From f6a63d88a7fac7c7229750a14358e3cf1b575984 Mon Sep 17 00:00:00 2001
From: Tony Fouchard <djnos14@hotmail.com>
Date: Wed, 21 Aug 2019 03:21:17 +0200
Subject: [PATCH] Allow to configure strict ARP on kube-proxy (#5092)

---
 roles/kubernetes/master/defaults/main/kube-proxy.yml           | 2 ++
 .../kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 | 3 +++
 .../kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 | 3 +++
 3 files changed, 8 insertions(+)

diff --git a/roles/kubernetes/master/defaults/main/kube-proxy.yml b/roles/kubernetes/master/defaults/main/kube-proxy.yml
index d0725ba19..102cd009b 100644
--- a/roles/kubernetes/master/defaults/main/kube-proxy.yml
+++ b/roles/kubernetes/master/defaults/main/kube-proxy.yml
@@ -80,6 +80,8 @@ kube_proxy_exclude_cidrs: []
 # nq: never queue
 kube_proxy_scheduler: rr
 
+kube_proxy_strict_arp: false
+
 # The IP address and port for the metrics server to serve on
 # (set to 0.0.0.0 for all IPv4 interfaces and `::` for all IPv6 interfaces)
 kube_proxy_metrics_bind_address: 127.0.0.1:10249
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
index d79843204..eeb557d3f 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
@@ -322,6 +322,9 @@ ipvs:
  minSyncPeriod: {{ kube_proxy_min_sync_period }}
  scheduler: {{ kube_proxy_scheduler }}
  syncPeriod: {{ kube_proxy_sync_period }}
+{% if kube_version is version('v1.14.2', '>=') %}
+ strictARP: {{ kube_proxy_strict_arp }}
+{% endif %}
 metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
 mode: {{ kube_proxy_mode }}
 nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
index 645a0ec1a..0bd64cd00 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
@@ -324,6 +324,9 @@ ipvs:
  minSyncPeriod: {{ kube_proxy_min_sync_period }}
  scheduler: {{ kube_proxy_scheduler }}
  syncPeriod: {{ kube_proxy_sync_period }}
+{% if kube_version is version('v1.14.2', '>=') %}
+ strictARP: {{ kube_proxy_strict_arp }}
+{% endif %}
 metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
 mode: {{ kube_proxy_mode }}
 nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
-- 
GitLab