Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add IPv6 address support for pods - does NOT include services #23090

Merged
merged 2 commits into from
May 13, 2016

Conversation

tgraf
Copy link
Contributor

@tgraf tgraf commented Mar 17, 2016

This allows a container to have an IPv6 address only and extracts the address via nsenter and iproute2 or the docker client directly. An IPv6 address is now correctly reported when describing a pod.

@thockin @kubernetes/sig-network


This change is Reviewable

tgraf added 2 commits March 17, 2016 01:27
Falls back to the GlobalIPv6Address or ip -6 addr output in case no
IPv4 is configured for the container.

Signed-off-by: Thomas Graf <[email protected]>
@k8s-bot
Copy link

k8s-bot commented Mar 17, 2016

Can one of the admins verify that this patch is reasonable to test? (reply "ok to test", or if you trust the user, reply "add to whitelist")

This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

Otherwise, if this message is too spammy, please complain to ixdy.

1 similar comment
@k8s-bot
Copy link

k8s-bot commented Mar 17, 2016

Can one of the admins verify that this patch is reasonable to test? (reply "ok to test", or if you trust the user, reply "add to whitelist")

This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

Otherwise, if this message is too spammy, please complain to ixdy.

@k8s-github-robot k8s-github-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 17, 2016
@k8s-bot
Copy link

k8s-bot commented Mar 17, 2016

Can one of the admins verify that this patch is reasonable to test? (reply "ok to test", or if you trust the user, reply "add to whitelist")

This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry.

Otherwise, if this message is too spammy, please complain to ixdy.

@lxpollitt
Copy link

cc @tomdee @caseydavenport

@vishh vishh assigned thockin and unassigned vishh Mar 21, 2016
@vishh
Copy link
Contributor

vishh commented Mar 21, 2016

ok to test

@marun
Copy link
Contributor

marun commented Mar 23, 2016

#23317 is likely relevant

@tgraf
Copy link
Contributor Author

tgraf commented Mar 23, 2016

This and #23317 are coming out of the same effort. We are working together and have tested the changes in combination as well. Both changes are needed separately.

@bgrant0607
Copy link
Member

Ref #1443

@thockin thockin added release-note Denotes a PR that will be considered when it comes time to generate release notes. ok-to-merge and removed needs-ok-to-merge labels Apr 29, 2016
@thockin
Copy link
Member

thockin commented Apr 29, 2016

add to whitelist

@thockin
Copy link
Member

thockin commented Apr 29, 2016

re-titling for release note

@thockin thockin changed the title Initial IPv6 addressing support for pods Add IPv6 address support for pods - does NOT include services Apr 29, 2016
@thockin thockin added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 29, 2016
@thockin
Copy link
Member

thockin commented May 2, 2016

@k8s-bot test this: github issue #IGNORE

@thockin
Copy link
Member

thockin commented May 10, 2016

@k8s-bot test this: issue #25392

@k8s-github-robot
Copy link

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

@k8s-bot
Copy link

k8s-bot commented May 13, 2016

GCE e2e build/test passed for commit 90623d9.

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit bb3f5b1 into kubernetes:master May 13, 2016
mikebryant added a commit to kubermesh/kubermesh that referenced this pull request Jul 29, 2016
…es/kubernetes#23090 claims support for IPv6, it turns out that as docker can't give a container an IPv6 address without an IPv4 address, we never hit the code path in kubernetes, so such support doesn't work :(
@danehans
Copy link

@tgraf I'm trying to test the functionality of this patch. I updated my docker daemon to run ipv6 by adding the following:

--ipv6 --fixed-cidr-v6="2001:db8:1::/64"

I have verified that the docker daemon can run an Ubuntu container and properly configure an IPv6 address for eth0. However, when I try to instantiate a k8s pod, it gets assigned an IPv4 address.

I used kubeadm with the weave cni plugin to deploy my k8s cluster. It appears that weave dos not support IPv6. What network plugin did you use to test this patch? Are any changes required other than the 2 dockerd flags?

Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1", GitCommit:"82450d03cb057bab0950214ef122b67c83fb11df", GitTreeState:"clean", BuildDate:"2016-12-14T00:57:05Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"08e099554f3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean", BuildDate:"2017-01-12T04:52:34Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}```

/cc @caboucha @rpothier @asomya

@caseydavenport
Copy link
Member

@danehans - Might want to check out Calico, which supports IPv6. It can be configured in the CNI plugin as documented here. I know of at least one other user who is using Calico to do IPv6 for k8s.

@tgraf
Copy link
Contributor Author

tgraf commented Jan 19, 2017

@danehans As @caseydavenport correctly hints, this patch assumes that whatever CNI plugin is configured to do networking will allocate an IPv6 address to the pod. It will work with any plugin that supports IPv6 allocation.

@tgraf tgraf deleted the ipv6 branch January 19, 2017 20:56
@danehans
Copy link

@caseydavenport @tgraf thanks for the insight. I'll test with Calico.

@akhildangore
Copy link

akhildangore commented Feb 2, 2017

Hello all,

Does the Kubernestes supports IPv6 address to the pods and services ?

if yes, how to enable IPv6 address while creating pods?

@gino9705
Copy link

Hello, all,
Could anyone help us to know how we could enable IPv6 address to the pods and services ??

@danehans
Copy link

We are shooting for official support in the 1.8/1.9 release timeframe. A considerable amount of required IPv6 code has merged, so feel free to experiment.

CNI 0.6.0 adds IPv6 support. You can test IPv6 pods with a CNI 0.6.0 plugin. Here is a brief list of steps for testing:

  1. SSH to your test node(s) that run kubelet.
  2. Download and untar the 0.6.0 plugins.
  3. Copy the bridge and host-local plugin bins to /opt/cni/bin
  4. Copy the following CNI conf file to /etc/cni/net.d/mynet.conf. Note: The bridge plugin does not support routing between nodes. To provide inter-node pod networking, you must manually add static routes on nodes or provide another mechanism for dynamic routing.
{
  "cniVersion": "0.3.0",
  "name": "mynet",
  "type": "bridge",
  "bridge": "cbr0",
  "isDefaultGateway": true,
  "ipMasq": false,
  "ipam": {
    "type": "host-local",
    "ranges": [
      {
        "subnet": "fd00:101::0/64",
        "gateway": "fd00:101::1"
      }
    ]
  }
}
  1. /opt/cni/bin and /etc/cni/net.d/mynet.conf are the default locations kubelet looks for CNI plugins and configuration files. Verify that kubelet --cni-bin-dir and --cni-conf-dir configuration flags are either unset or set to: --cni-bin-dir /opt/cni/bin --cni-conf-dir /etc/cni/net.d
  2. Start/restart kubelet
  3. Create a pod and test IPv6 network connectivity.

The following PRs need to be merged for supporting the Kubernetes Service resource. Feel free to review and provide feedback:

#48551
#50478

Use the area/ipv6 label in PRs and Issues for tracking purposes.

/cc @leblancd @pmichali @rpothier

@k8s-ci-robot k8s-ci-robot requested a review from pmichali August 24, 2017 17:18
@k8s-ci-robot
Copy link
Contributor

@danehans: GitHub didn't allow me to request PR reviews from the following users: leblancd, rpothier.

Note that only kubernetes members can review this PR, and authors cannot review their own PRs.

In response to this:

We are shooting for official support in the 1.8/1.9 release timeframe. A considerable amount of required IPv6 code has merged, so feel free to experiment.

CNI 0.6.0 adds IPv6 support. You can test IPv6 pods with a CNI 0.6.0 plugin. Here is a brief list of steps for testing:

  1. SSH to your test node(s) that run kubelet.
  2. Download and untar the 0.6.0 plugins.
  3. Copy the bridge and host-local plugin bins to /opt/cni/bin
  4. Copy the following CNI conf file to /etc/cni/net.d/mynet.conf. Note: The bridge plugin does not support routing between nodes. To provide inter-node pod networking, you must manually add static routes on nodes or provide another mechanism for dynamic routing.
{
 "cniVersion": "0.3.0",
 "name": "mynet",
 "type": "bridge",
 "bridge": "cbr0",
 "isDefaultGateway": true,
 "ipMasq": false,
 "ipam": {
   "type": "host-local",
   "ranges": [
     {
       "subnet": "fd00:101::0/64",
       "gateway": "fd00:101::1"
     }
   ]
 }
}
  1. /opt/cni/bin and /etc/cni/net.d/mynet.conf are the default locations kubelet looks for CNI plugins and configuration files. Verify that kubelet --cni-bin-dir and --cni-conf-dir configuration flags are either unset or set to: --cni-bin-dir /opt/cni/bin --cni-conf-dir /etc/cni/net.d
  2. Start/restart kubelet
  3. Create a pod and test IPv6 network connectivity.

The following PRs need to be merged for supporting the Kubernetes Service resource. Feel free to review and provide feedback:

#48551
#50478

Use the area/ipv6 label in PRs and Issues for tracking purposes.

/cc @leblancd @pmichali @rpothier

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@danehans
Copy link

/area ipv6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/ipv6 lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.