Skip to content

Commit

Permalink
Merge pull request #46266 from thockin/proxy-periodic-runner-2
Browse files Browse the repository at this point in the history 
Automatic merge from submit-queue (batch tested with PRs 44774, 46266, 46248, 46403, 46430)

kube-proxy: ratelimit runs of iptables by sync-period flags

This bounds how frequently iptables can be synced.  It will be no more often than every 10 seconds and no less often than every 1 minute, by default.

@timothysc FYI

@dcbw @freehan FYI
  • Loading branch information
Kubernetes Submit Queue authored May 25, 2017
2 parents 26d7ee0 + 2856fde commit ee671e6
Show file tree
Hide file tree
Showing 19 changed files with 720 additions and 120 deletions.
2 changes: 1 addition & 1 deletion Godeps/Godeps.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions cluster/gce/container-linux/configure-helper.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -620,6 +620,7 @@ function start-kube-proxy {
if [[ -n "${FEATURE_GATES:-}" ]]; then
params+=" --feature-gates=${FEATURE_GATES}"
fi
params+=" --iptables-sync-period=1m --iptables-min-sync-period=10s"
if [[ -n "${KUBEPROXY_TEST_ARGS:-}" ]]; then
params+=" ${KUBEPROXY_TEST_ARGS}"
fi
Expand Down
1 change: 1 addition & 0 deletions cluster/gce/gci/configure-helper.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -825,6 +825,7 @@ function start-kube-proxy {
if [[ -n "${FEATURE_GATES:-}" ]]; then
params+=" --feature-gates=${FEATURE_GATES}"
fi
params+=" --iptables-sync-period=1m --iptables-min-sync-period=10s"
if [[ -n "${KUBEPROXY_TEST_ARGS:-}" ]]; then
params+=" ${KUBEPROXY_TEST_ARGS}"
fi
Expand Down
4 changes: 3 additions & 1 deletion cluster/saltbase/salt/kube-proxy/kube-proxy.manifest
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,10 @@
{% set feature_gates = "--feature-gates=" + grains.feature_gates -%}
{% endif -%}

{% set throttles = "--iptables-sync-period=1m --iptables-min-sync-period=10s" -%}

# test_args should always go last to overwrite prior configuration
{% set params = log_level + " " + feature_gates + " " + test_args -%}
{% set params = log_level + " " + throttles + " " + feature_gates + " " + test_args -%}

{% set container_env = "" -%}

Expand Down
4 changes: 3 additions & 1 deletion pkg/proxy/iptables/BUILD
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ go_library(
"//pkg/proxy:go_default_library",
"//pkg/proxy/healthcheck:go_default_library",
"//pkg/proxy/util:go_default_library",
"//pkg/util/async:go_default_library",
"//pkg/util/exec:go_default_library",
"//pkg/util/iptables:go_default_library",
"//pkg/util/sysctl:go_default_library",
Expand All @@ -31,10 +32,10 @@ go_library(
"//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
"//vendor/k8s.io/client-go/pkg/api/v1:go_default_library",
"//vendor/k8s.io/client-go/tools/record:go_default_library",
"//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
],
)

Expand All @@ -46,6 +47,7 @@ go_test(
deps = [
"//pkg/api:go_default_library",
"//pkg/proxy:go_default_library",
"//pkg/util/async:go_default_library",
"//pkg/util/exec:go_default_library",
"//pkg/util/iptables:go_default_library",
"//pkg/util/iptables/testing:go_default_library",
Expand Down
Loading

0 comments on commit ee671e6

Please sign in to comment.