Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

With tailscale --advertise-address passed to kube-apiserver shows both ipv4 as well as ipv6 address on a ipv6-only setup #8020

Closed
ShylajaDevadiga opened this issue Jul 20, 2023 · 2 comments
Closed

With tailscale --advertise-address passed to kube-apiserver shows both ipv4 as well as ipv6 address on a ipv6-only setup #8020

ShylajaDevadiga opened this issue Jul 20, 2023 · 2 comments
Assignees
@VestigeJ @manuelbuil
Labels
kind/bug Something isn't working
Milestone
v1.27.5+k3s1

Comments

@ShylajaDevadiga
Copy link
Contributor

ShylajaDevadiga commented Jul 20, 2023
edited
Loading

Environmental Info:
K3s Version:
k3s version v1.27.3+k3s-be442433

Node(s) CPU architecture, OS, and Version:
Ubuntu 22.04

Cluster Configuration:
Single node

Describe the bug:
--advertise-address flag passed to kube-apiserver and node-ip flag passed to the agent contains both ipv4 and ipv6 ip as tailscale ips

Steps To Reproduce:
On a ipv6 node
Install tailscale
Install k3s passing the authkey

Expected behavior:
We should pass ipv6 only address to --advertise-address to the kube-apiserver

Actual behavior:
Both ipv4 and ipv6 address is passed

Additional context / logs:

Jul 20 16:38:24 i-0754fbb40c58fae14 k3s[8802]: time="2023-07-20T16:38:24Z" level=info msg="Running kube-apiserver --advertise-address=100.77.219.2 --advertise-port=6443 --allow-privileged=true --anonymous-auth=false --api-audiences=https://kubernetes.default.svc.cluster.local,k3s
@ShylajaDevadiga ShylajaDevadiga added this to the v1.27.4+k3s1 milestone Jul 20, 2023
@ShylajaDevadiga ShylajaDevadiga added the kind/bug Something isn't working label Jul 20, 2023
@ShylajaDevadiga ShylajaDevadiga mentioned this issue Jul 20, 2023
Closed
@manuelbuil
Copy link
Contributor

flannel extension backend (the one used by flannel) does not support ipv6-only. We need to fix that in flannel first

@manuelbuil manuelbuil moved this from New to Working in K3s Development Jul 27, 2023
@manuelbuil manuelbuil mentioned this issue Jul 27, 2023
Closed
@manuelbuil manuelbuil moved this to Networking in K3s Backlog Jul 27, 2023
This was referenced Jul 27, 2023
Merged
Merged
@manuelbuil manuelbuil moved this from Working to To Test in K3s Development Aug 2, 2023
This was referenced Aug 2, 2023
Closed
Closed
@VestigeJ
Copy link

##Environment Details
VERSION=v1.27.4+k3s1
COMMIT=38a0b91c1a917d2866aee265bc7815424af3e701

Infrastructure

  • Cloud

Node(s) CPU architecture, OS, and version:

ami-01f87c43e618bf8f0

Linux 5.11.0-1022-aws x86_64 GNU/Linux

PRETTY_NAME="Ubuntu 20.04.3 LTS"

Cluster Configuration:

NAME              STATUS   ROLES                       AGE    VERSION
ip-1-1-2-66       Ready    control-plane,etcd,master   4m5s   v1.27.4+k3s-38a0b91c

Config.yaml:

=========== k3s config =========== 
write-kubeconfig-mode: 644
debug: true
token: YOUR_TOKEN_HERE
protect-kernel-defaults: true
cluster-init: true
cluster-cidr: 2001:cafe:42:0::/56
service-cidr: 2001:cafe:42:1::/112
vpn-auth: "name=tailscale,joinKey=tskey-auth-m0rt@l-W0m3b@t"
node-ip: 2600:cade:iced:eeee:b7a1:6e49:b389:2e60

Reproduction

$ curl https://get.k3s.io --output install-"k3s".sh
$ sudo chmod +x install-"k3s".sh
$ sudo groupadd --system etcd && sudo useradd -s /sbin/nologin --system -g etcd etcd
$ sudo modprobe ip_vs_rr
$ sudo modprobe ip_vs_wrr
$ sudo modprobe ip_vs_sh
$ sudo printf "on_oovm.panic_on_oom=0 \nvm.overcommit_memory=1 \nkernel.panic=10 \nkernel.panic_ps=1 \nkernel.panic_on_oops=1 \n" > ~/90-kubelet.conf
$ sudo cp 90-kubelet.conf /etc/sysctl.d/
$ sudo systemctl restart systemd-sysctl
$ get_tailscale //curl install tailscale binary
$ sudo INSTALL_K3S_VERSION=v1.27.4+k3s1 INSTALL_K3S_EXEC=server ./install-k3s.sh 
$ sudo journalctl -u k3s
$ ps -ef | grep k3s //k3s fails to have started correctly with this configuration

Results:

Validation

$ curl https://get.k3s.io --output install-"k3s".sh
$ sudo chmod +x install-"k3s".sh
$ sudo groupadd --system etcd && sudo useradd -s /sbin/nologin --system -g etcd etcd
$ sudo modprobe ip_vs_rr
$ sudo modprobe ip_vs_wrr
$ sudo modprobe ip_vs_sh
$ sudo printf "on_oovm.panic_on_oom=0 \nvm.overcommit_memory=1 \nkernel.panic=10 \nkernel.panic_ps=1 \nkernel.panic_on_oops=1 \n" > ~/90-kubelet.conf
$ sudo cp 90-kubelet.conf /etc/sysctl.d/
$ sudo systemctl restart systemd-sysctl
$ get_tailscale //curl install tailscale binary
$ sudo INSTALL_K3S_COMMIT=38a0b91c1a917d2866aee265bc7815424af3e701 INSTALL_K3S_EXEC=server ./install-k3s.sh 
$ sudo journalctl -u k3s | grep -i advertise
$ kgn -o wide
$ kgp -o wide -A //k3s running with all pods and nodes advertising ipv6 address

Results:

$ kgp -A

NAMESPACE     NAME                                     READY   STATUS      RESTARTS   AGE
kube-system   coredns-77ccd57875-wdcc9                 1/1     Running     0          36s
kube-system   helm-install-traefik-44jgf               0/1     Completed   1          37s
kube-system   helm-install-traefik-crd-98pbv           0/1     Completed   0          37s
kube-system   local-path-provisioner-957fdf8bc-ms7tp   1/1     Running     0          36s
kube-system   metrics-server-648b5df564-n7czh          1/1     Running     0          36s
kube-system   svclb-traefik-938d6ee1-bqj6r             2/2     Running     0          18s
kube-system   traefik-64f55bb67d-k978t                 1/1     Running     0          19s

$ kgn -o wide

NAME              STATUS   ROLES                       AGE   VERSION                INTERNAL-IP                               EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION    CONTAINER-RUNTIME
ip-192-168-2-66   Ready    control-plane,etcd,master   55s   v1.27.4+k3s-38a0b91c   fd7a:iced:cafe:eeee:4843:cd96:6263:763b   <none>        Ubuntu 20.04.3 LTS   5.11.0-1022-aws   containerd://1.7.3-k3s1

$ kgp -o wide -A

NAMESPACE     NAME                                     READY   STATUS      RESTARTS   AGE   IP                NODE              NOMINATED NODE   READINESS GATES
kube-system   coredns-77ccd57875-wdcc9                 1/1     Running     0          53s   2001:cafe:42::3   ip-192-168-2-66   <none>           <none>
kube-system   helm-install-traefik-44jgf               0/1     Completed   1          54s   2001:cafe:42::6   ip-192-168-2-66   <none>           <none>
kube-system   helm-install-traefik-crd-98pbv           0/1     Completed   0          54s   2001:cafe:42::2   ip-192-168-2-66   <none>           <none>
kube-system   local-path-provisioner-957fdf8bc-ms7tp   1/1     Running     0          53s   2001:cafe:42::5   ip-192-168-2-66   <none>           <none>
kube-system   metrics-server-648b5df564-n7czh          1/1     Running     0          53s   2001:cafe:42::4   ip-192-168-2-66   <none>           <none>
kube-system   svclb-traefik-938d6ee1-bqj6r             2/2     Running     0          35s   2001:cafe:42::7   ip-192-168-2-66   <none>           <none>
kube-system   traefik-64f55bb67d-k978t                 1/1     Running     0          36s   2001:cafe:42::8   ip-192-168-2-66   <none>           <none>

Additional context / logs:

@github-project-automation github-project-automation bot moved this from Networking to Closed in K3s Backlog Aug 11, 2023
@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development Aug 11, 2023
@rbrtbnfgl rbrtbnfgl mentioned this issue Oct 3, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VestigeJ VestigeJ

@manuelbuil manuelbuil

Labels
kind/bug Something isn't working
Projects
K3s Backlog
Status: Closed
K3s Development
Archived in project
Milestone
v1.27.5+k3s1
Development

No branches or pull requests
4 participants
@VestigeJ @manuelbuil @ShylajaDevadiga @caroline-suse-rancher