kk最新版本支持集群开启IPV6/IPV4双栈吗?
24sama 这里有一个不懂的地方请教一下,最下面一行的kubeletExtraArgs中的node-ip中指定的是执行init的Master节点的ipv4和ipv6地址么?看现在kk生成的这个部分只有cgroup-driver: systemd,要开始双栈,这里必须配置node-ip为2个地址吗?
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
networking:
podSubnet: 10.244.0.0/16,2001:db8:42:0::/56
serviceSubnet: 10.96.0.0/16,2001:db8:42:1::/112
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: "10.100.0.1"
bindPort: 6443
nodeRegistration:
kubeletExtraArgs:
node-ip: 10.100.0.2,fd00:1:2:3::2
tttt
可以检查一下是不是每个node都正确开启了ipv6,然后我看文档service中需要配置ipFamiles和ipFamilyPolicy,你可以检查一下。
https://kubernetes.io/docs/tasks/network/validate-dual-stack/#validate-services
24sama 这个service也是这样配置的。通过ipvsadm -L -n可以看到通过clusterIp的轮询配置了。
看配置是正确的,而且通过nodeport方式,通过主机IPv6地址和端口 [fd15:4ba5:5a2b:1008:5bbf:f87b:b3f7:dd1d]:31363是可以访问到pod的,但是就是在集群内部通过clusterIp和端口[2001:db8:42:1::7e3d]:80访问的时候,只有轮询到本节点上的pod的时候才能通,轮询到其他节点上的pod的时候就通不了,这个很奇怪
[root@m-192-168-239-132 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.239.132:31363 rr
-> 10.244.80.1:80 Masq 1 0 0
-> 10.244.198.1:80 Masq 1 0 0
-> 10.244.242.1:80 Masq 1 0 0
TCP 10.96.0.1:443 rr
-> 192.168.239.132:6443 Masq 1 2 0
-> 192.168.239.133:6443 Masq 1 1 0
-> 192.168.239.134:6443 Masq 1 1 0
TCP 10.96.0.3:53 rr
-> 10.244.177.1:53 Masq 1 0 0
-> 10.244.177.3:53 Masq 1 0 0
TCP 10.96.0.3:9153 rr
-> 10.244.177.1:9153 Masq 1 0 0
-> 10.244.177.3:9153 Masq 1 0 0
TCP 10.96.236.88:80 rr
-> 10.244.80.1:80 Masq 1 0 0
-> 10.244.198.1:80 Masq 1 0 0
-> 10.244.242.1:80 Masq 1 0 0
TCP 10.244.198.0:31363 rr
-> 10.244.80.1:80 Masq 1 0 0
-> 10.244.198.1:80 Masq 1 0 0
-> 10.244.242.1:80 Masq 1 0 0
UDP 10.96.0.3:53 rr
-> 10.244.177.1:53 Masq 1 0 0
-> 10.244.177.3:53 Masq 1 0 0
TCP [fd15:4ba5:5a2b:1008:5bbf:f87b:b3f7:dd1d]:31363 rr
-> [2001:db8:42:3:cd72:9fc4:393a:5000]:80 Masq 1 0 0
-> [2001:db8:42:29:6b93:3214:3a8b:3600]:80 Masq 1 0 0
-> [2001:db8:42:bc:152b:e0e1:f20c:c600]:80 Masq 1 0 0
TCP [2001:db8:42:1::7e3d]:80 rr
-> [2001:db8:42:3:cd72:9fc4:393a:5000]:80 Masq 1 0 0
-> [2001:db8:42:29:6b93:3214:3a8b:3600]:80 Masq 1 0 0
-> [2001:db8:42:bc:152b:e0e1:f20c:c600]:80 Masq 1 0 0
[root@m-192-168-239-132 ~]# curl -g [2001:db8:42:1::7e3d]:80
^C
[root@m-192-168-239-132 ~]# curl -g [2001:db8:42:1::7e3d]:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@m-192-168-239-132 ~]# curl -g [2001:db8:42:1::7e3d]:80
^C
[root@m-192-168-239-132 ~]# curl -g [2001:db8:42:1::7e3d]:80
^C
[root@m-192-168-239-132 ~]# curl -g [2001:db8:42:1::7e3d]:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@m-192-168-239-132 ~]# tttt 这个是用的k8s官网上的service地址段和pod地址段吧,官网上这两个ipv6的地址段是有重合的,要修改一下,就可以通了。pod的包含了service的。
zhangyancn9 厉害了,确实是这样,谢谢谢谢
2 年 后
[未知用户]
能否出个kk改造ipv4/ipv6双栈的教程?非常感谢!