Add rootless IPv6 support

Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit 6f2b21c5cd) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-15 08:10:12 +00:00 · 2022-11-15 08:10:12 +00:00 · fd7db23961
parent f4a2be5108
commit fd7db23961
4 changed files with 25 additions and 8 deletions
--- a/pkg/agent/run.go
+++ b/pkg/agent/run.go
@ -258,7 +258,11 @@ func Run(ctx context.Context, cfg cmds.Agent) error {
 	}

 	if cfg.Rootless && !cfg.RootlessAlreadyUnshared {
-		if err := rootless.Rootless(cfg.DataDir); err != nil {
+		dualNode, err := utilsnet.IsDualStackIPStrings(cfg.NodeIP)
+		if err != nil {
+			return err
+		}
+		if err := rootless.Rootless(cfg.DataDir, dualNode); err != nil {
 			return err
 		}
 	}
--- a/pkg/cli/server/server.go
+++ b/pkg/cli/server/server.go
@ -81,7 +81,11 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
 		}
 		cfg.DataDir = dataDir
 		if !cfg.DisableAgent {
-			if err := rootless.Rootless(dataDir); err != nil {
+			dualNode, err := utilsnet.IsDualStackIPStrings(cmds.AgentConfig.NodeIP)
+			if err != nil {
+				return err
+			}
+			if err := rootless.Rootless(dataDir, dualNode); err != nil {
 				return err
 			}
 		}
--- a/pkg/rootless/rootless.go
+++ b/pkg/rootless/rootless.go
@ -29,11 +29,12 @@ var (

 	mtuEnv             = "K3S_ROOTLESS_MTU"
 	cidrEnv            = "K3S_ROOTLESS_CIDR"
+	enableIPv6Env      = "K3S_ROOTLESS_ENABLE_IPV6"
 	portDriverEnv      = "K3S_ROOTLESS_PORT_DRIVER"
 	disableLoopbackEnv = "K3S_ROOTLESS_DISABLE_HOST_LOOPBACK"
 )

-func Rootless(stateDir string) error {
+func Rootless(stateDir string, enableIPv6 bool) error {
 	defer func() {
 		os.Unsetenv(pipeFD)
 		os.Unsetenv(childEnv)
@ -66,7 +67,7 @@ func Rootless(stateDir string) error {
 	if err := validateSysctl(); err != nil {
 		logrus.Fatal(err)
 	}
-	parentOpt, err := createParentOpt(driver, rootlessDir)
+	parentOpt, err := createParentOpt(driver, rootlessDir, enableIPv6)
 	if err != nil {
 		logrus.Fatal(err)
 	}
@ -127,7 +128,7 @@ func parseCIDR(s string) (*net.IPNet, error) {
 	return ipnet, nil
 }

-func createParentOpt(driver portDriver, stateDir string) (*parent.Opt, error) {
+func createParentOpt(driver portDriver, stateDir string, enableIPv6 bool) (*parent.Opt, error) {
 	if err := os.MkdirAll(stateDir, 0755); err != nil {
 		return nil, errors.Wrapf(err, "failed to mkdir %s", stateDir)
 	}
@ -180,6 +181,14 @@ func createParentOpt(driver portDriver, stateDir string) (*parent.Opt, error) {
 		}
 	}

+	if val := os.Getenv(enableIPv6Env); val != "" {
+		if v, err := strconv.ParseBool(val); err != nil {
+			logrus.Warn("Failed to parse rootless enable-ipv6 value; using default")
+		} else {
+			enableIPv6 = v
+		}
+	}
+
 	cidr := "10.41.0.0/16"
 	if val := os.Getenv(cidrEnv); val != "" {
 		cidr = val
@ -193,7 +202,7 @@ func createParentOpt(driver portDriver, stateDir string) (*parent.Opt, error) {
 	if _, err := exec.LookPath(binary); err != nil {
 		return nil, err
 	}
-	opt.NetworkDriver, err = slirp4netns.NewParentDriver(driver.LogWriter(), binary, mtu, ipnet, "tap0", disableHostLoopback, driver.APISocketPath(), false, false, false)
+	opt.NetworkDriver, err = slirp4netns.NewParentDriver(driver.LogWriter(), binary, mtu, ipnet, "tap0", disableHostLoopback, driver.APISocketPath(), false, false, enableIPv6)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/rootless/rootless_windows.go
+++ b/pkg/rootless/rootless_windows.go
@ -1,5 +1,5 @@
 package rootless

-func Rootless(stateDir string) error {
-	panic("Rootless not supported on windows")
+func Rootless(stateDir string, enableIPv6 bool) error {
+	panic("Rootless is not supported on windows")
 }