Skip to content
This repository has been archived by the owner on Jan 11, 2023. It is now read-only.

Commit

Permalink
* Workaround for Outbound connection to work, post reboot of a host w…
Browse files Browse the repository at this point in the history 
…ith a running container (#2378)

- Restart HNS Service (This would clear up the issue)
  - Cleanup Hns Policy Lists before starting KubeProxy.

* Update startup script to generate CNI config to include DNS Suffix or Search Path.

* Fix scenario of restart of Kubelet service as Kubeproxy goes out of sync
  • Loading branch information
@madhanrm @jackfrancis
madhanrm authored and jackfrancis committed Mar 20, 2018
1 parent 1245156 commit fe48b61
Showing 1 changed file with 52 additions and 12 deletions.
64 changes: 52 additions & 12 deletions parts/k8s/kuberneteswindowssetup.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,14 +131,33 @@ Install-Package($package)
Write-Log "$package installed"
}

function DownloadFileOverHttp($Url, $DestinationPath)
{
$secureProtocols = @()
$insecureProtocols = @([System.Net.SecurityProtocolType]::SystemDefault, [System.Net.SecurityProtocolType]::Ssl3)

foreach ($protocol in [System.Enum]::GetValues([System.Net.SecurityProtocolType]))
{
if ($insecureProtocols -notcontains $protocol)
{
$secureProtocols += $protocol
}
}
[System.Net.ServicePointManager]::SecurityProtocol = $secureProtocols

curl $Url -UseBasicParsing -OutFile $DestinationPath -Verbose
Write-Log "$DestinationPath updated"
}
function Get-HnsPsm1()
{
DownloadFileOverHttp "https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/hns.psm1" "$global:HNSModule"
}

function Update-WinCNI()
{
$wincni = "wincni.exe"
$wincniFile = [Io.path]::Combine($global:CNIPath, $wincni)
$url = $global:WindowsPackageSASURLBase + $wincni
Invoke-WebRequest -Uri $url -OutFile $wincniFile

Write-Log "$wincni updated"
DownloadFileOverHttp "https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/cni/wincni.exe" $wincniFile
}

function
Expand All @@ -153,6 +172,7 @@ Update-WindowsPackages()
}

Update-WinCNI
Get-HnsPsm1
}

function
Expand Down Expand Up @@ -301,6 +321,7 @@ c:\k\kubelet.exe --hostname-override=`$global:AzureHostname --pod-infra-containe
$kubeStartStr = @"
`$global:AzureHostname = "$AzureHostname"
`$global:MasterIP = "$MasterIP"
`$global:KubeDnsSearchPath = "svc.cluster.local"
`$global:KubeDnsServiceIp = "$KubeDnsServiceIp"
`$global:MasterSubnet = "$global:MasterSubnet"
`$global:KubeClusterCIDR = "$global:KubeClusterCIDR"
Expand Down Expand Up @@ -363,7 +384,8 @@ Update-CNIConfig(`$podCIDR, `$masterSubnetGW)
}]
},
""dns"" : {
""Nameservers"" : [ ""<NameServers>"" ]
""Nameservers"" : [ ""<NameServers>"" ],
""Search"" : [ ""<Cluster DNS Suffix or Search Path>"" ]
},
""AdditionalArgs"" : [
{
Expand All @@ -380,6 +402,7 @@ Update-CNIConfig(`$podCIDR, `$masterSubnetGW)
`$configJson.ipam.subnet=`$podCIDR
`$configJson.ipam.routes[0].GW = `$masterSubnetGW
`$configJson.dns.Nameservers[0] = `$global:KubeDnsServiceIp
`$configJson.dns.Search[0] = `$global:KubeDnsSearchPath
`$configJson.AdditionalArgs[0].Value.ExceptionList[0] = `$global:KubeClusterCIDR
`$configJson.AdditionalArgs[0].Value.ExceptionList[1] = `$global:MasterSubnet
Expand Down Expand Up @@ -429,14 +452,24 @@ try
# startup the service
`$hnsNetwork = Get-HnsNetwork | ? Name -EQ `$global:NetworkMode.ToLower()
if (!`$hnsNetwork)
if (`$hnsNetwork)
{
Write-Host "No HNS network found, creating a new one..."
ipmo `$global:HNSModule
`$hnsNetwork = New-HNSNetwork -Type `$global:NetworkMode -AddressPrefix `$podCIDR -Gateway `$masterSubnetGW -Name `$global:NetworkMode.ToLower() -Verbose
# Kubelet has been restarted with existing network.
# Cleanup all containers
docker ps -q | foreach {docker rm `$_ -f}
# cleanup network
Write-Host "Cleaning up old HNS network found"
Remove-HnsNetwork `$hnsNetwork
Start-Sleep 10
}
Write-Host "Creating a new hns Network"
ipmo `$global:HNSModule
`$hnsNetwork = New-HNSNetwork -Type `$global:NetworkMode -AddressPrefix `$podCIDR -Gateway `$masterSubnetGW -Name `$global:NetworkMode.ToLower() -Verbose
# New network has been created, Kubeproxy service has to be restarted
Restart-Service Kubeproxy
Start-Sleep 10
# Add route to all other POD networks
Update-CNIConfig `$podCIDR `$masterSubnetGW
Expand All @@ -456,14 +489,21 @@ catch
$kubeProxyStartStr = @"
`$env:KUBE_NETWORK = "$global:KubeNetwork"
`$global:NetworkMode = "$global:NetworkMode"
`$global:HNSModule = "$global:HNSModule"
`$hnsNetwork = Get-HnsNetwork | ? Type -EQ `$global:NetworkMode.ToLower()
while (!`$hnsNetwork)
{
Start-Sleep 10
`$hnsNetwork = Get-HnsNetwork | ? Type -EQ `$global:NetworkMode.ToLower()
}
c:\k\kube-proxy.exe --v=3 --proxy-mode=kernelspace --hostname-override=$AzureHostname --kubeconfig=c:\k\config
#
# cleanup the persisted policy lists
#
ipmo `$global:HNSModule
Get-HnsPolicyList | Remove-HnsPolicyList
$global:KubeDir\kube-proxy.exe --v=3 --proxy-mode=kernelspace --hostname-override=$AzureHostname --kubeconfig=$global:KubeDir\config
"@

$kubeProxyStartStr | Out-File -encoding ASCII -filepath $global:KubeProxyStartFile
Expand Down Expand Up @@ -576,4 +616,4 @@ try
catch
{
Write-Error $_
}
}

0 comments on commit fe48b61

Please sign in to comment.