mirror of https://github.com/k3s-io/k3s
Merge pull request #6403 from manuelbuil/logsFlannelExternalIP
Avoid wrong config for `flannel-external-ip` and add warning if unencrypted backendpull/6410/head
Manuel Buil
GitHub
commit
8aff25e192
|
|
@ -25,6 +25,7 @@ import (
|
||||||
cp "github.com/k3s-io/k3s/pkg/cloudprovider"
|
cp "github.com/k3s-io/k3s/pkg/cloudprovider"
|
||||||
"github.com/k3s-io/k3s/pkg/daemons/agent"
|
"github.com/k3s-io/k3s/pkg/daemons/agent"
|
||||||
daemonconfig "github.com/k3s-io/k3s/pkg/daemons/config"
|
daemonconfig "github.com/k3s-io/k3s/pkg/daemons/config"
|
||||||
|
types "github.com/k3s-io/k3s/pkg/daemons/config"
|
||||||
"github.com/k3s-io/k3s/pkg/daemons/executor"
|
"github.com/k3s-io/k3s/pkg/daemons/executor"
|
||||||
"github.com/k3s-io/k3s/pkg/nodeconfig"
|
"github.com/k3s-io/k3s/pkg/nodeconfig"
|
||||||
"github.com/k3s-io/k3s/pkg/rootless"
|
"github.com/k3s-io/k3s/pkg/rootless"
|
||||||
|
|
@ -97,6 +98,11 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
if !nodeConfig.NoFlannel {
|
if !nodeConfig.NoFlannel {
|
||||||
|
if (nodeConfig.FlannelExternalIP) && (len(nodeConfig.AgentConfig.NodeExternalIPs) == 0) {
|
||||||
|
logrus.Warnf("Server has flannel-external-ip flag set but this node does not set node-external-ip. Flannel will use internal address when connecting to this node.")
|
||||||
|
} else if (nodeConfig.FlannelBackend != types.FlannelBackendWireguardNative) && (nodeConfig.FlannelBackend != types.FlannelBackendIPSEC) {
|
||||||
|
logrus.Warnf("Flannel is using external addresses with an insecure backend: %v. Please consider using an encrypting flannel backend.", nodeConfig.FlannelBackend)
|
||||||
|
}
|
||||||
if err := flannel.Prepare(ctx, nodeConfig); err != nil {
|
if err := flannel.Prepare(ctx, nodeConfig); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue