node address filtering support #1368

abckey · 2024-05-21T14:16:51Z

talos reports all available IPs on the node to sidero metal, including some internal IPs are not reachable outside.

those IPs are populated to Machine object, CACPPT then takes 1st IP to use to do etcd bootstrap.

When 1st IP is a non-routable internal IP, then etcd bootstrap fails.

 # kubectl -n <namespace> get machine <machine name> -o yaml|yq -y .status.addresses
- address: 10.10.10.1
  type: InternalIP
- address: 10.20.20.1
  type: InternalIP
- address: 167.183.1183.31
  type: InternalIP
- address: hostabcde
  type: Hostname

The problem can be solved by setting excluding filters to exclude IPs from certain network ranges, e.g. following filters can exclude 10.10.10.1 and 10.20.20.1 from above reported list:

- 10.10.10.0/24
- 10.20.20.0/31

The text was updated successfully, but these errors were encountered:

This allows to filter out addresses reported by Talos machines to SideroMetal and which appear under `Machine.status.addresses`. Fixes siderolabs#1368 Signed-off-by: Andrey Smirnov <[email protected]>

smira self-assigned this May 23, 2024

smira mentioned this issue May 23, 2024

feat: provide negative address filter support #1369

Merged

talos-bot closed this as completed in a30f4d9 May 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

node address filtering support #1368

node address filtering support #1368

abckey commented May 21, 2024 •

edited

Loading

node address filtering support #1368

node address filtering support #1368

Comments

abckey commented May 21, 2024 • edited Loading

abckey commented May 21, 2024 •

edited

Loading