kube-vip shoud fail if kube_proxy_strict_arp is false in arp mod (#9223)
* fix-kube-vip-strict-arp * fix-kube-vip-strict-arp
This commit is contained in:
parent
de762400ad
commit
b46ddf35fc
4 changed files with 17 additions and 2 deletions
|
@ -2,6 +2,14 @@
|
||||||
|
|
||||||
kube-vip provides Kubernetes clusters with a virtual IP and load balancer for both the control plane (for building a highly-available cluster) and Kubernetes Services of type LoadBalancer without relying on any external hardware or software.
|
kube-vip provides Kubernetes clusters with a virtual IP and load balancer for both the control plane (for building a highly-available cluster) and Kubernetes Services of type LoadBalancer without relying on any external hardware or software.
|
||||||
|
|
||||||
|
## Prerequisites
|
||||||
|
|
||||||
|
You have to configure `kube_proxy_strict_arp` when the kube_proxy_mode is `ipvs` and kube-vip ARP is enabled.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
kube_proxy_strict_arp: true
|
||||||
|
```
|
||||||
|
|
||||||
## Install
|
## Install
|
||||||
|
|
||||||
You have to explicitly enable the kube-vip extension:
|
You have to explicitly enable the kube-vip extension:
|
||||||
|
|
|
@ -125,7 +125,7 @@ kube_apiserver_port: 6443 # (https)
|
||||||
kube_proxy_mode: ipvs
|
kube_proxy_mode: ipvs
|
||||||
|
|
||||||
# configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface
|
# configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface
|
||||||
# must be set to true for MetalLB to work
|
# must be set to true for MetalLB, kube-vip(ARP enabled) to work
|
||||||
kube_proxy_strict_arp: false
|
kube_proxy_strict_arp: false
|
||||||
|
|
||||||
# A string slice of values which specify the addresses to use for NodePorts.
|
# A string slice of values which specify the addresses to use for NodePorts.
|
||||||
|
|
|
@ -77,7 +77,7 @@ kube_proxy_exclude_cidrs: []
|
||||||
kube_proxy_scheduler: rr
|
kube_proxy_scheduler: rr
|
||||||
|
|
||||||
# configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface
|
# configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface
|
||||||
# must be set to true for MetalLB to work
|
# must be set to true for MetalLB, kube-vip(ARP enabled) to work
|
||||||
kube_proxy_strict_arp: false
|
kube_proxy_strict_arp: false
|
||||||
|
|
||||||
# kube_proxy_tcp_timeout is the timeout value used for idle IPVS TCP sessions.
|
# kube_proxy_tcp_timeout is the timeout value used for idle IPVS TCP sessions.
|
||||||
|
|
|
@ -1,4 +1,11 @@
|
||||||
---
|
---
|
||||||
|
- name: kube-vip | Check cluster settings for kube-vip
|
||||||
|
fail:
|
||||||
|
msg: "kube-vip require kube_proxy_strict_arp = true, see https://github.com/kube-vip/kube-vip/blob/main/docs/kubernetes/arp/index.md"
|
||||||
|
when:
|
||||||
|
- kube_proxy_mode == 'ipvs' and not kube_proxy_strict_arp
|
||||||
|
- kube_vip_arp_enabled
|
||||||
|
|
||||||
- name: kube-vip | Write static pod
|
- name: kube-vip | Write static pod
|
||||||
template:
|
template:
|
||||||
src: manifests/kube-vip.manifest.j2
|
src: manifests/kube-vip.manifest.j2
|
||||||
|
|
Loading…
Reference in a new issue