kubeasz/roles/kube-node/templates/kube-proxy-config.yaml.j2

kind: KubeProxyConfiguration
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 0.0.0.0
clientConnection:
  kubeconfig: "/etc/kubernetes/kube-proxy.kubeconfig"
# 根据clusterCIDR 判断集群内部和外部流量，配置clusterCIDR选项后，kube-proxy 会对访问 Service IP 的请求做 SNAT
clusterCIDR: "{{ CLUSTER_CIDR }}"
conntrack:
  maxPerCore: 32768
  min: 131072
  tcpCloseWaitTimeout: 1h0m0s
  tcpEstablishedTimeout: 24h0m0s
healthzBindAddress: 0.0.0.0:10256
# hostnameOverride 值必须与 kubelet 的对应一致，否则 kube-proxy 启动后会找不到该 Node，从而不会创建任何 iptables 规则
hostnameOverride: "{{ K8S_NODENAME }}"
metricsBindAddress: 0.0.0.0:10249
mode: "{{ PROXY_MODE }}"
{% if PROXY_MODE == "ipvs" %}
ipvs:
  excludeCIDRs: null
  minSyncPeriod: 0s
  scheduler: ""
  strictARP: {{ ENABLE_IPVS_STRICT_ARP }}
  syncPeriod: 30s
  tcpFinTimeout: 0s
  tcpTimeout: 0s
  udpTimeout: 0s
{% endif %}
-												minor fix

											
										
										
											2021-01-10 21:25:05 +08:00
+								kind: KubeProxyConfiguration
 								apiVersion: kubeproxy.config.k8s.io/v1alpha1
-												various fixes

											
										
										
											2022-01-05 12:43:03 +08:00
+								bindAddress: 0.0.0.0
-												minor fix

											
										
										
											2021-01-10 21:25:05 +08:00
+								clientConnection:
 								  kubeconfig: "/etc/kubernetes/kube-proxy.kubeconfig"
-												update docs part2

											
										
										
											2022-06-28 19:59:50 +08:00
+								# 根据clusterCIDR 判断集群内部和外部流量，配置clusterCIDR选项后，kube-proxy 会对访问 Service IP 的请求做 SNAT
-												minor fix

											
										
										
											2021-01-10 21:25:05 +08:00
+								clusterCIDR: "{{ CLUSTER_CIDR }}"
 								conntrack:
 								  maxPerCore: 32768
 								  min: 131072
 								  tcpCloseWaitTimeout: 1h0m0s
 								  tcpEstablishedTimeout: 24h0m0s
-												various fixes

											
										
										
											2022-01-05 12:43:03 +08:00
+								healthzBindAddress: 0.0.0.0:10256
-												update docs part2

											
										
										
											2022-06-28 19:59:50 +08:00
+								# hostnameOverride 值必须与 kubelet 的对应一致，否则 kube-proxy 启动后会找不到该 Node，从而不会创建任何 iptables 规则
-												feat: add support to set nodenaem

											
										
										
											2023-01-15 21:41:45 +08:00
+								hostnameOverride: "{{ K8S_NODENAME }}"
-												various fixes

											
										
										
											2022-01-05 12:43:03 +08:00
+								metricsBindAddress: 0.0.0.0:10249
-												minor fix

											
										
										
											2021-01-10 21:25:05 +08:00
+								mode: "{{ PROXY_MODE }}"
-												add ipvs配置打开strictARP #1298

											
										
										
											2023-08-01 18:58:57 +08:00
+								{% if PROXY_MODE == "ipvs" %}
 								ipvs:
 								  excludeCIDRs: null
 								  minSyncPeriod: 0s
 								  scheduler: ""
 								  strictARP: {{ ENABLE_IPVS_STRICT_ARP }}
 								  syncPeriod: 30s
 								  tcpFinTimeout: 0s
 								  tcpTimeout: 0s
 								  udpTimeout: 0s
 								{% endif %}