* Move getNodeIP logic to utils package
Remove redundant ipset lookups
utils.NewIPSet() does this for us.
* Don't masquerade pod -> nodeAddrsIPSet traffic
Previously with Pod egress enabled, this would get masqueraded.
This change also adds cleanup for said ipset.
* Enhanced cleanup of Pod egress, overlay networking
- Delete old/bad pod egress iptables rule(s) from old versions
- When pod egress or overlay are disabled, cleanup as needed
* Update IPSet.Sets to map type
* ipset enhancements
- Avoid providing method that would delete all ipset sets on a system
- New method DestroyAllWithin() destroys sets tracked by an IPSet
- Create() now handles cases where Sets/System state are not in sync
- Refresh() now handles leftover -temp set gracefully
- Swap() now uses ipset swap
- Delete() improved sync of Sets and system state
- Get() now validates if map element exists before trying
- etc
* Update routes controller to reflect ipset changes
Fix ensures below two cases are explicitly handled
- in the network policy spec for the ingress rule, its optionsl to give 'ports' and 'from' details
when not specified it translates to match all ports, match all sources respectivley
- user may explicitly give the 'ports' and 'from' details in the ingress rule. But at any given point
its possible there is no matching pods (with labels defined in 'from') in the namespace.
Before the fix both the cases were handled similarly resulting in unexpected behaviour
Fixes#85
with this refactoring support for network policy V1 (or GA) is added.
Changes are backward compatible so beta network policy semantics
are still available for k8s ver 1.6.* and less
Fixes#16
If NODE_NAME env is not set, fall back to hostname.
Partial fix towards #23 we still have issue where kube-router is run as agent
and kubelet is started with --hostname-overide flag
by host name or FQDN. kubelet can be started with --hostname-override with configurable value.
In AWS envirinment typcally its set FQDN obtained from the metda data. This fix ensures
we can deploy kube-router in case nodes are registered with FQDN
Fixes#17
