Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Host field to TCPSocketAction #42902

Merged
merged 2 commits into from
Mar 26, 2017

Conversation

louyihua
Copy link
Contributor

@louyihua louyihua commented Mar 10, 2017

Currently, TCPSocketAction always uses Pod's IP in connection. But when a pod uses the host network, sometimes firewall rules may prevent kubelet from connecting through the Pod's IP.

This PR introduces the 'Host' field for TCPSocketAction, and if it is set to non-empty string, the probe will be performed on the configured host rather than the Pod's IP. This gives users an opportunity to explicitly specify 'localhost' as the target for the above situations.

Add Host field to TCPSocketAction

@k8s-ci-robot
Copy link
Contributor

Hi @louyihua. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with @k8s-bot ok to test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA.

Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.


Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Mar 10, 2017
@k8s-reviewable
Copy link

This change is Reviewable

@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

The following people have approved this PR: louyihua

Needs approval from an approver in each of these OWNERS Files:

We suggest the following people:
cc @Random-Liu @smarterclayton
You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot k8s-github-robot added kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API size/S Denotes a PR that changes 10-29 lines, ignoring generated files. release-note-label-needed labels Mar 10, 2017
@louyihua louyihua force-pushed the allow-tcp-probe-host branch from 9cf4cf1 to 8b685cc Compare March 10, 2017 18:35
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Mar 10, 2017
@k8s-github-robot k8s-github-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-label-needed labels Mar 10, 2017
@louyihua louyihua force-pushed the allow-tcp-probe-host branch from 8b685cc to 2c718e8 Compare March 11, 2017 08:02
@k8s-github-robot k8s-github-robot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Mar 11, 2017
@louyihua louyihua force-pushed the allow-tcp-probe-host branch from 2c718e8 to c0abd6c Compare March 11, 2017 08:28
@k8s-github-robot k8s-github-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 11, 2017
@louyihua
Copy link
Contributor Author

@k8s-bot tell me a joke

@k8s-ci-robot
Copy link
Contributor

@louyihua: What do you call a fake noodle? An impasta.

In response to this comment:

@k8s-bot tell me a joke

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@louyihua
Copy link
Contributor Author

@smarterclayton
This is a required patch to solve the openshift BUG 1405440 & 1430729.

@soltysh soltysh assigned nikhiljindal and unassigned soltysh Mar 13, 2017
@soltysh
Copy link
Contributor

soltysh commented Mar 13, 2017

@kubernetes/sig-network-pr-reviews ptal

@nikhiljindal
Copy link
Contributor

We generally recommend keeping real code changes and autogenerated changes in separate commit for easier reviewing.

This is an API change so cc @kubernetes/api-reviewers.

Assigning to @thockin to triage since this a network related API change.

@nikhiljindal nikhiljindal assigned thockin and unassigned nikhiljindal Mar 13, 2017
@thockin
Copy link
Member

thockin commented Mar 13, 2017

@k8s-bot ok to test

@thockin thockin added approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Mar 13, 2017
@louyihua louyihua force-pushed the allow-tcp-probe-host branch 2 times, most recently from 2a5cec5 to 51fbf95 Compare March 14, 2017 05:19
@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 14, 2017
@louyihua louyihua force-pushed the allow-tcp-probe-host branch from 51fbf95 to 8155931 Compare March 14, 2017 06:41
@louyihua
Copy link
Contributor Author

louyihua commented Mar 14, 2017

Always fail on the aws e2e with strange error :(

@jwendell
Copy link

I would also add:

diff --git a/pkg/kubectl/describe.go b/pkg/kubectl/describe.go
index 0359b9c..c63654d 100644
--- a/pkg/kubectl/describe.go
+++ b/pkg/kubectl/describe.go
@@ -1123,7 +1123,7 @@ func DescribeProbe(probe *api.Probe) string {
                url.Path = probe.HTTPGet.Path
                return fmt.Sprintf("http-get %s %s", url.String(), attrs)
        case probe.TCPSocket != nil:
-               return fmt.Sprintf("tcp-socket :%s %s", probe.TCPSocket.Port.String(), attrs)
+               return fmt.Sprintf("tcp-socket %s:%s %s", probe.TCPSocket.Host, probe.TCPSocket.Port.String(), attrs)
        }
        return fmt.Sprintf("unknown %s", attrs)
 }

Currently, TCPSocketAction always uses Pod's IP in connection. But when a
pod uses the host network, sometimes firewall rules may prevent kubelet
from connecting through the Pod's IP. This PR introduces the 'Host' field
for TCPSocketAction, and if it is set to non-empty string, the probe will
be performed on the configured host rather than the Pod's IP. This gives
users an opportunity to explicitly specify 'localhost' as the target for
the above situations.
@louyihua louyihua force-pushed the allow-tcp-probe-host branch from 8155931 to 64f2b0c Compare March 14, 2017 15:53
@louyihua
Copy link
Contributor Author

@jwendell
Thanks! Have added this to commit.

@jwendell
Copy link

@louyihua no problem. I was also working on that feature, for the last 3 days at least, and just saw this PR. The only difference to my work was that chunk above.

@louyihua
Copy link
Contributor Author

@thockin
All tests are passed now.

@thockin thockin added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 15, 2017
@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 25, 2017
@fejta fejta removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 25, 2017
@k8s-github-robot
Copy link

Automatic merge from submit-queue (batch tested with PRs 42998, 42902, 42959, 43020, 42948)

@k8s-github-robot k8s-github-robot merged commit f9e87e1 into kubernetes:master Mar 26, 2017
@louyihua louyihua deleted the allow-tcp-probe-host branch April 1, 2017 07:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants