From ce22c0e6a46b0f8323215bed36eb218cf4c33181 Mon Sep 17 00:00:00 2001
From: fulii <fuliivagyok@gmail.com>
Date: Sat, 1 Aug 2020 09:33:40 +0200
Subject: [PATCH] Add option to configure IPVS timeouts in kube-proxy
 configration manifest. (#6396)

---
 roles/kubernetes/master/defaults/main/kube-proxy.yml | 12 ++++++++++++
 .../master/templates/kubeadm-config.v1beta2.yaml.j2  |  3 +++
 2 files changed, 15 insertions(+)

diff --git a/roles/kubernetes/master/defaults/main/kube-proxy.yml b/roles/kubernetes/master/defaults/main/kube-proxy.yml
index 49c4198fd..970f3f401 100644
--- a/roles/kubernetes/master/defaults/main/kube-proxy.yml
+++ b/roles/kubernetes/master/defaults/main/kube-proxy.yml
@@ -84,6 +84,18 @@ kube_proxy_scheduler: rr
 # must be set to true for MetalLB to work
 kube_proxy_strict_arp: false
 
+# kube_proxy_tcp_timeout is the timeout value used for idle IPVS TCP sessions.
+# The default value is 0, which preserves the current timeout value on the system.
+kube_proxy_tcp_timeout: 0s
+
+# kube_proxy_tcp_fin_timeout is the timeout value used for IPVS TCP sessions after receiving a FIN.
+# The default value is 0, which preserves the current timeout value on the system.
+kube_proxy_tcp_fin_timeout: 0s
+
+# kube_proxy_udp_timeout is the timeout value used for IPVS UDP packets.
+# The default value is 0, which preserves the current timeout value on the system.
+kube_proxy_udp_timeout: 0s
+
 # The IP address and port for the metrics server to serve on
 # (set to 0.0.0.0 for all IPv4 interfaces and `::` for all IPv6 interfaces)
 kube_proxy_metrics_bind_address: 127.0.0.1:10249
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
index e3b6a4d27..dcb989aa8 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
@@ -358,6 +358,9 @@ ipvs:
   scheduler: {{ kube_proxy_scheduler }}
   syncPeriod: {{ kube_proxy_sync_period }}
   strictARP: {{ kube_proxy_strict_arp }}
+  tcpTimeout: {{ kube_proxy_tcp_timeout }}
+  tcpFinTimeout: {{ kube_proxy_tcp_fin_timeout }}
+  udpTimeout: {{ kube_proxy_udp_timeout }}
 metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
 mode: {{ kube_proxy_mode }}
 nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
-- 
GitLab