From 452ea12a48bb7743a9f551eeb8e4f00b001dd89e Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Wed, 17 May 2023 15:48:59 -0400 Subject: [PATCH] Simplify nftables/proxier.go by removing localhost nodeport support and related route_localnet setting / anti-martian-packet rule Kubernetes-commit: 1a6b9b811e303c033006e9a3223258582149b69b --- config/v1alpha1/types.go | 3 --- config/v1alpha1/zz_generated.deepcopy.go | 5 ----- 2 files changed, 8 deletions(-) diff --git a/config/v1alpha1/types.go b/config/v1alpha1/types.go index dd69244..e438257 100644 --- a/config/v1alpha1/types.go +++ b/config/v1alpha1/types.go @@ -86,9 +86,6 @@ type KubeProxyNFTablesConfiguration struct { // masqueradeAll tells kube-proxy to SNAT all traffic sent to Service cluster IPs, // when using the nftables mode. This may be required with some CNI plugins. MasqueradeAll bool `json:"masqueradeAll"` - // localhostNodePorts, if false, tells kube-proxy to disable the legacy behavior - // of allowing NodePort services to be accessed via localhost. FIXME: remove. - LocalhostNodePorts *bool `json:"localhostNodePorts"` // syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently // various re-synchronizing and cleanup operations are performed. Must be greater // than 0. diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index 382e3e7..ebd5349 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -193,11 +193,6 @@ func (in *KubeProxyNFTablesConfiguration) DeepCopyInto(out *KubeProxyNFTablesCon *out = new(int32) **out = **in } - if in.LocalhostNodePorts != nil { - in, out := &in.LocalhostNodePorts, &out.LocalhostNodePorts - *out = new(bool) - **out = **in - } out.SyncPeriod = in.SyncPeriod out.MinSyncPeriod = in.MinSyncPeriod return