Skip to content

双栈适配

oilbeater edited this page Jun 27, 2022 · 9 revisions

Wiki 下的中文文档将不在维护,请访问我们最新的中文文档网站,获取最新的文档更新。

Kube-OVN 添加了对双栈功能的支持,可以通过配置子网CIDR来控制双栈地址分配。

1. 前提条件

  1. 为了配置CNI支持双栈,需要K8S开启双栈feature-gates,IPv6DualStack取值设置为true,参考Kubernetes官方指导 dual-stack

  2. 系统需要开启IPv6功能,IPv6使能检查参考准备工作

2. 配置说明

在配置双栈时,只需要设置子网CIDR格式为cidr=<IPv4 CIDR>,<IPv6 CIDR>即可。CIDR顺序要求IPv4在前,IPv6在后。

Example

apiVersion: kubeovn.io/v1
kind: Subnet
metadata: 
  name: ovn-test
spec:
  cidrBlock: 10.16.0.0/16,fd00:10:16::/64
  excludeIps:
  - 10.16.0.1
  - fd00:10:16::1
  gateway: 10.16.0.1,fd00:10:16::1

Subnet字段介绍,可以参考 自定义子网.

使用自定义子网配置双栈,需要指定子网的CIDR格式。如果是使用代码库中的install脚本安装,则只需要指定POD_CIDR和JOIN_CIDR为双栈格式。

  POD_CIDR="10.16.0.0/16,fd00:10:16::/64"                # Do NOT overlap with NODE/SVC/JOIN CIDR
  SVC_CIDR="10.96.0.0/12"                                # Do NOT overlap with NODE/POD/JOIN CIDR
  JOIN_CIDR="100.64.0.0/16,fd00:100:64::/64"             # Do NOT overlap with NODE/POD/SVC CIDR

3. 结果查看

例如配置默认子网为双栈网络,申请地址的Pod可以从该子网分配一个IPv4和一个IPv6地址,分配结果体现在Pod Annotation中。

查看Pod信息

mac@localhost ~ % kubectl get pod kube-ovn-pinger-vk7d6 -n kube-system -o yaml
apiVersion: v1
kind: Pod
metadata:
  annotations:
    ovn.kubernetes.io/allocated: "true"
    ovn.kubernetes.io/cidr: 10.16.0.0/16,fd00:10:16::/64
    ovn.kubernetes.io/gateway: 10.16.0.1,fd00:10:16::1
    ovn.kubernetes.io/ip_address: 10.16.0.9,fd00:10:16::9
    ovn.kubernetes.io/logical_switch: ovn-default
    ovn.kubernetes.io/mac_address: 00:00:00:14:88:09
    ovn.kubernetes.io/network_types: geneve
    ovn.kubernetes.io/routed: "true"
  creationTimestamp: "2020-12-21T07:40:01Z"
...
podIP: 10.16.0.9
  podIPs:
  - ip: 10.16.0.9
  - ip: fd00:10:16::9

4. CRD适配

对于IP和Subnet资源,区分开了IPv4和IPv6地址

mac@localhost ~ % kubectl get ips
NAME                                                         V4IP         V6IP             MAC                 NODE                     SUBNET
coredns-f9fd979d6-9448b.kube-system                          10.16.0.8    fd00:10:16::8    00:00:00:D6:16:9A   kube-ovn-control-plane   ovn-default
coredns-f9fd979d6-smgjt.kube-system                          10.16.0.7    fd00:10:16::7    00:00:00:17:E4:14   kube-ovn-worker          ovn-default
kube-ovn-pinger-25bd9.kube-system                            10.16.0.10   fd00:10:16::a    00:00:00:A6:2C:83   kube-ovn-control-plane   ovn-default
kube-ovn-pinger-vk7d6.kube-system                            10.16.0.9    fd00:10:16::9    00:00:00:14:88:09   kube-ovn-worker          ovn-default
local-path-provisioner-78776bfc44-n9klh.local-path-storage   10.16.0.11   fd00:10:16::b    00:00:00:9F:2C:FB   kube-ovn-worker          ovn-default
node-kube-ovn-control-plane                                  100.64.0.2   fd00:100:64::2   00:00:00:6C:96:3B   kube-ovn-control-plane   join
node-kube-ovn-worker                                         100.64.0.3   fd00:100:64::3   00:00:00:47:B8:A6   kube-ovn-worker          join
mac@localhost ~ %
mac@localhost ~ % kubectl get subnet
NAME          PROVIDER   VPC           PROTOCOL   CIDR                             PRIVATE   NAT     DEFAULT   GATEWAYTYPE   V4USED   V4AVAILABLE   V6USED   V6AVAILABLE
join          ovn        ovn-cluster   Dual       100.64.0.0/16,fd00:100:64::/64   false     false   false                   2        65531         2        1.8446744073709552e+19
ovn-default   ovn        ovn-cluster   Dual       10.16.0.0/16,fd00:10:16::/64     false     true    true      distributed   5        65528         5        1.8446744073709552e+19
mac@localhost ~ %

5. 注意事项

目前K8S官方在 v1.20版本之后支持Service的双栈,Kube-OVN还没有对Service进行双栈适配。

Clone this wiki locally