update some files

xiaods · Oct 21, 2024 · b1b8eef · b1b8eef
1 parent 76d5a2c
commit b1b8eef
Show file tree

Hide file tree

Showing 5 changed files with 89 additions and 72 deletions.
diff --git a/go.mod b/go.mod
@@ -74,6 +74,7 @@ replace (
 )
 
 require (
+	github.com/Microsoft/hcsshim v0.12.6
 	github.com/Mirantis/cri-dockerd v0.0.0-00010101000000-000000000000
 	github.com/blang/semver/v4 v4.0.0
 	github.com/containerd/aufs v1.0.0
@@ -182,7 +183,6 @@ require (
 	github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/Microsoft/hcsshim v0.12.6 // indirect
 	github.com/NYTimes/gziphandler v1.1.1 // indirect
 	github.com/Rican7/retry v0.1.0 // indirect
 	github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e // indirect

diff --git a/pkg/agent/run.go b/pkg/agent/run.go
@@ -90,11 +90,6 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error {
 		return fmt.Errorf("dual-stack or IPv6 are not supported on Windows node")
 	}
 
-	conntrackConfig, err := getConntrackConfig(nodeConfig)
-	if err != nil {
-		return errors.Wrap(err, "failed to validate kube-proxy conntrack configuration")
-	}
-	syssetup.Configure(enableIPv6, conntrackConfig)
 	nodeConfig.AgentConfig.EnableIPv4 = enableIPv4
 	nodeConfig.AgentConfig.EnableIPv6 = enableIPv6
 

diff --git a/pkg/daemons/executor/embed.go b/pkg/daemons/executor/embed.go
@@ -40,7 +40,6 @@ import (
 	"k8s.io/klog/v2"
 	apiapp "k8s.io/kubernetes/cmd/kube-apiserver/app"
 	cmapp "k8s.io/kubernetes/cmd/kube-controller-manager/app"
-	proxy "k8s.io/kubernetes/cmd/kube-proxy/app"
 	sapp "k8s.io/kubernetes/cmd/kube-scheduler/app"
 	kubelet "k8s.io/kubernetes/cmd/kubelet/app"
 
@@ -104,27 +103,6 @@ func (e *Embedded) Kubelet(ctx context.Context, args []string) error {
 	return nil
 }
 
-func (e *Embedded) KubeProxy(ctx context.Context, args []string) error {
-	command := proxy.NewProxyCommand()
-	command.SetArgs(daemonconfig.GetArgs(platformKubeProxyArgs(e.nodeConfig), args))
-
-	go func() {
-		defer func() {
-			if err := recover(); err != nil {
-				logrus.WithField("stack", string(debug.Stack())).Fatalf("kube-proxy panic: %v", err)
-			}
-		}()
-		err := command.ExecuteContext(ctx)
-		if err != nil && !errors.Is(err, context.Canceled) {
-			logrus.Errorf("kube-proxy exited: %v", err)
-			os.Exit(1)
-		}
-		os.Exit(0)
-	}()
-
-	return nil
-}
-
 func (*Embedded) APIServerHandlers(ctx context.Context) (authenticator.Request, http.Handler, error) {
 	startupConfig := <-apiapp.StartupConfig
 	return startupConfig.Authenticator, startupConfig.Handler, nil

diff --git a/pkg/node/controller.go b/pkg/node/controller.go
@@ -1,14 +1,19 @@
 package node
 
 import (
+	"bytes"
 	"context"
+	"net"
+	"sort"
 	"strings"
 
+	"github.com/xiaods/k8e/pkg/nodepassword"
 	"github.com/pkg/errors"
-	coreclient "github.com/rancher/wrangler/pkg/generated/controllers/core/v1"
+	coreclient "github.com/rancher/wrangler/v3/pkg/generated/controllers/core/v1"
 	"github.com/sirupsen/logrus"
-	"github.com/xiaods/k8e/pkg/nodepassword"
 	core "k8s.io/api/core/v1"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 func Register(ctx context.Context,
@@ -47,14 +52,22 @@ func (h *handler) onRemove(key string, node *core.Node) (*core.Node, error) {
 
 func (h *handler) updateHosts(node *core.Node, removed bool) (*core.Node, error) {
 	var (
-		nodeName    string
-		nodeAddress string
+		nodeName string
+		hostName string
+		nodeIPv4 string
+		nodeIPv6 string
 	)
 	nodeName = node.Name
 	for _, address := range node.Status.Addresses {
-		if address.Type == "InternalIP" {
-			nodeAddress = address.Address
-			break
+		switch address.Type {
+		case v1.NodeInternalIP:
+			if strings.Contains(address.Address, ":") {
+				nodeIPv6 = address.Address
+			} else {
+				nodeIPv4 = address.Address
+			}
+		case v1.NodeHostName:
+			hostName = address.Address
 		}
 	}
 	if removed {
@@ -63,58 +76,101 @@ func (h *handler) updateHosts(node *core.Node, removed bool) (*core.Node, error)
 		}
 	}
 	if h.modCoreDNS {
-		if err := h.updateCoreDNSConfigMap(nodeName, nodeAddress, removed); err != nil {
+		if err := h.updateCoreDNSConfigMap(nodeName, hostName, nodeIPv4, nodeIPv6, removed); err != nil {
 			return nil, err
 		}
 	}
 	return nil, nil
 }
 
-func (h *handler) updateCoreDNSConfigMap(nodeName, nodeAddress string, removed bool) error {
-	if nodeAddress == "" && !removed {
-		logrus.Errorf("No InternalIP found for node " + nodeName)
+func (h *handler) updateCoreDNSConfigMap(nodeName, hostName, nodeIPv4, nodeIPv6 string, removed bool) error {
+	if removed {
+		nodeIPv4 = ""
+		nodeIPv6 = ""
+	} else if nodeIPv4 == "" && nodeIPv6 == "" {
+		logrus.Errorf("No InternalIP addresses found for node " + nodeName)
 		return nil
 	}
 
-	configMapCache, err := h.configMaps.Cache().Get("kube-system", "coredns")
-	if err != nil || configMapCache == nil {
+	nodeNames := nodeName
+	if hostName != nodeName {
+		nodeNames += " " + hostName
+	}
+
+	configMap, err := h.configMaps.Get("kube-system", "coredns", metav1.GetOptions{})
+	if err != nil || configMap == nil {
 		logrus.Warn(errors.Wrap(err, "Unable to fetch coredns config map"))
 		return nil
 	}
 
-	configMap := configMapCache.DeepCopy()
-	hosts := configMap.Data["NodeHosts"]
-	hostsMap := map[string]string{}
+	addressMap := map[string]string{}
 
-	for _, line := range strings.Split(hosts, "\n") {
+	// extract current entries from hosts file, skipping any entries that are
+	// empty, unparsable, or hold an incorrect address for the current node.
+	for _, line := range strings.Split(configMap.Data["NodeHosts"], "\n") {
+		line, _, _ = strings.Cut(line, "#")
 		if line == "" {
 			continue
 		}
 		fields := strings.Fields(line)
-		if len(fields) != 2 {
+		if len(fields) < 2 {
 			logrus.Warnf("Unknown format for hosts line [%s]", line)
 			continue
 		}
 		ip := fields[0]
-		host := fields[1]
-		if host == nodeName {
-			if removed {
-				continue
-			}
-			if ip == nodeAddress {
-				return nil
+		if fields[1] == nodeName {
+			if strings.Contains(ip, ":") {
+				if ip != nodeIPv6 {
+					continue
+				}
+			} else {
+				if ip != nodeIPv4 {
+					continue
+				}
 			}
 		}
-		hostsMap[host] = ip
+		names := strings.Join(fields[1:], " ")
+		addressMap[ip] = names
 	}
 
-	if !removed {
-		hostsMap[nodeName] = nodeAddress
+	// determine what names we should have for each address family
+	var namesv6, namesv4 string
+	if nodeIPv4 != "" {
+		namesv4 = nodeNames
+	}
+	if nodeIPv6 != "" {
+		namesv6 = nodeNames
 	}
 
+	// don't need to do anything if the addresses are in sync
+	if !removed && addressMap[nodeIPv4] == namesv4 && addressMap[nodeIPv6] == namesv6 {
+		return nil
+	}
+
+	// Something's out of sync, set the desired entries
+	if nodeIPv4 != "" {
+		addressMap[nodeIPv4] = namesv4
+	}
+	if nodeIPv6 != "" {
+		addressMap[nodeIPv6] = namesv6
+	}
+
+	// sort addresses by IP
+	addresses := make([]string, 0, len(addressMap))
+	for ip := range addressMap {
+		addresses = append(addresses, ip)
+	}
+	sort.Slice(addresses, func(i, j int) bool {
+		return bytes.Compare(net.ParseIP(addresses[i]), net.ParseIP(addresses[j])) < 0
+	})
+
 	var newHosts string
-	for host, ip := range hostsMap {
-		newHosts += ip + " " + host + "\n"
+	for _, ip := range addresses {
+		newHosts += ip + " " + addressMap[ip] + "\n"
+	}
+
+	if configMap.Data == nil {
+		configMap.Data = map[string]string{}
 	}
 	configMap.Data["NodeHosts"] = newHosts
 
@@ -128,10 +184,10 @@ func (h *handler) updateCoreDNSConfigMap(nodeName, nodeAddress string, removed b
 	} else {
 		actionType = "Updated"
 	}
-	logrus.Infof("%s coredns node hosts entry [%s]", actionType, nodeAddress+" "+nodeName)
+	logrus.Infof("%s coredns NodeHosts entry for %s", actionType, nodeName)
 	return nil
 }
 
 func (h *handler) removeNodePassword(nodeName string) error {
 	return nodepassword.Delete(h.secrets, nodeName)
-}
+}
diff --git a/pkg/util/services/services_test.go b/pkg/util/services/services_test.go
@@ -70,12 +70,6 @@ func Test_UnitFilesForServices(t *testing.T) {
 					"/var/lib/rancher/k8e/agent/client-k8e-controller.crt",
 					"/var/lib/rancher/k8e/agent/client-k8e-controller.key",
 				},
-				"kube-proxy": []string{
-					"/var/lib/rancher/k8e/server/tls/client-kube-proxy.crt",
-					"/var/lib/rancher/k8e/server/tls/client-kube-proxy.key",
-					"/var/lib/rancher/k8e/agent/client-kube-proxy.crt",
-					"/var/lib/rancher/k8e/agent/client-kube-proxy.key",
-				},
 				"kubelet": []string{
 					"/var/lib/rancher/k8e/server/tls/client-kubelet.key",
 					"/var/lib/rancher/k8e/server/tls/serving-kubelet.key",
@@ -168,12 +162,6 @@ func Test_UnitFilesForServices(t *testing.T) {
 					"/var/lib/rancher/k8e/agent/client-k8e-controller.crt",
 					"/var/lib/rancher/k8e/agent/client-k8e-controller.key",
 				},
-				"kube-proxy": []string{
-					"/var/lib/rancher/k8e/server/tls/client-kube-proxy.crt",
-					"/var/lib/rancher/k8e/server/tls/client-kube-proxy.key",
-					"/var/lib/rancher/k8e/agent/client-kube-proxy.crt",
-					"/var/lib/rancher/k8e/agent/client-kube-proxy.key",
-				},
 				"kubelet": []string{
 					"/var/lib/rancher/k8e/server/tls/client-kubelet.key",
 					"/var/lib/rancher/k8e/server/tls/serving-kubelet.key",