Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for dual-stack Pod/Service CIDRs and node IP addresses #3212

Merged
merged 2 commits into from
Apr 21, 2021

Conversation

brandond
Copy link
Member

@brandond brandond commented Apr 16, 2021

Proposed Changes

  • Add support for dual-stack cluster/service CIDRs and node addresses
  • Begin transitioning the ip/externalip/hostname handoff (used by the K3s cloud provider) from labels to annotations, as labels do not allow the character-set necessary to pass through IPv6 addresses.
    • If a node has labels they will be maintained, but new nodes will use only annotations. The cloud provider will continue to check both, with annotations taking precedence.
  • Dual-stack node addresses are not autodetected; if desired a dual-stack address list must be passed to --node-ip (and --node-external-ip as necessary). Kubeadm is taking the same approach: Dual-Stack support for Kubeadm kubernetes/kubeadm#1612 (comment)

This opens the door to dual-stack operation, even if flannel and the kube-router NPC don't support it yet.

Note: Cluster-DNS and the Kubernetes apiserver --advertise-address themselves do not support dual-stack operation yet: kubernetes/kubeadm#1612 (comment)

Types of Changes

Feature

Verification

  • Confirm that K3s works as usual when specifying only IPv4 CIDRs, or when using defaults
  • Confirm that specifying dual-stack CIDRs raises an error if not run with --disable-network-policy --flannel-backend=none

Example test:

  • Add "ipv6": true, "fixed-cidr-v6": "fd7c:53a5:aef5:0::/64" to /etc/docker/daemon.json and restart docker
  • Run K3s server with IPv6:
    docker run --name=k3s-server-1 --rm -it --privileged rancher/k3s:BUILD_TAG --debug server --cluster-cidr=10.42.0.0/16,fd42::/48 --service-cidr=10.43.0.0/16,fd43::/112 --disable-network-policy --flannel-backend=none --node-ip=172.17.0.2,fd7c:53a5:aef5::242:ac11:2
    
  • Check for dual-stack CIDRs and node addresses:
    docker exec -it k3s-server-1 kubectl get nodes -o yaml | grep -EA6 'spec:|addresses:'
      spec:
        podCIDR: 10.42.0.0/24
        podCIDRs:
        - 10.42.0.0/24
        - fd42::/64
        providerID: k3s://7a78f12c7fb1
        taints:
    --
          addresses:
        - address: 172.17.0.2
          type: InternalIP
        - address: fd7c:53a5:aef5::242:ac11:2
          type: InternalIP
        - address: 7a78f12c7fb1
          type: Hostname
    

Linked Issues

For #3158

Further Comments

While the CLI has been directly changed to use StringSlices instead of strings, I have opted to add separate fields to the the Config types in order to retain backwards/forwards compatibility between builds with and without this change.

@brandond brandond requested a review from a team as a code owner April 16, 2021 12:02
@brandond brandond marked this pull request as draft April 16, 2021 12:02
@brandond brandond force-pushed the fix_dualstack_3158 branch 2 times, most recently from 31255f9 to 13c4aff Compare April 16, 2021 21:03
@brandond brandond marked this pull request as ready for review April 16, 2021 23:45
@brandond brandond changed the title WIP: Add support for multiple CIDRs/ClusterDNS addresses Add support for multiple CIDRs/ClusterDNS addresses Apr 16, 2021
@briandowns
Copy link
Contributor

The code itself seems fine however for this change, it'd probably be beneficial to include some basic tests. And link over to the associated rancher/docs update pr.

@brandond brandond force-pushed the fix_dualstack_3158 branch 2 times, most recently from 4285dec to 9df1dfd Compare April 19, 2021 23:43
@brandond brandond force-pushed the fix_dualstack_3158 branch 4 times, most recently from 508fbbf to d91bbbd Compare April 21, 2021 11:17
@brandond brandond changed the title Add support for multiple CIDRs/ClusterDNS addresses Add support for dual-stack Pod/Service CIDRs and node IP addresses Apr 21, 2021
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond requested a review from briandowns April 21, 2021 17:01
@brandond brandond force-pushed the fix_dualstack_3158 branch from d91bbbd to 799bda8 Compare April 21, 2021 17:03
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond merged commit 2705431 into k3s-io:master Apr 21, 2021
@unixfox
Copy link

unixfox commented Apr 22, 2021

I think #3049 can be closed right then?

@janeczku
Copy link

Should we close #3158 as well then?

@brandond
Copy link
Member Author

Should we close #3158 as well then?

Issues for merged PRs don't get closed until QA validates the fix.

@janeczku
Copy link

Okay, i thought it had already been validated given that the issue's milestone (v1.21.0+k3s1) has already been released.

@brandond
Copy link
Member Author

No, when QA validates it you'll see a comment from the QA team and the issue will be closed. Experimental features don't always see full validation from QA prior to release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants