We use cookies to ensure you get the best experience on our website
Головна сторінка Огляд Довідка
Реєстрація Увійти
0ct0pu5
/
moby
1
0
Відгалуження 0
Файли Проблеми 0 Запити на злиття 0 Wiki
Переглянути джерело

Do not add ingress loadbalancer on service tasks

Ingress loadbalancer is only required to be plumbed in ingress sandboxes
of nodes which are the only mechanism to get traffix outside the cluster
to tasks. Since the tasks are part of ingress network, these
loadbalancers were getting added in all tasks which are exposing ports
which is totally unnecessary resource usage. This PR avoids that.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
Jana Radhakrishnan 9 роки тому
батько
0030332e4e
коміт
cd488c6d18
1 змінених файлів з 13 додано та 5 видалено
Розділений вигляд Показати статистику Diff
  1. 13 5
      libnetwork/service_linux.go

+ 13 - 5
libnetwork/service_linux.go
Переглянути файл 

@@ -261,7 +261,7 @@ func (sb *sandbox) populateLoadbalancers(ep *endpoint) {
 
 		addService := true
 
 		for _, ip := range lb.backEnds {
 
 			sb.addLBBackend(ip, lb.vip, lb.fwMark, lb.service.ingressPorts,
 
-				eIP, gwIP, addService)
 
+				eIP, gwIP, addService, n.ingress)
 
 			addService = false
 
 		}
 
 		lb.service.Unlock()
 
@@ -284,7 +284,7 @@ func (n *network) addLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*Po
 
 				gwIP = ep.Iface().Address().IP
 
 			}
 
 
-			sb.addLBBackend(ip, vip, fwMark, ingressPorts, ep.Iface().Address(), gwIP, addService)
 
+			sb.addLBBackend(ip, vip, fwMark, ingressPorts, ep.Iface().Address(), gwIP, addService, n.ingress)
 
 		}
 
 
 		return false
 
@@ -307,7 +307,7 @@ func (n *network) rmLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*Por
 
 				gwIP = ep.Iface().Address().IP
 
 			}
 
 
-			sb.rmLBBackend(ip, vip, fwMark, ingressPorts, ep.Iface().Address(), gwIP, rmService)
 
+			sb.rmLBBackend(ip, vip, fwMark, ingressPorts, ep.Iface().Address(), gwIP, rmService, n.ingress)
 
 		}
 
 
 		return false
 
@@ -315,11 +315,15 @@ func (n *network) rmLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*Por
 
 }
 
 
 // Add loadbalancer backend into one connected sandbox.
 
-func (sb *sandbox) addLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*PortConfig, eIP *net.IPNet, gwIP net.IP, addService bool) {
 
+func (sb *sandbox) addLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*PortConfig, eIP *net.IPNet, gwIP net.IP, addService bool, isIngressNetwork bool) {
 
 	if sb.osSbox == nil {
 
 		return
 
 	}
 
 
+	if isIngressNetwork && !sb.ingress {
 
+		return
 
+	}
 
+
 
 	i, err := ipvs.New(sb.Key())
 
 	if err != nil {
 
 		logrus.Errorf("Failed to create an ipvs handle for sbox %s: %v", sb.Key(), err)
 
@@ -370,11 +374,15 @@ func (sb *sandbox) addLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*P
 
 }
 
 
 // Remove loadbalancer backend from one connected sandbox.
 
-func (sb *sandbox) rmLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*PortConfig, eIP *net.IPNet, gwIP net.IP, rmService bool) {
 
+func (sb *sandbox) rmLBBackend(ip, vip net.IP, fwMark uint32, ingressPorts []*PortConfig, eIP *net.IPNet, gwIP net.IP, rmService bool, isIngressNetwork bool) {
 
 	if sb.osSbox == nil {
 
 		return
 
 	}
 
 
+	if isIngressNetwork && !sb.ingress {
 
+		return
 
+	}
 
+
 
 	i, err := ipvs.New(sb.Key())
 
 	if err != nil {
 
 		logrus.Errorf("Failed to create an ipvs handle for sbox %s: %v", sb.Key(), err)

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5