upstream/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2026-05-28 04:34:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Fix IPv6 handling for loadbalancer addresses

Browse source 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This commit is contained in:
Brad Davidson 2025-09-15 23:43:37 +00:00 committed by Brad Davidson
parent 07d0711e5a
commit a7d3c8559f
5 changed files with 34 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
pkg/agent/config/config.go
View file

@ -456,10 +456,15 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
if err != nil {
return nil, pkgerrors.WithMessage(err, "failed to retrieve configuration from server")
}
nodeName, nodeIPs, err := util.GetHostnameAndIPs(envInfo.NodeName, envInfo.NodeIP.Value())
if err != nil {
return nil, pkgerrors.WithMessage(err, "failed to get node name and addresses")
}
// If the supervisor and externally-facing apiserver are not on the same port, tell the proxy where to find the apiserver.
if controlConfig.SupervisorPort != controlConfig.HTTPSPort {
isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(envInfo.NodeIP.Value())))
if err := proxy.SetAPIServerPort(controlConfig.HTTPSPort, isIPv6); err != nil {
if err := proxy.SetAPIServerPort(controlConfig.HTTPSPort, utilsnet.IsIPv6(nodeIPs[0])); err != nil {
return nil, pkgerrors.WithMessagef(err, "failed to set apiserver port to %d", controlConfig.HTTPSPort)
}
}
@ -499,11 +504,6 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
newNodePasswordFile := filepath.Join(nodeConfigPath, "password")
upgradeOldNodePasswordPath(oldNodePasswordFile, newNodePasswordFile)
nodeName, nodeIPs, err := util.GetHostnameAndIPs(envInfo.NodeName, envInfo.NodeIP.Value())
if err != nil {
return nil, err
}
// If there is a VPN, we must overwrite NodeIP and flannel interface
var vpnInfo vpn.VPNInfo
if envInfo.VPNAuth != "" {

22
pkg/agent/loadbalancer/loadbalancer.go
View file

@ -2,15 +2,16 @@ package loadbalancer
import (
"context"
"fmt"
"net"
"net/url"
"os"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/inetaf/tcpproxy"
"github.com/k3s-io/k3s/pkg/util"
"github.com/k3s-io/k3s/pkg/util/metrics"
"github.com/k3s-io/k3s/pkg/version"
"github.com/sirupsen/logrus"
@ -40,14 +41,11 @@ var (
// New contstructs a new LoadBalancer instance. The default server URL, and
// currently active servers, are stored in a file within the dataDir.
func New(ctx context.Context, dataDir, serviceName, defaultServerURL string, lbServerPort int, isIPv6 bool) (_lb *LoadBalancer, _err error) {
config := net.ListenConfig{Control: reusePort}
var localAddress string
bindAddress := "127.0.0.1"
if isIPv6 {
localAddress = fmt.Sprintf("[::1]:%d", lbServerPort)
} else {
localAddress = fmt.Sprintf("127.0.0.1:%d", lbServerPort)
bindAddress = "::1"
}
listener, err := config.Listen(ctx, "tcp", localAddress)
listener, err := util.ListenWithLoopback(ctx, bindAddress, strconv.Itoa(lbServerPort))
defer func() {
if _err != nil {
logrus.Warnf("Error starting load balancer: %s", _err)
@ -67,11 +65,11 @@ func New(ctx context.Context, dataDir, serviceName, defaultServerURL string, lbS
// Set explicit port from scheme
if serverURL.Port() == "" {
if strings.ToLower(serverURL.Scheme) == "http" {
serverURL.Host += ":80"
}
if strings.ToLower(serverURL.Scheme) == "https" {
serverURL.Host += ":443"
switch strings.ToLower(serverURL.Scheme) {
case "http":
serverURL.Host = net.JoinHostPort(serverURL.Hostname(), "80")
case "https":
serverURL.Host = net.JoinHostPort(serverURL.Hostname(), "443")
}
}

8
pkg/agent/run.go
View file

@ -339,9 +339,13 @@ func createProxyAndValidateToken(ctx context.Context, cfg *cmds.Agent) (proxy.Pr
if err := os.MkdirAll(agentDir, 0700); err != nil {
return nil, err
}
isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(cfg.NodeIP.Value())))
proxy, err := proxy.NewSupervisorProxy(ctx, !cfg.DisableLoadBalancer, agentDir, cfg.ServerURL, cfg.LBServerPort, isIPv6)
_, nodeIPs, err := util.GetHostnameAndIPs(cfg.NodeName, cfg.NodeIP.Value())
if err != nil {
return nil, pkgerrors.WithMessage(err, "failed to get node name and addresses")
}
proxy, err := proxy.NewSupervisorProxy(ctx, !cfg.DisableLoadBalancer, agentDir, cfg.ServerURL, cfg.LBServerPort, utilsnet.IsIPv6(nodeIPs[0]))
if err != nil {
return nil, err
}

12
pkg/cluster/cluster.go
View file

@ -2,16 +2,19 @@ package cluster
import (
"context"
"net"
"net/url"
"strings"
"time"
"github.com/k3s-io/k3s/pkg/cli/cmds"
"github.com/k3s-io/k3s/pkg/clientaccess"
"github.com/k3s-io/k3s/pkg/cluster/managed"
"github.com/k3s-io/k3s/pkg/daemons/config"
"github.com/k3s-io/k3s/pkg/daemons/executor"
"github.com/k3s-io/k3s/pkg/etcd"
"github.com/k3s-io/k3s/pkg/metrics"
"github.com/k3s-io/k3s/pkg/util"
"github.com/k3s-io/kine/pkg/endpoint"
pkgerrors "github.com/pkg/errors"
"github.com/sirupsen/logrus"
@ -116,8 +119,13 @@ func (c *Cluster) startEtcdProxy(ctx context.Context) error {
if err != nil {
return err
}
defaultURL.Host = defaultURL.Hostname() + ":2379"
etcdProxy, err := etcd.NewETCDProxy(ctx, c.config.SupervisorPort, c.config.DataDir, defaultURL.String(), utilsnet.IsIPv6CIDR(c.config.ServiceIPRanges[0]))
_, nodeIPs, err := util.GetHostnameAndIPs(cmds.AgentConfig.NodeName, cmds.AgentConfig.NodeIP.Value())
if err != nil {
pkgerrors.WithMessage(err, "failed to get node name and addresses")
}
defaultURL.Host = net.JoinHostPort(defaultURL.Hostname(), "2379")
etcdProxy, err := etcd.NewETCDProxy(ctx, c.config.SupervisorPort, c.config.DataDir, defaultURL.String(), utilsnet.IsIPv6(nodeIPs[0]))
if err != nil {
return err
}

3
pkg/daemons/agent/agent.go
View file

@ -163,8 +163,7 @@ func writeKubeletConfig(path string, config *kubeletconfig.KubeletConfiguration)
func defaultKubeletConfig(cfg *daemonconfig.Agent) (*kubeletconfig.KubeletConfiguration, error) {
bindAddress := "127.0.0.1"
isIPv6 := utilsnet.IsIPv6(net.ParseIP([]string{cfg.NodeIP}[0]))
if isIPv6 {
if utilsnet.IsIPv6(net.ParseIP([]string{cfg.NodeIP}[0])) {
bindAddress = "::1"
}