...

Source file src/k8s.io/kubernetes/pkg/proxy/apis/config/v1alpha1/defaults.go

Documentation: k8s.io/kubernetes/pkg/proxy/apis/config/v1alpha1 

     1  /*
     2  Copyright 2015 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package v1alpha1
    18  
    19  import (
    20  	"fmt"
    21  	"time"
    22  
    23  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    24  	kruntime "k8s.io/apimachinery/pkg/runtime"
    25  	kubeproxyconfigv1alpha1 "k8s.io/kube-proxy/config/v1alpha1"
    26  
    27  	logsapi "k8s.io/component-base/logs/api/v1"
    28  	"k8s.io/kubernetes/pkg/cluster/ports"
    29  	"k8s.io/kubernetes/pkg/kubelet/qos"
    30  	proxyutil "k8s.io/kubernetes/pkg/proxy/util"
    31  	netutils "k8s.io/utils/net"
    32  	"k8s.io/utils/ptr"
    33  )
    34  
    35  func addDefaultingFuncs(scheme *kruntime.Scheme) error {
    36  	return RegisterDefaults(scheme)
    37  }
    38  
    39  func SetDefaults_KubeProxyConfiguration(obj *kubeproxyconfigv1alpha1.KubeProxyConfiguration) {
    40  
    41  	if len(obj.BindAddress) == 0 {
    42  		obj.BindAddress = "0.0.0.0"
    43  	}
    44  
    45  	defaultHealthzAddress, defaultMetricsAddress := getDefaultAddresses(obj.BindAddress)
    46  
    47  	if obj.HealthzBindAddress == "" {
    48  		obj.HealthzBindAddress = fmt.Sprintf("%s:%v", defaultHealthzAddress, ports.ProxyHealthzPort)
    49  	} else {
    50  		obj.HealthzBindAddress = proxyutil.AppendPortIfNeeded(obj.HealthzBindAddress, ports.ProxyHealthzPort)
    51  	}
    52  	if obj.MetricsBindAddress == "" {
    53  		obj.MetricsBindAddress = fmt.Sprintf("%s:%v", defaultMetricsAddress, ports.ProxyStatusPort)
    54  	} else {
    55  		obj.MetricsBindAddress = proxyutil.AppendPortIfNeeded(obj.MetricsBindAddress, ports.ProxyStatusPort)
    56  	}
    57  
    58  	if obj.OOMScoreAdj == nil {
    59  		temp := int32(qos.KubeProxyOOMScoreAdj)
    60  		obj.OOMScoreAdj = &temp
    61  	}
    62  	if obj.IPTables.SyncPeriod.Duration == 0 {
    63  		obj.IPTables.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
    64  	}
    65  	if obj.IPTables.MinSyncPeriod.Duration == 0 {
    66  		obj.IPTables.MinSyncPeriod = metav1.Duration{Duration: 1 * time.Second}
    67  	}
    68  	if obj.IPTables.LocalhostNodePorts == nil {
    69  		obj.IPTables.LocalhostNodePorts = ptr.To(true)
    70  	}
    71  	if obj.IPVS.SyncPeriod.Duration == 0 {
    72  		obj.IPVS.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
    73  	}
    74  	if obj.NFTables.SyncPeriod.Duration == 0 {
    75  		obj.NFTables.SyncPeriod = metav1.Duration{Duration: 30 * time.Second}
    76  	}
    77  	if obj.NFTables.MinSyncPeriod.Duration == 0 {
    78  		obj.NFTables.MinSyncPeriod = metav1.Duration{Duration: 1 * time.Second}
    79  	}
    80  
    81  	if obj.Conntrack.MaxPerCore == nil {
    82  		obj.Conntrack.MaxPerCore = ptr.To[int32](32 * 1024)
    83  	}
    84  	if obj.Conntrack.Min == nil {
    85  		obj.Conntrack.Min = ptr.To[int32](128 * 1024)
    86  	}
    87  
    88  	if obj.IPTables.MasqueradeBit == nil {
    89  		temp := int32(14)
    90  		obj.IPTables.MasqueradeBit = &temp
    91  	}
    92  	if obj.NFTables.MasqueradeBit == nil {
    93  		temp := int32(14)
    94  		obj.NFTables.MasqueradeBit = &temp
    95  	}
    96  	if obj.Conntrack.TCPEstablishedTimeout == nil {
    97  		obj.Conntrack.TCPEstablishedTimeout = &metav1.Duration{Duration: 24 * time.Hour} // 1 day (1/5 default)
    98  	}
    99  	if obj.Conntrack.TCPCloseWaitTimeout == nil {
   100  		// See https://github.com/kubernetes/kubernetes/issues/32551.
   101  		//
   102  		// CLOSE_WAIT conntrack state occurs when the Linux kernel
   103  		// sees a FIN from the remote server. Note: this is a half-close
   104  		// condition that persists as long as the local side keeps the
   105  		// socket open. The condition is rare as it is typical in most
   106  		// protocols for both sides to issue a close; this typically
   107  		// occurs when the local socket is lazily garbage collected.
   108  		//
   109  		// If the CLOSE_WAIT conntrack entry expires, then FINs from the
   110  		// local socket will not be properly SNAT'd and will not reach the
   111  		// remote server (if the connection was subject to SNAT). If the
   112  		// remote timeouts for FIN_WAIT* states exceed the CLOSE_WAIT
   113  		// timeout, then there will be an inconsistency in the state of
   114  		// the connection and a new connection reusing the SNAT (src,
   115  		// port) pair may be rejected by the remote side with RST. This
   116  		// can cause new calls to connect(2) to return with ECONNREFUSED.
   117  		//
   118  		// We set CLOSE_WAIT to one hour by default to better match
   119  		// typical server timeouts.
   120  		obj.Conntrack.TCPCloseWaitTimeout = &metav1.Duration{Duration: 1 * time.Hour}
   121  	}
   122  	if obj.ConfigSyncPeriod.Duration == 0 {
   123  		obj.ConfigSyncPeriod.Duration = 15 * time.Minute
   124  	}
   125  
   126  	if len(obj.ClientConnection.ContentType) == 0 {
   127  		obj.ClientConnection.ContentType = "application/vnd.kubernetes.protobuf"
   128  	}
   129  	if obj.ClientConnection.QPS == 0.0 {
   130  		obj.ClientConnection.QPS = 5.0
   131  	}
   132  	if obj.ClientConnection.Burst == 0 {
   133  		obj.ClientConnection.Burst = 10
   134  	}
   135  	if obj.FeatureGates == nil {
   136  		obj.FeatureGates = make(map[string]bool)
   137  	}
   138  	// Use the Default LoggingConfiguration option
   139  	logsapi.SetRecommendedLoggingConfiguration(&obj.Logging)
   140  }
   141  
   142  // getDefaultAddresses returns default address of healthz and metrics server
   143  // based on the given bind address. IPv6 addresses are enclosed in square
   144  // brackets for appending port.
   145  func getDefaultAddresses(bindAddress string) (defaultHealthzAddress, defaultMetricsAddress string) {
   146  	if netutils.ParseIPSloppy(bindAddress).To4() != nil {
   147  		return "0.0.0.0", "127.0.0.1"
   148  	}
   149  	return "[::]", "[::1]"
   150  }
   151  

View as plain text