mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-10-08 00:11:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
kube-router/utils
History
Bryan Zubrod 342ea5ac9f Prevent masquerading pod -> NodeIP traffic (#174) 
* Move getNodeIP logic to utils package

Remove redundant ipset lookups

utils.NewIPSet() does this for us.

* Don't masquerade pod -> nodeAddrsIPSet traffic

Previously with Pod egress enabled, this would get masqueraded.
This change also adds cleanup for said ipset.

* Enhanced cleanup of Pod egress, overlay networking

- Delete old/bad pod egress iptables rule(s) from old versions
- When pod egress or overlay are disabled, cleanup as needed

* Update IPSet.Sets to map type

* ipset enhancements

- Avoid providing method that would delete all ipset sets on a system
- New method DestroyAllWithin() destroys sets tracked by an IPSet
- Create() now handles cases where Sets/System state are not in sync
- Refresh() now handles leftover -temp set gracefully
- Swap() now uses ipset swap
- Delete() improved sync of Sets and system state
- Get() now validates if map element exists before trying
- etc

* Update routes controller to reflect ipset changes
2017-10-07 04:14:13 -05:00
..
ipset.go
Prevent masquerading pod -> NodeIP traffic (#174)
2017-10-07 04:14:13 -05:00
node.go
Prevent masquerading pod -> NodeIP traffic (#174)
2017-10-07 04:14:13 -05:00
pod_cidr.go
fixing gofmt, go_vet, gocyclo, golint errors
2017-09-04 17:10:48 +05:30
utils.go
fixing gofmt, go_vet, gocyclo, golint errors
2017-09-04 17:10:48 +05:30