kind: KubeProxyConfiguration apiVersion: kubeproxy.config.k8s.io/v1alpha1 bindAddress: 0.0.0.0 clientConnection: kubeconfig: "/etc/kubernetes/kube-proxy.kubeconfig" # 根据clusterCIDR 判断集群内部和外部流量,配置clusterCIDR选项后,kube-proxy 会对访问 Service IP 的请求做 SNAT clusterCIDR: "{{ CLUSTER_CIDR }}" conntrack: maxPerCore: 32768 min: 131072 tcpCloseWaitTimeout: 1h0m0s tcpEstablishedTimeout: 24h0m0s healthzBindAddress: 0.0.0.0:10256 # hostnameOverride 值必须与 kubelet 的对应一致,否则 kube-proxy 启动后会找不到该 Node,从而不会创建任何 iptables 规则 hostnameOverride: "{{ K8S_NODENAME }}" metricsBindAddress: 0.0.0.0:10249 mode: "{{ PROXY_MODE }}" {% if PROXY_MODE == "ipvs" %} ipvs: excludeCIDRs: null minSyncPeriod: 0s scheduler: "" strictARP: {{ ENABLE_IPVS_STRICT_ARP }} syncPeriod: 30s tcpFinTimeout: 0s tcpTimeout: 0s udpTimeout: 0s {% endif %}