kubernetesservice: support forwarding UDP

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>

Author: AkihiroSuda

hack/bats/extras/k8s.bats

@@ -50,15 +50,35 @@ k() {
 
 # bats test_tags=nodes:1
 @test 'Single-node' {
-    k create deployment nginx --image="${TEST_CONTAINER_IMAGES["nginx"]}"
-    k rollout status deployment nginx --timeout 60s
+    # Deploy test services
+    services=(nginx coredns)
+    for svc in "${services[@]}"; do
+        k create deployment "$svc" --image="${TEST_CONTAINER_IMAGES["$svc"]}"
+    done
+    for svc in "${services[@]}"; do
+        k rollout status deployment "$svc" --timeout 60s
+    done
+
+    # Test TCP port forwarding
     k create service nodeport nginx --node-port=31080 --tcp=80:80
     run curl --fail --silent --show-error --retry 30 --retry-all-errors http://localhost:31080
     assert_success
     assert_output --partial "Welcome to nginx"
-    # TODO: support UDP
-    k delete service nginx
-    k delete deployment nginx
+
+    # Test UDP port forwarding
+    #
+    # `kubectl create service nodeport` does not support UDP, so use `kubectl expose` instead.
+    # https://github.com/kubernetes/kubernetes/issues/134732
+    k expose deployment coredns --port=53 --type=NodePort \
+        --overrides='{"spec":{"ports":[{"port":53,"protocol":"UDP","targetPort":53,"nodePort":32053}]}}'
+    run dig @127.0.0.1 -p 32053 lima-vm.io
+    assert_success
+
+    # Cleanup
+    for svc in "${services[@]}"; do
+        k delete service "$svc"
+        k delete deployment "$svc"
+    done
 }
 
 # TODO: add a test for multi-node

hack/bats/helpers/load.bash

@@ -70,4 +70,5 @@ assert_output_lines_count() {
 # NOTE: keep this list in sync with hack/test-templates.sh .
 declare -A -g TEST_CONTAINER_IMAGES=(
     ["nginx"]="ghcr.io/stargz-containers/nginx:1.19-alpine-org"
+    ["coredns"]="public.ecr.aws/eks-distro/coredns/coredns:v1.12.2-eks-1-31-latest"
 )

pkg/guestagent/kubernetesservice/kubernetesservice.go

@@ -26,9 +26,8 @@ import (
 type Protocol string
 
 const (
-	// UDP/SCTP when lima port forwarding works on those protocols.
-
 	TCP Protocol = "tcp"
+	UDP Protocol = "udp"
 )
 
 type Entry struct {
@@ -134,8 +133,12 @@ func (s *ServiceWatcher) GetPorts() []Entry {
 		}
 
 		for _, portEntry := range service.Spec.Ports {
-			if portEntry.Protocol != corev1.ProtocolTCP {
-				// currently only TCP port can be forwarded
+			switch portEntry.Protocol {
+			case corev1.ProtocolTCP, corev1.ProtocolUDP:
+				// NOP
+			default:
+				logrus.Debugf("unsupported protocol %s for service %s/%s, skipping",
+					portEntry.Protocol, service.Namespace, service.Name)
 				continue
 			}
 

pkg/guestagent/kubernetesservice/kubernetesservice_test.go

@@ -58,13 +58,24 @@ func TestGetPorts(t *testing.T) {
 							TargetPort: intstr.FromInt(80),
 							NodePort:   8080,
 						},
+						{
+							Name:       "dns",
+							Protocol:   corev1.ProtocolUDP,
+							Port:       53,
+							TargetPort: intstr.FromInt(53),
+							NodePort:   5353,
+						},
 					},
 				},
 			},
 			want: []Entry{{
 				Protocol: TCP,
 				IP:       net.IPv4zero,
 				Port:     8080,
+			}, {
+				Protocol: UDP,
+				IP:       net.IPv4zero,
+				Port:     5353,
 			}},
 		},
 		{