mirror of https://github.com/k3s-io/k3s
Add ServiceLB support for PodHostIPs FeatureGate
If the feature-gate is enabled, use status.hostIPs for dual-stack externalTrafficPolicy=Local support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>pull/9144/head
parent
baaab250a7
commit
a27d660a24
|
@ -24,9 +24,11 @@ import (
|
||||||
"k8s.io/apimachinery/pkg/labels"
|
"k8s.io/apimachinery/pkg/labels"
|
||||||
"k8s.io/apimachinery/pkg/util/intstr"
|
"k8s.io/apimachinery/pkg/util/intstr"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||||
"k8s.io/client-go/util/retry"
|
"k8s.io/client-go/util/retry"
|
||||||
ccmapp "k8s.io/cloud-provider/app"
|
ccmapp "k8s.io/cloud-provider/app"
|
||||||
servicehelper "k8s.io/cloud-provider/service/helpers"
|
servicehelper "k8s.io/cloud-provider/service/helpers"
|
||||||
|
"k8s.io/kubernetes/pkg/features"
|
||||||
utilsnet "k8s.io/utils/net"
|
utilsnet "k8s.io/utils/net"
|
||||||
utilpointer "k8s.io/utils/pointer"
|
utilpointer "k8s.io/utils/pointer"
|
||||||
)
|
)
|
||||||
|
@ -47,7 +49,7 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
DefaultLBImage = "rancher/klipper-lb:v0.4.4"
|
DefaultLBImage = "rancher/klipper-lb:v0.4.5"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (k *k3s) Register(ctx context.Context,
|
func (k *k3s) Register(ctx context.Context,
|
||||||
|
@ -435,10 +437,11 @@ func (k *k3s) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
|
||||||
name := generateName(svc)
|
name := generateName(svc)
|
||||||
oneInt := intstr.FromInt(1)
|
oneInt := intstr.FromInt(1)
|
||||||
localTraffic := servicehelper.RequestsOnlyLocalTraffic(svc)
|
localTraffic := servicehelper.RequestsOnlyLocalTraffic(svc)
|
||||||
sourceRanges, err := servicehelper.GetLoadBalancerSourceRanges(svc)
|
sourceRangesSet, err := servicehelper.GetLoadBalancerSourceRanges(svc)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
sourceRanges := strings.Join(sourceRangesSet.StringSlice(), ",")
|
||||||
|
|
||||||
var sysctls []core.Sysctl
|
var sysctls []core.Sysctl
|
||||||
for _, ipFamily := range svc.Spec.IPFamilies {
|
for _, ipFamily := range svc.Spec.IPFamilies {
|
||||||
|
@ -447,6 +450,11 @@ func (k *k3s) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
|
||||||
sysctls = append(sysctls, core.Sysctl{Name: "net.ipv4.ip_forward", Value: "1"})
|
sysctls = append(sysctls, core.Sysctl{Name: "net.ipv4.ip_forward", Value: "1"})
|
||||||
case core.IPv6Protocol:
|
case core.IPv6Protocol:
|
||||||
sysctls = append(sysctls, core.Sysctl{Name: "net.ipv6.conf.all.forwarding", Value: "1"})
|
sysctls = append(sysctls, core.Sysctl{Name: "net.ipv6.conf.all.forwarding", Value: "1"})
|
||||||
|
// The upstream default load-balancer source range only includes IPv4, even if the service is IPv6-only or dual-stack.
|
||||||
|
// If using the default range, and IPv6 is enabled, also allow IPv6.
|
||||||
|
if sourceRanges == "0.0.0.0/0" {
|
||||||
|
sourceRanges += ",::/0"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -532,7 +540,7 @@ func (k *k3s) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "SRC_RANGES",
|
Name: "SRC_RANGES",
|
||||||
Value: strings.Join(sourceRanges.StringSlice(), " "),
|
Value: sourceRanges,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "DEST_PROTO",
|
Name: "DEST_PROTO",
|
||||||
|
@ -558,7 +566,7 @@ func (k *k3s) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
|
||||||
Name: "DEST_IPS",
|
Name: "DEST_IPS",
|
||||||
ValueFrom: &core.EnvVarSource{
|
ValueFrom: &core.EnvVarSource{
|
||||||
FieldRef: &core.ObjectFieldSelector{
|
FieldRef: &core.ObjectFieldSelector{
|
||||||
FieldPath: "status.hostIP",
|
FieldPath: getHostIPsFieldPath(),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -571,7 +579,7 @@ func (k *k3s) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
|
||||||
},
|
},
|
||||||
core.EnvVar{
|
core.EnvVar{
|
||||||
Name: "DEST_IPS",
|
Name: "DEST_IPS",
|
||||||
Value: strings.Join(svc.Spec.ClusterIPs, " "),
|
Value: strings.Join(svc.Spec.ClusterIPs, ","),
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
@ -703,3 +711,10 @@ func ingressToString(ingresses []core.LoadBalancerIngress) []string {
|
||||||
}
|
}
|
||||||
return parts
|
return parts
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func getHostIPsFieldPath() string {
|
||||||
|
if utilfeature.DefaultFeatureGate.Enabled(features.PodHostIPs) {
|
||||||
|
return "status.hostIPs"
|
||||||
|
}
|
||||||
|
return "status.hostIP"
|
||||||
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
docker.io/rancher/klipper-helm:v0.8.2-build20230815
|
docker.io/rancher/klipper-helm:v0.8.2-build20230815
|
||||||
docker.io/rancher/klipper-lb:v0.4.4
|
docker.io/rancher/klipper-lb:v0.4.5
|
||||||
docker.io/rancher/local-path-provisioner:v0.0.24
|
docker.io/rancher/local-path-provisioner:v0.0.24
|
||||||
docker.io/rancher/mirrored-coredns-coredns:1.10.1
|
docker.io/rancher/mirrored-coredns-coredns:1.10.1
|
||||||
docker.io/rancher/mirrored-library-busybox:1.36.1
|
docker.io/rancher/mirrored-library-busybox:1.36.1
|
||||||
|
|
Loading…
Reference in New Issue