mirror of https://github.com/k3s-io/k3s
Merge pull request #56325 from m1093782566/ipvs-readme
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Update IPVS README **What this PR does / why we need it**: People complained that they feel confused about how to use IPVS-based kube-proxy correctly, probably we may need to provide them a better README. **Which issue(s) this PR fixes**: xref: #56319 **Special notes for your reviewer**: **Release note**: ```release-note NONE ```pull/6/head
Kubernetes Submit Queue
GitHub
commit
9a03e7e17d
|
|
@ -10,32 +10,17 @@ Linux kernel.
|
|||
IPVS runs on a host and acts as a load balancer in front of a cluster of real servers. IPVS can direct requests for TCP
|
||||
and UDP-based services to the real servers, and make services of real servers appear as virtual services on a single IP address.
|
||||
|
||||
## How to use
|
||||
## Run kube-proxy in ipvs mode
|
||||
|
||||
#### Load IPVS kernel modules
|
||||
Currently, local-up scripts and kubeadm support switching IPVS proxy mode via exporting environment variables or specifying flags.
|
||||
|
||||
Currently the IPVS kernel module can't be loaded automatically, so first we should use the following command to load IPVS kernel
|
||||
modules manually.
|
||||
|
||||
```shell
|
||||
modprobe ip_vs
|
||||
modprobe ip_vs_rr
|
||||
modprobe ip_vs_wrr
|
||||
modprobe ip_vs_sh
|
||||
modprobe nf_conntrack_ipv4
|
||||
```
|
||||
|
||||
After that, use `lsmod | grep ip_vs` to make sure kernel modules are loaded.
|
||||
|
||||
#### Run kube-proxy in ipvs mode
|
||||
|
||||
#### Local UP Cluster
|
||||
### Local UP Cluster
|
||||
|
||||
Kube-proxy will run in iptables mode by default in a [local-up cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md).
|
||||
|
||||
Users should export the env `KUBEPROXY_MODE=ipvs` to specify the ipvs mode before deploying the cluster if want to run kube-proxy in ipvs mode.
|
||||
|
||||
#### Cluster Created by Kubeadm
|
||||
### Cluster Created by Kubeadm
|
||||
|
||||
Kube-proxy will run in iptables mode by default in a cluster deployed by [kubeadm](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/).
|
||||
|
||||
|
|
@ -56,12 +41,14 @@ apiVersion: kubeadm.k8s.io/v1alpha1
|
|||
...
|
||||
featureGates:
|
||||
SupportIPVSProxyMode: true
|
||||
...
|
||||
mode: ipvs
|
||||
```
|
||||
|
||||
#### Test
|
||||
## Debug
|
||||
|
||||
Use `ipvsadm` tool to test whether the kube-proxy start succeed. By default we may get result like:
|
||||
### Check IPVS proxy rules
|
||||
|
||||
People can use `ipvsadm` tool to check whether kube-proxy are maintaining IPVS rules correctly. For example, we may get IPVS proxy rules like:
|
||||
|
||||
```shell
|
||||
# ipvsadm -ln
|
||||
|
|
@ -73,3 +60,29 @@ TCP 10.0.0.1:443 rr persistent 10800
|
|||
TCP 10.0.0.10:53 rr
|
||||
UDP 10.0.0.10:53 rr
|
||||
```
|
||||
|
||||
### Why kube-proxy can't start IPVS mode
|
||||
|
||||
People can do the following check list step by step:
|
||||
|
||||
**1. Enable IPVS feature gateway**
|
||||
|
||||
Currently IPVS-based kube-proxy is still in alpha phase, people need to enable `--feature-gates=SupportIPVSProxyMode=true` explicitly.
|
||||
|
||||
**2. Specify proxy-mode=ipvs**
|
||||
|
||||
Tell kube-proxy that proxy-mode=ipvs, please.
|
||||
|
||||
**3. Load ipvs required kernel modules**
|
||||
|
||||
The following kernel modules are required by IPVS-based kube-proxy:
|
||||
|
||||
```shell
|
||||
ip_vs
|
||||
ip_vs_rr
|
||||
ip_vs_wrr
|
||||
ip_vs_sh
|
||||
nf_conntrack_ipv4
|
||||
```
|
||||
|
||||
IPVS-based kube-proxy will load them automatically. If it fails to load them, please check whether they are compiled into your kernel.
|
||||
|
|
|
|||
Loading…
Reference in New Issue