Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(Experimental) bare-metal with IPv6 #16944

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

(Experimental) bare-metal with IPv6 #16944

wants to merge 5 commits into from

Conversation

justinsb
Copy link
Member

@justinsb justinsb commented Nov 11, 2024
edited
Loading

IPv6 brings some new complexities, particularly around IPAM.

We create a test and then fix a few things:

  • We need to assign the podCIDR for IPv6, so we add support to kops-controller. The source of this information is the host CRD.
  • Because we are assigning the podCIDR from the Host CRD, we need Host records for the control plane nodes. However, there are bootstrapping problems around creating a CRD during enrollment of the control-plane nodes. So instead, we can now generate a Host Object in yaml, and can apply it separately. A high-security workflow would probably create the host records separately anyway, because they are how we validate nodes.
  • Previously we were always setting the kubelet cloud-provider=external flag. But this assumes we are running a CCM. If we are not running a CCM (like metal), then we should not set the flag. If we do set the flag, kubelet sets the node.kops.k8s.io/uninitialized taint for CCM to clear, and nobody clears it.
  • We need to make sure there is an IPv6 default route so that kubelet can discover its node ip correctly. We could put this into the Host CRD, but it does seem like most nodes will have a default route.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Nov 11, 2024
@justinsb
Copy link
Member Author

I am trying to upload this and then I can rebasing as I/we fix each problem.

Current problem is from nodeup:

vm0 nodeup[703]: W1111 17:07:00.322041     703 main.go:133] got error running nodeup (will retry in 30s): error building loader: building *model.PrefixBuilder: kOps IPAM controller not supported on cloud "metal"

So we need to decide how the podCIDR is assigned!

@k8s-ci-robot k8s-ci-robot added area/api area/kops-controller area/nodeup size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Nov 12, 2024
@justinsb justinsb force-pushed the bare-metal-ipv6 branch 3 times, most recently from 1204c0d to 23634fb Compare November 12, 2024 18:35
@justinsb justinsb force-pushed the bare-metal-ipv6 branch 2 times, most recently from 2e6784b to 4ff49a7 Compare November 17, 2024 12:20
@justinsb
Copy link
Member Author

/retest

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 20, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from justinsb. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 9, 2025
@justinsb justinsb force-pushed the bare-metal-ipv6 branch 4 times, most recently from 52749c9 to 39d7698 Compare February 10, 2025 23:05
@justinsb justinsb force-pushed the bare-metal-ipv6 branch 2 times, most recently from 5759774 to 29997cc Compare February 19, 2025 12:02
@justinsb justinsb changed the title WIP: tests: add test for bare-metal with ipv6 (Experimental) bare-metal with IPv6 Feb 19, 2025
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 19, 2025
@justinsb
Copy link
Member Author

/retest

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 21, 2025
@justinsb
tests: add test for bare-metal with ipv6
eb4c301 
IPv6 brings some new complexities, particularly around IPAM.
@justinsb
metal: simple IPAM for IPv6
3a2f4bc
@justinsb
metal: don't set CCM external always for IPv6
1488fac 
While we do require CCM for IPv6, we should configure the appropriate CCM.
@justinsb
Fix IPv6 routes and use kube 1.32
82f11ac
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 21, 2025
@justinsb
metal: split host creation from enrollment
ebd96f9 
This is needeed for bootstrapping the control plane,
because it's a CRD so can't be registered until the control plane is running.

It's also quite nice because we might want to review the contents of the
host CRD, e.g. to verify the key out-of-band.
@justinsb
Copy link
Member Author

/retest

@k8s-ci-robot
Copy link
Contributor

@justinsb: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kops-e2e-cni-flannel 4ff49a7 link true /test pull-kops-e2e-cni-flannel
pull-kops-e2e-gce-cni-calico 4ff49a7 link true /test pull-kops-e2e-gce-cni-calico
pull-kops-e2e-gce-cni-kindnet 4ff49a7 link true /test pull-kops-e2e-gce-cni-kindnet
pull-kops-e2e-k8s-aws-amazonvpc-u2404 4ff49a7 link true /test pull-kops-e2e-k8s-aws-amazonvpc-u2404
pull-kops-e2e-k8s-gce-cilium ebd96f9 link true /test pull-kops-e2e-k8s-gce-cilium
pull-kops-kubernetes-e2e-ubuntu-gce-build ebd96f9 link false /test pull-kops-kubernetes-e2e-ubuntu-gce-build

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johngmyers johngmyers Awaiting requested review from johngmyers

@zetaab zetaab Awaiting requested review from zetaab

Assignees
No one assigned
Labels
area/api area/documentation area/kops-controller area/nodeup cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@justinsb @k8s-ci-robot