github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ipFamilyPolicy:PreferDualStack for coredns and metrics-server 

Signed-off-by: Manuel Buil <mbuil@suse.com>
pull/8504/head
Manuel Buil 2023-09-20 12:00:31 +02:00
parent b91ce1f05d
commit 88fa074c4f
5 changed files with 27 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/coredns.yaml
View File

@ -205,6 +205,7 @@ spec:
selector: selector:
k8s-app: kube-dns k8s-app: kube-dns
clusterIP: %{CLUSTER_DNS}% clusterIP: %{CLUSTER_DNS}%
clusterIPs: %{CLUSTER_DNS_LIST}%
ports: ports:
- name: dns - name: dns
port: 53 port: 53
@ -215,3 +216,4 @@ spec:
- name: metrics - name: metrics
port: 9153 port: 9153
protocol: TCP protocol: TCP
ipFamilyPolicy: %{CLUSTER_DNS_IPFAMILYPOLICY}%

1
manifests/metrics-server/metrics-server-service.yaml
View File

@ -15,3 +15,4 @@ spec:
name: https name: https
protocol: TCP protocol: TCP
targetPort: https targetPort: https
ipFamilyPolicy: PreferDualStack

38
pkg/cli/server/server.go
View File

@ -364,12 +364,13 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
// If there are no IPv4 ServiceCIDRs, an IPv6 ServiceCIDRs will be used. // If there are no IPv4 ServiceCIDRs, an IPv6 ServiceCIDRs will be used.
// If neither of IPv4 or IPv6 are found an error is raised. // If neither of IPv4 or IPv6 are found an error is raised.
if len(cmds.ServerConfig.ClusterDNS) == 0 { if len(cmds.ServerConfig.ClusterDNS) == 0 {
clusterDNS, err := utilsnet.GetIndexedIP(serverConfig.ControlConfig.ServiceIPRange, 10) for _, svcCIDR := range serverConfig.ControlConfig.ServiceIPRanges {
if err != nil { clusterDNS, err := utilsnet.GetIndexedIP(svcCIDR, 10)
return errors.Wrap(err, "cannot configure default cluster-dns address") if err != nil {
return errors.Wrap(err, "cannot configure default cluster-dns address")
}
serverConfig.ControlConfig.ClusterDNSs = append(serverConfig.ControlConfig.ClusterDNSs, clusterDNS)
} }
serverConfig.ControlConfig.ClusterDNS = clusterDNS
serverConfig.ControlConfig.ClusterDNSs = []net.IP{serverConfig.ControlConfig.ClusterDNS}
} else { } else {
for _, ip := range util.SplitStringSlice(cmds.ServerConfig.ClusterDNS) { for _, ip := range util.SplitStringSlice(cmds.ServerConfig.ClusterDNS) {
parsed := net.ParseIP(ip) parsed := net.ParseIP(ip)
@ -378,15 +379,16 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
} }
serverConfig.ControlConfig.ClusterDNSs = append(serverConfig.ControlConfig.ClusterDNSs, parsed) serverConfig.ControlConfig.ClusterDNSs = append(serverConfig.ControlConfig.ClusterDNSs, parsed)
} }
// Set ClusterDNS to the first IPv4 address, for legacy clients
// unless only IPv6 range given
clusterDNS, _, _, err := util.GetFirstIP(serverConfig.ControlConfig.ClusterDNSs)
if err != nil {
return errors.Wrap(err, "cannot configure IPv4/IPv6 cluster-dns address")
}
serverConfig.ControlConfig.ClusterDNS = clusterDNS
} }
// Set ClusterDNS to the first IPv4 address, for legacy clients
// unless only IPv6 range given
clusterDNS, _, _, err := util.GetFirstIP(serverConfig.ControlConfig.ClusterDNSs)
if err != nil {
return errors.Wrap(err, "cannot configure IPv4/IPv6 cluster-dns address")
}
serverConfig.ControlConfig.ClusterDNS = clusterDNS
if err := validateNetworkConfiguration(serverConfig); err != nil { if err := validateNetworkConfiguration(serverConfig); err != nil {
return err return err
} }
@ -577,18 +579,6 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
// validateNetworkConfig ensures that the network configuration values make sense. // validateNetworkConfig ensures that the network configuration values make sense.
func validateNetworkConfiguration(serverConfig server.Config) error { func validateNetworkConfiguration(serverConfig server.Config) error {
// Dual-stack operation requires fairly extensive manual configuration at the moment - do some
// preflight checks to make sure that the user isn't trying to use flannel/npc, or trying to
// enable dual-stack DNS (which we don't currently support since it's not easy to template)
dualDNS, err := utilsnet.IsDualStackIPs(serverConfig.ControlConfig.ClusterDNSs)
if err != nil {
return errors.Wrap(err, "failed to validate cluster-dns")
}
if dualDNS == true {
return errors.New("dual-stack cluster-dns is not supported")
}
switch serverConfig.ControlConfig.EgressSelectorMode { switch serverConfig.ControlConfig.EgressSelectorMode {
case config.EgressSelectorModeCluster, config.EgressSelectorModePod: case config.EgressSelectorModeCluster, config.EgressSelectorModePod:
case config.EgressSelectorModeAgent, config.EgressSelectorModeDisabled: case config.EgressSelectorModeAgent, config.EgressSelectorModeDisabled:

4
pkg/deploy/zz_generated_bindata.go
View File

File diff suppressed because one or more lines are too long

8
pkg/server/server.go
View File

@ -272,8 +272,16 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control)
return err return err
} }
dataDir = filepath.Join(controlConfig.DataDir, "manifests") dataDir = filepath.Join(controlConfig.DataDir, "manifests")
dnsIPFamilyPolicy := "PreferDualStack"
if len(controlConfig.ClusterDNSs) == 1 {
dnsIPFamilyPolicy = "SingleStack"
}
templateVars := map[string]string{ templateVars := map[string]string{
"%{CLUSTER_DNS}%": controlConfig.ClusterDNS.String(), "%{CLUSTER_DNS}%": controlConfig.ClusterDNS.String(),
"%{CLUSTER_DNS_LIST}%": fmt.Sprintf("[%s]", util.JoinIPs(controlConfig.ClusterDNSs)),
"%{CLUSTER_DNS_IPFAMILYPOLICY}%": dnsIPFamilyPolicy,
"%{CLUSTER_DOMAIN}%": controlConfig.ClusterDomain, "%{CLUSTER_DOMAIN}%": controlConfig.ClusterDomain,
"%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath, "%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath,
"%{SYSTEM_DEFAULT_REGISTRY}%": registryTemplate(controlConfig.SystemDefaultRegistry), "%{SYSTEM_DEFAULT_REGISTRY}%": registryTemplate(controlConfig.SystemDefaultRegistry),