Skip to content

In ipv6-only cluster with proxy-mode=ipvs ipv4 entries are used for NodePort #68437

New issue
New issue
Closed
#71035
Closed
In ipv6-only cluster with proxy-mode=ipvs ipv4 entries are used for NodePort#68437
#71035
Labels
area/ipv6area/ipvskind/bugCategorizes issue or PR as related to a bug.sig/networkCategorizes an issue or PR as relevant to SIG Network.
@uablrek

Description

@uablrek
uablrek
opened on Sep 8, 2018

Is this a BUG REPORT or FEATURE REQUEST?:

/kind bug
/area ipv6
/area ipvs
/sig network

What happened:

In an ipv6-only cluster with proxy-mode=ipvs the entries for NodePort in ipvs are created for ipv4 addresses. The target's (if there are any) consists of ipv6 addresses (wrongly) interpreted as ipv4;

# kubectl get svc
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)          AGE
cgen         NodePort    fd00:4000::c698   1000::2       5001:30669/TCP   42m
...
# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  127.0.0.1:30669 rr
  -> 253.0.48.0:5001              Masq    1      0          0         
TCP  192.168.0.4:30669 rr
  -> 253.0.48.0:5001              Masq    1      0          0         
TCP  [fd00:4000::c698]:5001 rr
  -> [fd00:3000:1::2]:5001        Masq    1      0          0         
  -> [fd00:3000:2::2]:5001  
...

Attempts to use the NodePort with ipv6 addresses are black-holed.

What you expected to happen:

Ipv6 addresses to the nodes should be used for NotePort and the LB-targets shall be the ipv6 address of the pods. Traffic to NodePorts shall be distributed among the (ipv6) endpoints.

How to reproduce it (as minimally and precisely as possible):

  • Setup an ipv6-only cluster
  • Create a service with type NodePort with endpoints
  • Try to connect to the NodePort
  • Do ipvsadm -L -n

Anything else we need to know?:

The nodes have both ipv4 and ipv6 addresses and it is possible that if the nodes only had ipv6 addresses it would work (I havn't tested). But even in an ipv6-only k8s cluster the nodes almost always need ipv4 addresses for other purposes.

Environment:

  • Kubernetes version (use kubectl version):
# kubectl version
Client Version: version.Info{Major:"1", Minor:"13+", GitVersion:"v1.13.0-alpha.0.1136+edd4fc25330c7f", GitCommit:"edd4fc25330c7fba7f0fd8a127b872c8614c7363", GitTreeState:"clean", BuildDate:"2018-09-07T16:28:26Z", GoVersion:"go1.10.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"13+", GitVersion:"v1.13.0-alpha.0.1136+edd4fc25330c7f", GitCommit:"edd4fc25330c7fba7f0fd8a127b872c8614c7363", GitTreeState:"clean", BuildDate:"2018-09-07T16:27:51Z", GoVersion:"go1.10.4", Compiler:"gc", Platform:"linux/amd64"}
  • Cloud provider or hardware configuration:
    Kvm VMs on Ubuntu 18.04.01 LTS
  • OS (e.g. from /etc/os-release):
    Own BusyBox based system
  • Kernel (e.g. uname -a):
# uname -a
Linux vm-004 4.18.5 #1 SMP Fri Sep 7 14:40:23 CEST 2018 x86_64 GNU/Linux
  • Install tools:
    None
  • Others:

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/ipv6area/ipvskind/bugCategorizes issue or PR as related to a bug.sig/networkCategorizes an issue or PR as relevant to SIG Network.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions