github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Ensure that loopback is used for the advertised address when resetting 

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b010db0cff)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
pull/7241/head
Brad Davidson 2023-03-24 22:19:44 +00:00 committed by Brad Davidson
parent 95ea7c74f7
commit 4864ecd4aa
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pkg/etcd/etcd.go
View File

@ -182,7 +182,7 @@ func (e *ETCD) SetControlConfig(ctx context.Context, config *config.Control) err
e.client.Close() e.client.Close()
}() }()
address, err := GetAdvertiseAddress(config.PrivateIP) address, err := getAdvertiseAddress(config.PrivateIP)
if err != nil { if err != nil {
return err return err
} }
@ -537,7 +537,7 @@ func (e *ETCD) Register(ctx context.Context, config *config.Control, handler htt
e.client.Close() e.client.Close()
}() }()
address, err := GetAdvertiseAddress(config.PrivateIP) address, err := getAdvertiseAddress(config.PrivateIP)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -708,7 +708,7 @@ func toTLSConfig(runtime *config.ControlRuntime) (*tls.Config, error) {
} }
// getAdvertiseAddress returns the IP address best suited for advertising to clients // getAdvertiseAddress returns the IP address best suited for advertising to clients
func GetAdvertiseAddress(advertiseIP string) (string, error) { func getAdvertiseAddress(advertiseIP string) (string, error) {
ip := advertiseIP ip := advertiseIP
if ip == "" { if ip == "" {
ipAddr, err := utilnet.ChooseHostInterface() ipAddr, err := utilnet.ChooseHostInterface()
@ -809,9 +809,19 @@ func (e *ETCD) clientURL() string {
return fmt.Sprintf("https://%s", net.JoinHostPort(e.address, "2379")) return fmt.Sprintf("https://%s", net.JoinHostPort(e.address, "2379"))
} }
// advertiseClientURLs returns the advertised addresses for the local node.
// During cluster reset/restore we only listen on loopback to avoid having apiservers
// on other nodes connect mid-process.
func (e *ETCD) advertiseClientURLs(reset bool) string {
if reset {
return fmt.Sprintf("https://%s", net.JoinHostPort(e.config.Loopback(true), "2379"))
}
return e.clientURL()
}
// listenClientURLs returns a list of URLs to bind to for client connections. // listenClientURLs returns a list of URLs to bind to for client connections.
// During cluster reset/restore, we only listen on loopback to avoid having the apiserver // During cluster reset/restore, we only listen on loopback to avoid having apiservers
// connect mid-process. // on other nodes connect mid-process.
func (e *ETCD) listenClientURLs(reset bool) string { func (e *ETCD) listenClientURLs(reset bool) string {
clientURLs := fmt.Sprintf("https://%s:2379", e.config.Loopback(true)) clientURLs := fmt.Sprintf("https://%s:2379", e.config.Loopback(true))
if !reset { if !reset {
@ -839,7 +849,7 @@ func (e *ETCD) cluster(ctx context.Context, reset bool, options executor.Initial
ListenClientURLs: e.listenClientURLs(reset), ListenClientURLs: e.listenClientURLs(reset),
ListenMetricsURLs: e.listenMetricsURLs(reset), ListenMetricsURLs: e.listenMetricsURLs(reset),
ListenPeerURLs: e.listenPeerURLs(reset), ListenPeerURLs: e.listenPeerURLs(reset),
AdvertiseClientURLs: e.clientURL(), AdvertiseClientURLs: e.advertiseClientURLs(reset),
DataDir: DBDir(e.config), DataDir: DBDir(e.config),
ServerTrust: executor.ServerTrust{ ServerTrust: executor.ServerTrust{
CertFile: e.config.Runtime.ServerETCDCert, CertFile: e.config.Runtime.ServerETCDCert,
@ -1142,7 +1152,7 @@ func ClientURLs(ctx context.Context, clientAccessInfo *clientaccess.Info, selfIP
if err := json.Unmarshal(resp, &memberList); err != nil { if err := json.Unmarshal(resp, &memberList); err != nil {
return nil, memberList, err return nil, memberList, err
} }
ip, err := GetAdvertiseAddress(selfIP) ip, err := getAdvertiseAddress(selfIP)
if err != nil { if err != nil {
return nil, memberList, err return nil, memberList, err
} }