Skip to content

Commit

Permalink
Create an nftables.Interface in nftables proxier
Browse files Browse the repository at this point in the history 
And update most of the comments to refer to "nftables" rather than
"iptables" (even though it doesn't actually do any nftables updating
at this point).

For now the proxy also internally creates a
utiliptablestesting.FakeIPTables to keep the existing sync code
compiling.
  • Loading branch information
@danwinship
danwinship committed Oct 31, 2023
1 parent 1a53045 commit abb1a45
Show file tree
Hide file tree
Showing 17 changed files with 2,683 additions and 40 deletions.
205 changes: 205 additions & 0 deletions LICENSES/vendor/github.com/danwinship/knftables/LICENSE
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 0 additions & 4 deletions cmd/kube-proxy/app/server_others.go
View file
Expand Up @@ -299,9 +299,7 @@ func (s *ProxyServer) createProxier(config *proxyconfigapi.KubeProxyConfiguratio

// TODO this has side effects that should only happen when Run() is invoked.
proxier, err = nftables.NewDualStackProxier(
ipt,
utilsysctl.New(),
execer,
config.NFTables.SyncPeriod.Duration,
config.NFTables.MinSyncPeriod.Duration,
config.NFTables.MasqueradeAll,
Expand All @@ -325,9 +323,7 @@ func (s *ProxyServer) createProxier(config *proxyconfigapi.KubeProxyConfiguratio
// TODO this has side effects that should only happen when Run() is invoked.
proxier, err = nftables.NewProxier(
s.PrimaryIPFamily,
iptInterface,
utilsysctl.New(),
execer,
config.NFTables.SyncPeriod.Duration,
config.NFTables.MinSyncPeriod.Duration,
config.NFTables.MasqueradeAll,
Expand Down
1 change: 1 addition & 0 deletions go.mod
View file
Expand Up @@ -27,6 +27,7 @@ require (
github.com/coreos/go-systemd/v22 v22.5.0
github.com/cpuguy83/go-md2man/v2 v2.0.2
github.com/cyphar/filepath-securejoin v0.2.4
github.com/danwinship/knftables v0.0.13
github.com/distribution/reference v0.5.0
github.com/docker/go-units v0.5.0
github.com/emicklei/go-restful/v3 v3.11.0
Expand Down
2 changes: 2 additions & 0 deletions go.sum
View file
Expand Up @@ -308,6 +308,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
github.com/danwinship/knftables v0.0.13 h1:89Ieiia6MMfXWQF9dyaou1CwBU8h8sHa2Zo3OlY2o04=
github.com/danwinship/knftables v0.0.13/go.mod h1:OzipaBQqkQAIbVnafTGyHgfFbjWTJecrA7/XNLNMO5E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
Expand Down

0 comments on commit abb1a45

Please sign in to comment.