Manage kube-proxy by using IPVS
IPVS (IP Virtual Server) is a beta feature in Kubernetes 1.9.1. kube-proxy ipvs
mode provides benefits such as performance enhancement to kube-proxy, when compared with traditional methods of using iptables and userspace mode.
IPVS running on a host acts as a load balancer at the front of a cluster of real servers. IPVS can direct requests for TCP/UDP based services to the real servers. IPVS can also make services that are running on the real servers appear as a virtual service on a single IP address.
To enable the kube-proxy ipvs
mode, you must set the kube_proxy_extra_args
parameter in the cluster configuration file.
The configuration file for a cluster with kube-proxy ipvs
enabled, might resemble the following output:
## Kubernetes Settings
# kube_apiserver_extra_args: []
# kube_controller_manager_extra_args: []
kube_proxy_extra_args: ["--feature-gates=SupportIPVSProxyMode=true","--proxy-mode=ipvs"]
After installation completes, verify that the IPVS rules are created by completing the following steps:
-
Review the kube-proxy container log.
[root@testnode ~]# docker ps |grep proxy 6e8b9b058bfc ibmcom/kubernetes@sha256:0a186c019bd7d3a078799a387663da93c162b290b0665d16b229dba7d8f060b7 "/hyperkube proxy ..." 11 minutes ago Up 11 minutes k8s_proxy_k8s-proxy-9.21.53.16_kube-system_97991d33fbaf5606a3a6113337710e27_0 docker logs 6e8b9b058bfc -f ... I0131 13:24:32.282248 1 feature_gate.go:184] feature gates: map[SupportIPVSProxyMode:true] I0131 13:24:32.283828 1 server_others.go:180] Using ipvs Proxier. I0131 13:24:32.284643 1 server_others.go:205] Tearing down inactive rules. I0201 05:31:25.008541 1 server.go:426] Version: v1.11.0+icp-ee ...
-
Verify that IPVS mode is detected on each cluster node.
ipvsadm -Ln
The output resembles the following code:
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.17.0.1:31443 rr
-> 10.1.20.84:9443 Masq 1 0 0
TCP 172.17.0.1:32292 rr
-> 10.1.20.94:3000 Masq 1 0 0
TCP 9.21.53.16:30090 rr
-> 10.1.20.80:9090 Masq 1 0 0
TCP 9.21.53.16:30296 rr
-> 10.1.20.93:3001 Masq 1 0 0
TCP 9.21.53.16:31443 rr
-> 10.1.20.84:9443 Masq 1 0 0
TCP 9.21.53.16:32292 rr
...