New kube-proxy configuration API

go.mod

@@ -33,7 +33,9 @@ require (
 	k8s.io/client-go v12.0.0+incompatible
 	k8s.io/cluster-bootstrap v0.19.4
 	k8s.io/code-generator v0.19.4
+	k8s.io/component-base v0.19.4
 	k8s.io/kube-aggregator v0.19.4
+	k8s.io/kube-proxy v0.19.4
 	k8s.io/kubelet v0.19.4
 	sigs.k8s.io/controller-runtime v0.7.2
 	sigs.k8s.io/yaml v1.2.0

go.sum

@@ -1344,6 +1344,8 @@ k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf/go.mod h1:1TqjTSzOxsLGIKf
 k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
 k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ=
 k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
+k8s.io/kube-proxy v0.19.4 h1:BjP4Wv288fbV15UBKPbhUdlVu9i+HKTZ2t+XTW4fFOk=
+k8s.io/kube-proxy v0.19.4/go.mod h1:HqXWMgFOJQB0geLBXeMn2e5k9864NM/t3wrHxJjqqrk=
 k8s.io/kubelet v0.19.4 h1:X5xd2BAJYz7i+arNgMlQSJl7r2xzpfducf4BYqn/Loo=
 k8s.io/kubelet v0.19.4/go.mod h1:zJnPeb7nJCRvtAwxJhe9fFCtMLXL3cXbQiczPmpDrLU=
 k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=

pkg/apis/kubeone/types.go

@@ -255,7 +255,36 @@ type ClusterNetworkConfig struct {
 	// CNI
 	// default value is {canal: {mtu: 1450}}
 	CNI *CNI `json:"cni,omitempty"`
-}
+	// KubeProxy
+	KubeProxy *KubeProxyConfig `json:"kubeProxy,omitempty"`
+}
+
+type KubeProxyConfig struct {
+	IPVS     *IPVSConfig `json:"ipvs"`
+	IPTables *IPTables   `json:"iptables"`
+}
+
+type IPVSConfig struct {
+	// ipvs scheduler
+	Scheduler string `json:"scheduler"`
+	// excludeCIDRs is a list of CIDR's which the ipvs proxier should not touch
+	// when cleaning up ipvs services.
+	ExcludeCIDRs []string `json:"excludeCIDRs"`
+	// strict ARP configure arp_ignore and arp_announce to avoid answering ARP queries
+	// from kube-ipvs0 interface
+	StrictARP bool `json:"strictARP"`
+	// tcpTimeout is the timeout value used for idle IPVS TCP sessions.
+	// The default value is 0, which preserves the current timeout value on the system.
+	TCPTimeout metav1.Duration `json:"tcpTimeout"`
+	// tcpFinTimeout is the timeout value used for IPVS TCP sessions after receiving a FIN.
+	// The default value is 0, which preserves the current timeout value on the system.
+	TCPFinTimeout metav1.Duration `json:"tcpFinTimeout"`
+	// udpTimeout is the timeout value used for IPVS UDP packets.
+	// The default value is 0, which preserves the current timeout value on the system.
+	UDPTimeout metav1.Duration `json:"udpTimeout"`
+}
+
+type IPTables struct{}
 
 // CNI config. Only one CNI provider must be used at the single time.
 type CNI struct {

pkg/apis/kubeone/v1alpha1/conversion.go

@@ -131,6 +131,13 @@ func Convert_kubeone_CloudProviderSpec_To_v1alpha1_CloudProviderSpec(in *kubeone
 	return nil
 }
 
+func Convert_kubeone_ClusterNetworkConfig_To_v1alpha1_ClusterNetworkConfig(in *kubeoneapi.ClusterNetworkConfig, out *ClusterNetworkConfig, s conversion.Scope) error {
+	if err := autoConvert_kubeone_ClusterNetworkConfig_To_v1alpha1_ClusterNetworkConfig(in, out, s); err != nil {
+		return err
+	}
+	return nil
+}
+
 func Convert_v1alpha1_ClusterNetworkConfig_To_kubeone_ClusterNetworkConfig(in *ClusterNetworkConfig, out *kubeoneapi.ClusterNetworkConfig, s conversion.Scope) error {
 	if err := autoConvert_v1alpha1_ClusterNetworkConfig_To_kubeone_ClusterNetworkConfig(in, out, s); err != nil {
 		return err

pkg/apis/kubeone/v1alpha1/conversion_test.go

@@ -442,7 +442,7 @@ func TestClusterNetworkRoundTripConversion(t *testing.T) {
 			// Converted internal back to versioned and compare
 			convertedVersionedClusterNetwork := &ClusterNetworkConfig{}
 			if err := Convert_kubeone_ClusterNetworkConfig_To_v1alpha1_ClusterNetworkConfig(convertedInternalClusterNetwork, convertedVersionedClusterNetwork, nil); err != nil {
-				t.Errorf("error converting from internal to to versioned: %v", err)
+				t.Errorf("error converting from internal to versioned: %v", err)
 			}
 			if !cmp.Equal(tc.versionedClusterNetwork, convertedVersionedClusterNetwork) {
 				t.Errorf("invalid conversion between internal and versioned: %v", cmp.Diff(tc.versionedClusterNetwork, convertedVersionedClusterNetwork))

pkg/apis/kubeone/v1beta1/types.go

@@ -255,7 +255,36 @@ type ClusterNetworkConfig struct {
 	// CNI
 	// default value is {canal: {mtu: 1450}}
 	CNI *CNI `json:"cni,omitempty"`
-}
+	// KubeProxy
+	KubeProxy *KubeProxyConfig `json:"kubeProxy,omitempty"`
+}
+
+type KubeProxyConfig struct {
+	IPVS     *IPVSConfig `json:"ipvs"`
+	IPTables *IPTables   `json:"iptables"`
+}
+
+type IPVSConfig struct {
+	// ipvs scheduler
+	Scheduler string `json:"scheduler"`
+	// excludeCIDRs is a list of CIDR's which the ipvs proxier should not touch
+	// when cleaning up ipvs services.
+	ExcludeCIDRs []string `json:"excludeCIDRs"`
+	// strict ARP configure arp_ignore and arp_announce to avoid answering ARP queries
+	// from kube-ipvs0 interface
+	StrictARP bool `json:"strictARP"`
+	// tcpTimeout is the timeout value used for idle IPVS TCP sessions.
+	// The default value is 0, which preserves the current timeout value on the system.
+	TCPTimeout metav1.Duration `json:"tcpTimeout"`
+	// tcpFinTimeout is the timeout value used for IPVS TCP sessions after receiving a FIN.
+	// The default value is 0, which preserves the current timeout value on the system.
+	TCPFinTimeout metav1.Duration `json:"tcpFinTimeout"`
+	// udpTimeout is the timeout value used for IPVS UDP packets.
+	// The default value is 0, which preserves the current timeout value on the system.
+	UDPTimeout metav1.Duration `json:"udpTimeout"`
+}
+
+type IPTables struct{}
 
 // CNI config. Only one CNI provider must be used at the single time.
 type CNI struct {