-
Notifications
You must be signed in to change notification settings - Fork 715
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kube-proxy needs to be configured to override hostname in some environments #857
kube-proxy needs to be configured to override hostname in some environments #857
Comments
related kube-proxy issue: kubernetes/kubernetes#57518 |
@luxas This is a nasty config issue, we need to chat with the @kubernetes/sig-network-bugs folks on this b/c the UX and work - arounds are really ugly. |
workaround is here https://kubernetes.io/docs/setup/independent/troubleshooting-kubeadm/#services-with-externaltrafficpolicy-local-are-not-reachable . Punting this work item to 1.12. |
I tried to apply the workaround, but ran into two issues. First, the patch appears to have a typo. After patching, I found that the
I fixed this by changing the curly braces
Second, kube-proxy appears to not use the value of the
Note that kube-proxy tries to get the node with the name I'll file a PR for the first issue, but I'm still tracking down the root cause for the second. |
I was able to work around the second by changing the I believe the the root of the second issue is that the kube-proxy config file The config file defines Looking at the kube-proxy code, I find that the flags update a config struct, but later the configuration file is unmarshalled into a new config struct, and the pointer to the original config struct is overwritten, effectively discarding all the flag values. (Maybe this is by design, since the flags are deprecated.) |
I was able to set |
Sadly we are way to late in the cycle to make this change. |
@timothysc |
I'm re-opening b/c we will need to update docs and other details on our side. |
I will pick this up. |
@Klaven thanks |
I think kubernetes/kubernetes#69340 makes the we should always set kube-proxy's ie: we should drop "in some environments" from this bug description. On older versions (before 69340 gets rolled out), the override flag is ignored in the presence of |
It would also be nice if it were possible to set the node name during kubeadm join with less hassle. There's the At present, in order to set the node name, I have patch the configuration file supplied to kubeadm join on each host, which is fragile with YAML. Fortunately, kubeadm init and kubeadm join will happily read JSON as well, so patching a configuration file in JSON with jq is a little bit easier than the sed script I'm using now against the YAML. Still, given that we have the Writing today, I noticed the following comment per @luxas's hand, so there is hope:
Is there an open issue for that problem? |
@seh that's a valid observation for a UX problem. we should have node-name overriding the config, but i don't think we can do that for 1.13. |
Understood. Thank you for acknowledging the pain. Dealing with the current situation is possible with shell script facilities, but it would have been much easier to resolve had it been more obvious how the flag and the configuration file's presence interact. Documenting the current behavior—even if undesirable in the long term—would save a lot of confusion and frustration. |
@seh, @neolit123, @timothysc here is a possible fix for this: kubernetes/kubernetes#71270 Please, review. |
It looks like kubeadm init still ignores the |
I was able to workaround this issue as follows
|
to me it took this to work
|
Currently in environments where a user must configure --hostname-override for the kubelet (such as AWS), kube-proxy is currently being deployed in a degraded state. Specifically, Services of type
NodePort
andLoadBalancer
whereexternalTrafficPolicy: local
.Since we are deploying kube-proxy as a daemonset that means that the only options available are to override the command arguments using the downward api, or to use an init container to mutate the config. This is further complicated because the kube-proxy command line options are marked as deprecated in favor of the component config.
The text was updated successfully, but these errors were encountered: