePortInfo) ExternallyAccessible added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) ExternallyAccessible() bool

ExternallyAccessible is part of ServicePort interface.

func (*BaseServicePortInfo) HealthCheckNodePort added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) HealthCheckNodePort() int

HealthCheckNodePort is part of ServicePort interface.

func (*BaseServicePortInfo) InternalPolicyLocal added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) InternalPolicyLocal() bool

InternalPolicyLocal is part of ServicePort interface

func (*BaseServicePortInfo) LoadBalancerSourceRanges added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) LoadBalancerSourceRanges() []*net.IPNet

LoadBalancerSourceRanges is part of ServicePort interface

func (*BaseServicePortInfo) LoadBalancerVIPs added in v1.30.0 

func (bsvcPortInfo *BaseServicePortInfo) LoadBalancerVIPs() []net.IP

LoadBalancerVIPs is part of ServicePort interface.

func (*BaseServicePortInfo) NodePort added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) NodePort() int

NodePort is part of the ServicePort interface.

func (*BaseServicePortInfo) Port added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) Port() int

Port is part of ServicePort interface.

func (*BaseServicePortInfo) Protocol added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) Protocol() v1.Protocol

Protocol is part of ServicePort interface.

func (*BaseServicePortInfo) SessionAffinityType added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) SessionAffinityType() v1.ServiceAffinity

SessionAffinityType is part of the ServicePort interface.

func (*BaseServicePortInfo) StickyMaxAgeSeconds added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) StickyMaxAgeSeconds() int

StickyMaxAgeSeconds is part of the ServicePort interface

func (*BaseServicePortInfo) String added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) String() string

String is part of ServicePort interface.

func (*BaseServicePortInfo) UsesClusterEndpoints added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) UsesClusterEndpoints() bool

UsesClusterEndpoints is part of ServicePort interface.

func (*BaseServicePortInfo) UsesLocalEndpoints added in v1.26.0 

func (bsvcPortInfo *BaseServicePortInfo) UsesLocalEndpoints() bool

UsesLocalEndpoints is part of ServicePort interface.

type Endpoint added in v1.10.0 

type Endpoint interface {
	// String returns endpoint string.  An example format can be: `IP:Port`.
	// We take the returned value as ServiceEndpoint.Endpoint.
	String() string
	// IP returns IP part of the endpoint.
	IP() string
	// Port returns the Port part of the endpoint.
	Port() int

	// IsLocal returns true if the endpoint is running on the same host as kube-proxy.
	IsLocal() bool
	// IsReady returns true if an endpoint is ready and not terminating, or
	// if PublishNotReadyAddresses is set on the service.
	IsReady() bool
	// IsServing returns true if an endpoint is ready. It does not account
	// for terminating state.
	IsServing() bool
	// IsTerminating returns true if an endpoint is terminating. For pods,
	// that is any pod with a deletion timestamp.
	IsTerminating() bool

	// ZoneHints returns the zone hint for the endpoint. This is based on
	// endpoint.hints.forZones[*].name in the EndpointSlice API.
	ZoneHints() sets.Set[string]
	// NodeHints returns the node hint for the endpoint. This is based on
	// endpoint.hints.forNodes[*].name in the EndpointSlice API.
	NodeHints() sets.Set[string]
}

Endpoint in an interface which abstracts information about an endpoint.

func CategorizeEndpoints added in v1.24.0 

func CategorizeEndpoints(endpoints []Endpoint, svcInfo ServicePort, nodeName string, topologyLabels map[string]string) (clusterEndpoints, localEndpoints, allReachableEndpoints []Endpoint, hasAnyEndpoints bool)

CategorizeEndpoints returns:

  • The service's usable Cluster-traffic-policy endpoints (taking topology into account, if relevant). This will be nil if the service does not ever use Cluster traffic policy.

  • The service's usable Local-traffic-policy endpoints. This will be nil if the service does not ever use Local traffic policy.

  • The combined list of all endpoints reachable from this node (which is the union of the previous two lists, but in the case where it is identical to one or the other, we avoid allocating a separate list).

  • An indication of whether the service has any endpoints reachable from anywhere in the cluster. (This may be true even if allReachableEndpoints is empty.)

"Usable endpoints" means Ready endpoints by default, but will fall back to Serving-Terminating endpoints (independently for Cluster and Local) if no Ready endpoints are available.

Note: NodeTopologyConfig.handleNodeEvent (pkg/proxy/config) filters topology labels before notifying proxiers. If you modify the logic over here to watch other endpoint types or labels, ensure the filtering logic in NodeTopologyConfig is updated accordingly.

type EndpointSliceCache added in v1.16.0 

type EndpointSliceCache struct {
	// contains filtered or unexported fields
}

EndpointSliceCache is used as a cache of EndpointSlice information.

func NewEndpointSliceCache added in v1.16.0 

func NewEndpointSliceCache(nodeName string, makeEndpointInfo makeEndpointFunc) *EndpointSliceCache

NewEndpointSliceCache initializes an EndpointSliceCache.

type EndpointsChangeTracker added in v1.29.0 

type EndpointsChangeTracker struct {
	// contains filtered or unexported fields
}

EndpointsChangeTracker carries state about uncommitted changes to an arbitrary number of Endpoints, keyed by their namespace and name.

func NewEndpointsChangeTracker added in v1.29.0 

func NewEndpointsChangeTracker(ipFamily v1.IPFamily, nodeName string, makeEndpointInfo makeEndpointFunc, processEndpointsMapChange processEndpointsMapChangeFunc) *EndpointsChangeTracker

NewEndpointsChangeTracker initializes an EndpointsChangeTracker

func (*EndpointsChangeTracker) EndpointSliceUpdate added in v1.29.0 

func (ect *EndpointsChangeTracker) EndpointSliceUpdate(endpointSlice *discovery.EndpointSlice, removeSlice bool) bool

EndpointSliceUpdate updates the EndpointsChangeTracker by adding/updating or removing endpointSlice (depending on removeSlice). It returns true if this update contained a change that needs to be synced; note that this is different from the return value of ServiceChangeTracker.Update().

type EndpointsMap added in v1.10.0 

type EndpointsMap map[ServicePortName][]Endpoint

EndpointsMap maps a service name to a list of all its Endpoints.

func (EndpointsMap) LocalReadyEndpoints added in v1.27.0 

func (em EndpointsMap) LocalReadyEndpoints() map[types.NamespacedName]int

LocalReadyEndpoints returns a map of Service names to the number of local ready endpoints for that service.

func (EndpointsMap) Update added in v1.15.0 

func (em EndpointsMap) Update(ect *EndpointsChangeTracker) UpdateEndpointsMapResult

Update updates em based on the changes in ect, returns information about the diff since the last Update, triggers processEndpointsMapChange on every change, and clears the changes map.

type NodeManager added in v1.34.0 

type NodeManager struct {
	// contains filtered or unexported fields
}

NodeManager handles the life cycle of kube-proxy based on the NodeIPs and PodCIDRs handles node watch events and crashes kube-proxy if there are any changes in NodeIPs or PodCIDRs. Note: It only crashes on change on PodCIDR when watchPodCIDRs is set to true.

func NewNodeManager added in v1.34.0 

func NewNodeManager(ctx context.Context, client clientset.Interface,
	resyncInterval time.Duration, nodeName string, watchPodCIDRs bool,
) (*NodeManager, error)

NewNodeManager initializes node informer that selects for the given node, waits for cache sync and returns NodeManager after waiting some amount of time for the node object to exist and have NodeIPs (and PodCIDRs if watchPodCIDRs is true). Note: for backward compatibility, NewNodeManager doesn't return any error if it failed to retrieve NodeIPs and watchPodCIDRs is false.

func (*NodeManager) Node added in v1.34.0 

func (n *NodeManager) Node() *v1.Node

Node returns a copy of the latest node object, or nil if the Node has not yet been seen.

func (*NodeManager) NodeIPs added in v1.34.0 

func (n *NodeManager) NodeIPs() []net.IP

NodeIPs returns the NodeIPs polled in NewNodeManager(). (This may be empty if NewNodeManager timed out without getting any IPs.)

func (*NodeManager) NodeInformer added in v1.34.0 

func (n *NodeManager) NodeInformer() v1informers.NodeInformer

NodeInformer returns the NodeInformer.

func (*NodeManager) OnNodeChange added in v1.34.0 

func (n *NodeManager) OnNodeChange(node *v1.Node)

OnNodeChange is a handler for Node creation and update.

func (*NodeManager) OnNodeDelete added in v1.34.0 

func (n *NodeManager) OnNodeDelete(node *v1.Node)

OnNodeDelete is a handler for Node deletes.

func (*NodeManager) OnNodeSynced added in v1.34.0 

func (n *NodeManager) OnNodeSynced()

OnNodeSynced is called after the cache is synced and all pre-existing Nodes have been reported

func (*NodeManager) PodCIDRs added in v1.34.0 

func (n *NodeManager) PodCIDRs() []string

PodCIDRs returns the PodCIDRs polled in NewNodeManager().

type Provider added in v1.16.0 

type Provider interface {
	config.EndpointSliceHandler
	config.ServiceHandler
	config.NodeTopologyHandler
	config.ServiceCIDRHandler

	// Sync immediately synchronizes the Provider's current state to proxy rules.
	Sync()
	// SyncLoop runs periodic work.
	// This is expected to run as a goroutine or as the main loop of the app.
	// It does not return.
	SyncLoop()
}

Provider is the interface provided by proxier implementations.

type ServiceChangeTracker added in v1.10.0 

type ServiceChangeTracker struct {
	// contains filtered or unexported fields
}

ServiceChangeTracker carries state about uncommitted changes to an arbitrary number of Services, keyed by their namespace and name.

func NewServiceChangeTracker added in v1.10.0 

func NewServiceChangeTracker(ipFamily v1.IPFamily, makeServiceInfo makeServicePortFunc, processServiceMapChange processServiceMapChangeFunc) *ServiceChangeTracker

NewServiceChangeTracker initializes a ServiceChangeTracker

func (*ServiceChangeTracker) Update added in v1.10.0 

func (sct *ServiceChangeTracker) Update(previous, current *v1.Service) bool

Update updates the ServiceChangeTracker based on the <previous, current> service pair (where either previous or current, but not both, can be nil). It returns true if sct contains changes that need to be synced (whether or not those changes were caused by this update); note that this is different from the return value of EndpointChangeTracker.EndpointSliceUpdate().

type ServiceEndpoint added in v1.10.0 

type ServiceEndpoint struct {
	Endpoint        string
	ServicePortName ServicePortName
}

ServiceEndpoint is used to identify a service and one of its endpoint pair.

type ServicePort added in v1.10.0 

type ServicePort interface {
	// String returns service string.  An example format can be: `IP:Port/Protocol`.
	String() string
	// ClusterIP returns service cluster IP in net.IP format.
	ClusterIP() net.IP
	// Port returns service port if present. If return 0 means not present.
	Port() int
	// SessionAffinityType returns service session affinity type
	SessionAffinityType() v1.ServiceAffinity
	// StickyMaxAgeSeconds returns service max connection age
	StickyMaxAgeSeconds() int
	// ExternalIPs returns service ExternalIPs
	ExternalIPs() []net.IP
	// LoadBalancerVIPs returns service LoadBalancerIPs which are VIP mode
	LoadBalancerVIPs() []net.IP
	// Protocol returns service protocol.
	Protocol() v1.Protocol
	// LoadBalancerSourceRanges returns service LoadBalancerSourceRanges if present empty array if not
	LoadBalancerSourceRanges() []*net.IPNet
	// HealthCheckNodePort returns service health check node port if present.  If return 0, it means not present.
	HealthCheckNodePort() int
	// NodePort returns a service Node port if present. If return 0, it means not present.
	NodePort() int
	// ExternalPolicyLocal returns if a service has only node local endpoints for external traffic.
	ExternalPolicyLocal() bool
	// InternalPolicyLocal returns if a service has only node local endpoints for internal traffic.
	InternalPolicyLocal() bool
	// ExternallyAccessible returns true if the service port is reachable via something
	// other than ClusterIP (NodePort/ExternalIP/LoadBalancer)
	ExternallyAccessible() bool
	// UsesClusterEndpoints returns true if the service port ever sends traffic to
	// endpoints based on "Cluster" traffic policy
	UsesClusterEndpoints() bool
	// UsesLocalEndpoints returns true if the service port ever sends traffic to
	// endpoints based on "Local" traffic policy
	UsesLocalEndpoints() bool
}

ServicePort is an interface which abstracts information about a service.

type ServicePortMap added in v1.26.0 

type ServicePortMap map[ServicePortName]ServicePort

ServicePortMap maps a service to its ServicePort.

func (ServicePortMap) HealthCheckNodePorts added in v1.27.0 

func (sm ServicePortMap) HealthCheckNodePorts() map[types.NamespacedName]uint16

HealthCheckNodePorts returns a map of Service names to HealthCheckNodePort values for all Services in sm with non-zero HealthCheckNodePort.

func (ServicePortMap) Update added in v1.26.0 

func (sm ServicePortMap) Update(sct *ServiceChangeTracker) UpdateServiceMapResult

Update updates ServicePortMap base on the given changes, returns information about the diff since the last Update, triggers processServiceMapChange on every change, and clears the changes map.

type ServicePortName added in v0.15.0 

type ServicePortName struct {
	types.NamespacedName
	Port     string
	Protocol v1.Protocol
}

ServicePortName carries a namespace + name + portname. This is the unique identifier for a load-balanced service.

func (ServicePortName) String added in v0.15.0 

func (spn ServicePortName) String() string

type UpdateEndpointsMapResult added in v1.29.0 

type UpdateEndpointsMapResult struct {
	// UpdatedServices lists the names of all services with added/updated/deleted
	// endpoints since the last Update.
	UpdatedServices sets.Set[types.NamespacedName]
	// ConntrackCleanupRequired will be true if any UDP ServicePort changed endpoints, false otherwise.
	// It's used to minimise conntrack cleanup calls.
	ConntrackCleanupRequired bool
	// List of the trigger times for all endpoints objects that changed. It's used to export the
	// network programming latency.
	// NOTE(oxddr): this can be simplified to []time.Time if memory consumption becomes an issue.
	LastChangeTriggerTimes map[types.NamespacedName][]time.Time
}

UpdateEndpointsMapResult is the updated results after applying endpoints changes.

type UpdateServiceMapResult added in v1.10.0 

type UpdateServiceMapResult struct {
	// UpdatedServices lists the names of all services added/updated/deleted since the
	// last Update.
	UpdatedServices sets.Set[types.NamespacedName]
}

UpdateServiceMapResult is the updated results after applying service changes.

Source Files

View all Source files

Directories

Path Synopsis
config
config/fuzzer
config/scheme
config/v1alpha1
config/validation
Package config provides decoupling between various configuration sources (etcd, files,...) and the pieces that actually care about them (loadbalancer, proxy).
 Package config provides decoupling between various configuration sources (etcd, files,...) and the pieces that actually care about them (loadbalancer, proxy).
Package healthcheck provides tools for serving kube-proxy healthchecks.
 Package healthcheck provides tools for serving kube-proxy healthchecks.
ipset
ipset/testing
testing
util
util/testing
nfacct
testing
Package winkernel implements the Windows-kernel-based proxy
 Package winkernel implements the Windows-kernel-based proxy
testing

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.