github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add --flannel-external-ip flag 

Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
pull/6341/head v1.24.7+k3s1
Brad Davidson 2022-10-22 00:22:01 +00:00 committed by Brad Davidson
parent e10cfb0e37
commit 7af5b16788
5 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/agent/config/config.go
View File

@ -438,6 +438,7 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
ContainerRuntimeEndpoint: envInfo.ContainerRuntimeEndpoint, ContainerRuntimeEndpoint: envInfo.ContainerRuntimeEndpoint,
FlannelBackend: controlConfig.FlannelBackend, FlannelBackend: controlConfig.FlannelBackend,
FlannelIPv6Masq: controlConfig.FlannelIPv6Masq, FlannelIPv6Masq: controlConfig.FlannelIPv6Masq,
FlannelExternalIP: controlConfig.FlannelExternalIP,
EgressSelectorMode: controlConfig.EgressSelectorMode, EgressSelectorMode: controlConfig.EgressSelectorMode,
ServerHTTPSPort: controlConfig.HTTPSPort, ServerHTTPSPort: controlConfig.HTTPSPort,
Token: info.String(), Token: info.String(),

12
pkg/agent/run.go
View File

@ -136,7 +136,7 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error {
return err return err
} }
if err := configureNode(ctx, &nodeConfig.AgentConfig, coreClient.CoreV1().Nodes()); err != nil { if err := configureNode(ctx, nodeConfig, coreClient.CoreV1().Nodes()); err != nil {
return err return err
} }
@ -296,7 +296,8 @@ func createProxyAndValidateToken(ctx context.Context, cfg *cmds.Agent) (proxy.Pr
// configureNode waits for the node object to be created, and if/when it does, // configureNode waits for the node object to be created, and if/when it does,
// ensures that the labels and annotations are up to date. // ensures that the labels and annotations are up to date.
func configureNode(ctx context.Context, agentConfig *daemonconfig.Agent, nodes typedcorev1.NodeInterface) error { func configureNode(ctx context.Context, nodeConfig *daemonconfig.Node, nodes typedcorev1.NodeInterface) error {
agentConfig := &nodeConfig.AgentConfig
fieldSelector := fields.Set{metav1.ObjectNameField: agentConfig.NodeName}.String() fieldSelector := fields.Set{metav1.ObjectNameField: agentConfig.NodeName}.String()
lw := &cache.ListWatch{ lw := &cache.ListWatch{
ListFunc: func(options metav1.ListOptions) (object runtime.Object, e error) { ListFunc: func(options metav1.ListOptions) (object runtime.Object, e error) {
@ -322,7 +323,7 @@ func configureNode(ctx context.Context, agentConfig *daemonconfig.Agent, nodes t
} }
if !agentConfig.DisableCCM { if !agentConfig.DisableCCM {
if annotations, changed := updateAddressAnnotations(agentConfig, node.Annotations); changed { if annotations, changed := updateAddressAnnotations(nodeConfig, node.Annotations); changed {
node.Annotations = annotations node.Annotations = annotations
updateNode = true updateNode = true
} }
@ -400,7 +401,8 @@ func updateLegacyAddressLabels(agentConfig *daemonconfig.Agent, nodeLabels map[s
} }
// updateAddressAnnotations updates the node annotations with important information about IP addresses of the node // updateAddressAnnotations updates the node annotations with important information about IP addresses of the node
func updateAddressAnnotations(agentConfig *daemonconfig.Agent, nodeAnnotations map[string]string) (map[string]string, bool) { func updateAddressAnnotations(nodeConfig *daemonconfig.Node, nodeAnnotations map[string]string) (map[string]string, bool) {
agentConfig := &nodeConfig.AgentConfig
result := map[string]string{ result := map[string]string{
cp.InternalIPKey: util.JoinIPs(agentConfig.NodeIPs), cp.InternalIPKey: util.JoinIPs(agentConfig.NodeIPs),
cp.HostnameKey: agentConfig.NodeName, cp.HostnameKey: agentConfig.NodeName,
@ -408,6 +410,7 @@ func updateAddressAnnotations(agentConfig *daemonconfig.Agent, nodeAnnotations m
if agentConfig.NodeExternalIP != "" { if agentConfig.NodeExternalIP != "" {
result[cp.ExternalIPKey] = util.JoinIPs(agentConfig.NodeExternalIPs) result[cp.ExternalIPKey] = util.JoinIPs(agentConfig.NodeExternalIPs)
if nodeConfig.FlannelExternalIP {
for _, ipAddress := range agentConfig.NodeExternalIPs { for _, ipAddress := range agentConfig.NodeExternalIPs {
if utilsnet.IsIPv4(ipAddress) { if utilsnet.IsIPv4(ipAddress) {
result[flannel.FlannelExternalIPv4Annotation] = ipAddress.String() result[flannel.FlannelExternalIPv4Annotation] = ipAddress.String()
@ -417,6 +420,7 @@ func updateAddressAnnotations(agentConfig *daemonconfig.Agent, nodeAnnotations m
} }
} }
} }
}
result = labels.Merge(nodeAnnotations, result) result = labels.Merge(nodeAnnotations, result)
return result, !equality.Semantic.DeepEqual(nodeAnnotations, result) return result, !equality.Semantic.DeepEqual(nodeAnnotations, result)

6
pkg/cli/cmds/server.go
View File

@ -64,6 +64,7 @@ type Server struct {
ServerURL string ServerURL string
FlannelBackend string FlannelBackend string
FlannelIPv6Masq bool FlannelIPv6Masq bool
FlannelExternalIP bool
EgressSelectorMode string EgressSelectorMode string
DefaultLocalStoragePath string DefaultLocalStoragePath string
DisableCCM bool DisableCCM bool
@ -216,6 +217,11 @@ var ServerFlags = []cli.Flag{
Usage: "(networking) Enable IPv6 masquerading for pod", Usage: "(networking) Enable IPv6 masquerading for pod",
Destination: &ServerConfig.FlannelIPv6Masq, Destination: &ServerConfig.FlannelIPv6Masq,
}, },
cli.BoolFlag{
Name: "flannel-external-ip",
Usage: "(networking) Use node external IP addresses for Flannel traffic",
Destination: &ServerConfig.FlannelExternalIP,
},
cli.StringFlag{ cli.StringFlag{
Name: "egress-selector-mode", Name: "egress-selector-mode",
Usage: "(networking) One of 'agent', 'cluster', 'pod', 'disabled'", Usage: "(networking) One of 'agent', 'cluster', 'pod', 'disabled'",

1
pkg/cli/server/server.go
View File

@ -137,6 +137,7 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
serverConfig.ControlConfig.AdvertisePort = cfg.AdvertisePort serverConfig.ControlConfig.AdvertisePort = cfg.AdvertisePort
serverConfig.ControlConfig.FlannelBackend = cfg.FlannelBackend serverConfig.ControlConfig.FlannelBackend = cfg.FlannelBackend
serverConfig.ControlConfig.FlannelIPv6Masq = cfg.FlannelIPv6Masq serverConfig.ControlConfig.FlannelIPv6Masq = cfg.FlannelIPv6Masq
serverConfig.ControlConfig.FlannelExternalIP = cfg.FlannelExternalIP
serverConfig.ControlConfig.EgressSelectorMode = cfg.EgressSelectorMode serverConfig.ControlConfig.EgressSelectorMode = cfg.EgressSelectorMode
serverConfig.ControlConfig.ExtraCloudControllerArgs = cfg.ExtraCloudControllerArgs serverConfig.ControlConfig.ExtraCloudControllerArgs = cfg.ExtraCloudControllerArgs
serverConfig.ControlConfig.DisableCCM = cfg.DisableCCM serverConfig.ControlConfig.DisableCCM = cfg.DisableCCM

2
pkg/daemons/config/types.go
View File

@ -44,6 +44,7 @@ type Node struct {
FlannelConfOverride bool FlannelConfOverride bool
FlannelIface *net.Interface FlannelIface *net.Interface
FlannelIPv6Masq bool FlannelIPv6Masq bool
FlannelExternalIP bool
EgressSelectorMode string EgressSelectorMode string
Containerd Containerd Containerd Containerd
CRIDockerd CRIDockerd CRIDockerd CRIDockerd
@ -137,6 +138,7 @@ type CriticalControlArgs struct {
DisableServiceLB bool DisableServiceLB bool
FlannelBackend string FlannelBackend string
FlannelIPv6Masq bool FlannelIPv6Masq bool
FlannelExternalIP bool
EgressSelectorMode string EgressSelectorMode string
NoCoreDNS bool NoCoreDNS bool
ServiceIPRange *net.IPNet ServiceIPRange *net.IPNet