-
Notifications
You must be signed in to change notification settings - Fork 454
双栈适配
oilbeater edited this page Jun 27, 2022
·
9 revisions
Wiki 下的中文文档将不在维护,请访问我们最新的中文文档网站,获取最新的文档更新。
Kube-OVN 添加了对双栈功能的支持,可以通过配置子网CIDR来控制双栈地址分配。
-
为了配置CNI支持双栈,需要K8S开启双栈feature-gates,IPv6DualStack取值设置为true,参考Kubernetes官方指导 dual-stack
-
系统需要开启IPv6功能,IPv6使能检查参考准备工作
在配置双栈时,只需要设置子网CIDR格式为cidr=<IPv4 CIDR>,<IPv6 CIDR>
即可。CIDR顺序要求IPv4在前,IPv6在后。
apiVersion: kubeovn.io/v1
kind: Subnet
metadata:
name: ovn-test
spec:
cidrBlock: 10.16.0.0/16,fd00:10:16::/64
excludeIps:
- 10.16.0.1
- fd00:10:16::1
gateway: 10.16.0.1,fd00:10:16::1
Subnet字段介绍,可以参考 自定义子网.
使用自定义子网配置双栈,需要指定子网的CIDR格式。如果是使用代码库中的install脚本安装,则只需要指定POD_CIDR和JOIN_CIDR为双栈格式。
POD_CIDR="10.16.0.0/16,fd00:10:16::/64" # Do NOT overlap with NODE/SVC/JOIN CIDR
SVC_CIDR="10.96.0.0/12" # Do NOT overlap with NODE/POD/JOIN CIDR
JOIN_CIDR="100.64.0.0/16,fd00:100:64::/64" # Do NOT overlap with NODE/POD/SVC CIDR
例如配置默认子网为双栈网络,申请地址的Pod可以从该子网分配一个IPv4和一个IPv6地址,分配结果体现在Pod Annotation中。
查看Pod信息
mac@localhost ~ % kubectl get pod kube-ovn-pinger-vk7d6 -n kube-system -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
ovn.kubernetes.io/allocated: "true"
ovn.kubernetes.io/cidr: 10.16.0.0/16,fd00:10:16::/64
ovn.kubernetes.io/gateway: 10.16.0.1,fd00:10:16::1
ovn.kubernetes.io/ip_address: 10.16.0.9,fd00:10:16::9
ovn.kubernetes.io/logical_switch: ovn-default
ovn.kubernetes.io/mac_address: 00:00:00:14:88:09
ovn.kubernetes.io/network_types: geneve
ovn.kubernetes.io/routed: "true"
creationTimestamp: "2020-12-21T07:40:01Z"
...
podIP: 10.16.0.9
podIPs:
- ip: 10.16.0.9
- ip: fd00:10:16::9
对于IP和Subnet资源,区分开了IPv4和IPv6地址
mac@localhost ~ % kubectl get ips
NAME V4IP V6IP MAC NODE SUBNET
coredns-f9fd979d6-9448b.kube-system 10.16.0.8 fd00:10:16::8 00:00:00:D6:16:9A kube-ovn-control-plane ovn-default
coredns-f9fd979d6-smgjt.kube-system 10.16.0.7 fd00:10:16::7 00:00:00:17:E4:14 kube-ovn-worker ovn-default
kube-ovn-pinger-25bd9.kube-system 10.16.0.10 fd00:10:16::a 00:00:00:A6:2C:83 kube-ovn-control-plane ovn-default
kube-ovn-pinger-vk7d6.kube-system 10.16.0.9 fd00:10:16::9 00:00:00:14:88:09 kube-ovn-worker ovn-default
local-path-provisioner-78776bfc44-n9klh.local-path-storage 10.16.0.11 fd00:10:16::b 00:00:00:9F:2C:FB kube-ovn-worker ovn-default
node-kube-ovn-control-plane 100.64.0.2 fd00:100:64::2 00:00:00:6C:96:3B kube-ovn-control-plane join
node-kube-ovn-worker 100.64.0.3 fd00:100:64::3 00:00:00:47:B8:A6 kube-ovn-worker join
mac@localhost ~ %
mac@localhost ~ % kubectl get subnet
NAME PROVIDER VPC PROTOCOL CIDR PRIVATE NAT DEFAULT GATEWAYTYPE V4USED V4AVAILABLE V6USED V6AVAILABLE
join ovn ovn-cluster Dual 100.64.0.0/16,fd00:100:64::/64 false false false 2 65531 2 1.8446744073709552e+19
ovn-default ovn ovn-cluster Dual 10.16.0.0/16,fd00:10:16::/64 false true true distributed 5 65528 5 1.8446744073709552e+19
mac@localhost ~ %
目前K8S官方在 v1.20版本之后支持Service的双栈,Kube-OVN还没有对Service进行双栈适配。