Skip to content

Implement a kube-proxy conntrack reconciler #126130

New issue
New issue
Closed
#127318
Closed
Implement a kube-proxy conntrack reconciler#126130
#127318
Assignees
aroradaman
Labels
kind/bugCategorizes issue or PR as related to a bug.kind/featureCategorizes issue or PR as related to a new feature.sig/networkCategorizes an issue or PR as relevant to SIG Network.triage/acceptedIndicates an issue or PR is ready to be actively worked on.
@aojea

Description

@aojea
aojea
opened on Jul 16, 2024

What would you like to be added?

We'd like to have conntrack reconciler for Services in kube-proxy, for each Service or Endpoint change it should reconcile the Service/Endpoint table with the existing conntrack table and remove stale UDP entries (we have concluded in other issues that UDP is the only protocol that requires this)

Why is this needed?

Despite a lot of work and testing was added to solve the problem with stale UDP entries that can blackhole traffic, we still have reports of issues related to UDP stale entries

#125467

Also, the conntrack logic is event based and, as expected, if something fails it never reconciles

#112604

The reconciler will only delete the entries that are known to be stale, other entries will time out.

References

Some WIP I had https://github.com/kubernetes/kubernetes/compare/master...aojea:kubernetes:conntrack_done_right?expand=1

Related issues that will be fixed

Metadata

Metadata

Assignees

Labels

kind/bugCategorizes issue or PR as related to a bug.kind/featureCategorizes issue or PR as related to a new feature.sig/networkCategorizes an issue or PR as relevant to SIG Network.triage/acceptedIndicates an issue or PR is ready to be actively worked on.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions