-
Notifications
You must be signed in to change notification settings - Fork 742
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default to random-fully #1048
Default to random-fully #1048
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good for me :)
264451a
to
b3f3238
Compare
b3f3238
to
8018f0c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 great stuff now that the EKS AMI actually has a modern iptables distro :)
That means the iptables version of kube-proxy needs to be at least 1.16.2? Should we wait for that to happen first? |
@jqmichael Not really, this is independent of kube-proxy. That base image should have at least iptables 1.6.2 though, or they will get some warnings and the fallback "random" will be used. Also, the plan is to back port kubernetes/kubernetes#82966 to Kubernetes v1.16 as well, to allow kube-proxy to use iptables 1.8 or later. |
commit d938e5e Author: Jayanth Varavani <[email protected]> Date: Wed Jul 1 01:19:14 2020 +0000 Json o/p for logs from entrypoint.sh commit 2d20308 Author: Nathan Prabhu <[email protected]> Date: Mon Jun 29 18:06:22 2020 -0500 bugfix: make metrics-helper docker logging statement multi-arch compatible commit bf9ded3 Author: Claes Mogren <[email protected]> Date: Sat Jun 27 14:51:35 2020 -0700 Use install command instead of cp commit e3b7dbb Author: Gyuho Lee <[email protected]> Date: Mon Jun 29 09:40:02 2020 -0700 scripts/lib: bump up tester to v1.4.0 Signed-off-by: Gyuho Lee <[email protected]> commit c369480 Author: Claes Mogren <[email protected]> Date: Sun Jun 28 12:19:27 2020 -0700 Some refresh cleanups commit 8c266e9 Author: Claes Mogren <[email protected]> Date: Sun Jun 28 18:37:46 2020 -0700 Run staticcheck and clean up commit 8dfc5b1 Author: Jayanth Varavani <[email protected]> Date: Sun Jun 28 17:39:20 2020 -0700 Fix integration test script for code pipeline (aws#1062) Co-authored-by: Claes Mogren <[email protected]> commit 52306be Author: Murcherla <[email protected]> Date: Wed Jun 24 23:37:24 2020 -0500 minor nits, fast follow up to PR 903 commit 4ddd248 Author: Claes Mogren <[email protected]> Date: Sun Jun 14 23:20:22 2020 -0700 Add bandwidth plugin commit 6d35fda Author: Robert Sheehy <[email protected]> Date: Fri May 22 21:11:12 2020 -0500 Chain interface to other CNI plugins commit 30f98bd Author: Penugonda <[email protected]> Date: Thu Jun 25 15:14:00 2020 -0400 removed custom networking default vars, introspection var commit aa8b818 Author: Penugonda <[email protected]> Date: Wed Jun 24 19:11:38 2020 -0400 updated manifest configs with default env vars commit a073d66 Author: Nithish Murcherla <[email protected]> Date: Wed Jun 24 16:51:38 2020 -0500 refresh subnet/CIDR information every 30 seconds and update ip rules to map pods (aws#903) Co-authored-by: Claes Mogren <[email protected]> commit a0da387 Author: Claes Mogren <[email protected]> Date: Wed Jun 24 12:30:45 2020 -0700 Default to random-fully (aws#1048) commit 9fea153 Author: Claes Mogren <[email protected]> Date: Sun Jun 14 22:37:10 2020 -0700 Update probe settings * Reduce readiness probe startup delay * Increase liveness polling period * Reduce shutdown grace period to 10 seconds commit ad7df34 Author: Jay Pipes <[email protected]> Date: Wed Jun 24 02:06:23 2020 -0400 Remove timeout for ipamd startup (aws#874) * add configurable timeout for ipamd startup Adds a configurable timeout to the aws-k8s-agent (ipamd) startup in the entrypoint.sh script. Increases the default timeout from ~30 seconds to 60 seconds. Users can set the IPAMD_TIMEOUT_SECONDS environment variable to change the timeout. Related: aws#625, aws#865 aws#872 * This is a local gRPC call, so just try every 1 second indefinitely Since we have a liveness probe restarting the probe, we can rely on that to kill the pod. Co-authored-by: Claes Mogren <[email protected]> commit 1af40d2 Author: Jayanth Varavani <[email protected]> Date: Fri Jun 19 10:14:44 2020 -0700 Changelog and config file changes for v1.6.3 commit 14d5135 Author: Ari Becker <[email protected]> Date: Wed Jun 17 09:39:21 2020 +0300 Generated the different configurations commit 00395cb Author: Ari Becker <[email protected]> Date: Tue Jun 16 14:33:55 2020 +0300 Fix discovery RBAC issues in Kubernetes 1.17 commit 7e224af Author: Gyuho Lee <[email protected]> Date: Mon Jun 15 16:04:44 2020 -0700 scripts/lib/aws: bump up tester to v1.3.9 Includes improvements to log fetcher + MNG deletion when metrics server is installed. Signed-off-by: Gyuho Lee <[email protected]> commit 36286ba Author: Claes Mogren <[email protected]> Date: Mon Jun 15 07:56:59 2020 -0700 Remove Printf and format test (aws#1027) commit af54066 Author: Gyuho Lee <[email protected]> Date: Sat Jun 13 01:31:08 2020 -0700 scripts/lib/aws: tester v1.3.6, enable color outputs (aws#1025) Includes various bug fixes + color output if $TERM is supported. Fallback to plain text output automatic. ref. https://github.com/aws/aws-k8s-tester/blob/master/CHANGELOG/CHANGELOG-1.3.md#v136-2020-06-12 Signed-off-by: Gyuho Lee <[email protected]> commit 6d52e1b Author: jayanthvn <[email protected]> Date: Fri Jun 12 16:26:33 2020 -0700 added warning if delete on termination is set to false for the primar… (aws#1024) * Added a warning message if delete on termination is set to false for the primary ENI
Issue #, if available:
Resolves #1040
Description of changes:
AWS_VPC_K8S_CNI_RANDOMIZESNAT
to"prng"
, meaning--random-fully
for SNAT.Ping @mikestef9
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.