Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: ip per service #1038

Closed
wants to merge 4 commits into from
Closed

WIP: ip per service #1038

wants to merge 4 commits into from

Conversation

thockin
Copy link
Member

@thockin thockin commented Aug 26, 2014

This is filled with cruft, but I wanted to float the idea. It actually works.

Overview: When a service object is created, allocate it an IP. Broadcast that IP to all kube-proxies. Each one will set up iptables rules to forward traffic for that IP:port to a random local port. Clients connect to a stable ip:port but no more port collisions!

@smarterclayton
Copy link
Contributor

Very interesting. Scales pretty well logically as well. I assume then if you wanted your service to be exposed external you'd bind an external address as well and ensure it routes external to internal.

@thockin
Copy link
Member Author

thockin commented Aug 26, 2014

Exactly. It also allows for intra-pod ambassadors (proxies), rather than
machine-scoped proxies, eventually, which ties in with the config stuff.

On Tue, Aug 26, 2014 at 8:05 AM, Clayton Coleman notifications@github.com
wrote:

Very interesting. Scales pretty well logically as well. I assume then if
you wanted your service to be exposed external you'd bind an external
address as well and ensure it routes internal to external.

Reply to this email directly or view it on GitHub
#1038 (comment)
.

lavalamp
lavalamp reviewed Aug 26, 2014
View reviewed changes
pkg/registry/service/storage.go
}

// FIXME: probably should be [4]byte and also carry the subnet part
type ipSubnet [4]string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ow, my eyes! ;) Can you make this work instead: http://golang.org/pkg/net/#IP

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah - let's try to future proof ourselves for IPv6 here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh yeah, that was my other comment which I forgot to actually say. IPv6!!

@kelseyhightower
Copy link
Contributor

So what happens if the machine "holding" the service IP goes away? I thought the way it works today is that the service proxy would round-robin across N pods to ensure you always hit the service from anywhere in the cluster. Since the proxy runs on every host, all external clients can hit any member of the cluster and end up in the right place.

@lavalamp
Copy link
Member

I think the model at the moment is that every minion just pretends (via IPTables magic) that X IP address gets routed to Y service, and nothing else changes. @thockin, is that right?

@bgrant0607 bgrant0607 added this to the v1.0 milestone Aug 28, 2014
@bgrant0607
Copy link
Member

It looks like I never filed an issue specifically for IP per service, but FYI this is a roadmap.md item and is covered in networking.md. It was perhaps first discussed in #146 and #188.

@thockin
Copy link
Member Author

thockin commented Aug 28, 2014

I'm going to write this up a bit before pushing further with this PR. I
have demonstrated that it works, now I want to offer some trade-offs in the
final design, and that is better served by a doc than a PR :)

On Thu, Aug 28, 2014 at 2:38 PM, bgrant0607 notifications@github.com
wrote:

It looks like I never filed an issue specifically for IP per service, but
FYI this is a roadmap.md
https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/roadmap.md
item and is covered in networking.md
https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/networking.md.
It was perhaps first discussed in #146
#146 and #188
#188.

Reply to this email directly or view it on GitHub
#1038 (comment)
.

@smarterclayton
Copy link
Contributor

Such discipline!

@thockin
Copy link
Member Author

thockin commented Aug 29, 2014

It takes every ounce of my being not to write a 20 page doc with diagrams,
flowcharts, code, test cases, and cross-references. :P

#1107

On Thu, Aug 28, 2014 at 4:43 PM, Clayton Coleman notifications@github.com
wrote:

Such discipline!

Reply to this email directly or view it on GitHub
#1038 (comment)
.

@thockin thockin closed this Sep 22, 2014
@thockin thockin deleted the portals branch October 17, 2014 06:17
csrwng pushed a commit to csrwng/kubernetes that referenced this pull request Nov 11, 2021
@openshift-merge-robot
Merge pull request kubernetes#1038 from soltysh/fix-build-version
6cfc644 
Bug 2021936: Read k8s version from hyperkube Dockerfile
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@thockin @smarterclayton @kelseyhightower @lavalamp @bgrant0607