Skip to content

Commit

Permalink
kindnet: Support IP aliases with kindnet on gce
Browse files Browse the repository at this point in the history
  • Loading branch information
justinsb committed Jan 15, 2025
1 parent 90edbe4 commit c9d4e28
Show file tree
Hide file tree
Showing 7 changed files with 21 additions and 7 deletions.
5 changes: 2 additions & 3 deletions pkg/model/components/gcpcloudcontrollermanager.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,8 @@ func (b *GCPCloudControllerManagerOptionsBuilder) BuildOptions(cluster *kops.Clu
ccmConfig.ClusterCIDR = clusterSpec.Networking.PodCIDR
}

if clusterSpec.Networking.GCP != nil {
// "GCP" networking mode is called "ip-alias" or "vpc-native" on GKE.
// We don't need to configure routes if we are using "real" IPs.
if gce.UsesIPAliases(cluster) {
// We don't need to configure routes if we are using ipalias; these are "real" IPs
ccmConfig.ConfigureCloudRoutes = fi.PtrTo(false)
}

Expand Down
8 changes: 8 additions & 0 deletions pkg/model/components/kubecontrollermanager.go
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,14 @@ func (b *KubeControllerManagerOptionsBuilder) BuildOptions(o *kops.Cluster) erro
} else {
kcm.CIDRAllocatorType = fi.PtrTo("CloudAllocator")
}
} else if networking.Kindnet != nil {
// We don't expect KCM to configure routes; it should be done by the CCM (or by the infrastructure)
kcm.ConfigureCloudRoutes = fi.PtrTo(false)

// If the cloud is allocating the node CIDRs, that should be done by CCM
if o.GetCloudProvider() == kops.CloudProviderGCE && gce.UsesIPAliases(o) {
kcm.AllocateNodeCIDRs = fi.PtrTo(false)
}
} else if networking.External != nil {
kcm.ConfigureCloudRoutes = fi.PtrTo(false)
} else if UsesCNI(networking) {
Expand Down
2 changes: 1 addition & 1 deletion pkg/model/gcemodel/context.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ func (c *GCEModelContext) NameForFirewallRule(id string) string {
}

func (c *GCEModelContext) NetworkingIsIPAlias() bool {
return c.Cluster.Spec.Networking.GCP != nil
return gce.UsesIPAliases(c.Cluster)
}

func (c *GCEModelContext) NetworkingIsGCERoutes() bool {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ ClusterName: privatekindnet.example.com
ConfigBase: memfs://clusters.example.com/privatekindnet.example.com
InstanceGroupName: master-us-test-1a
InstanceGroupRole: ControlPlane
NodeupConfigHash: jTF3I7at/1p0jwCMDz9kTq2uKvqMG+UEhKlJd1X96+8=
NodeupConfigHash: lgPxiqJbDn1WQqD2BR2dzZRFvgBtedQIcphqjfGgam0=
__EOF_KUBE_ENV

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ spec:
serviceClusterIPRange: 100.64.0.0/13
storageBackend: etcd3
kubeControllerManager:
allocateNodeCIDRs: true
allocateNodeCIDRs: false
attachDetachReconcileSyncPeriod: 1m0s
cloudProvider: external
clusterCIDR: 100.96.0.0/11
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -233,7 +233,7 @@ CAs:
ClusterName: privatekindnet.example.com
ControlPlaneConfig:
KubeControllerManager:
allocateNodeCIDRs: true
allocateNodeCIDRs: false
attachDetachReconcileSyncPeriod: 1m0s
cloudProvider: external
clusterCIDR: 100.96.0.0/11
Expand Down
7 changes: 7 additions & 0 deletions upup/pkg/fi/cloudup/gce/network.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,16 @@ import (

// UsesIPAliases checks if the cluster uses IP aliases for network connectivity
func UsesIPAliases(c *kops.Cluster) bool {
// "GCP" networking mode is called "ip-alias" or "vpc-native" on GKE.
if c.Spec.Networking.GCP != nil {
return true
}

if c.Spec.Networking.Kindnet != nil {
// TODO: Are we _always_ using ipalias - should we at least check the cloud is GCP?
return true
}

return false
}

Expand Down

0 comments on commit c9d4e28

Please sign in to comment.