networking-default-config

Signed-off-by: Daman Arora <aroradaman@gmail.com>
kubernetes-sigs · Jul 14, 2023 · decbc46 · decbc46
1 parent 3610f60
commit decbc46
Show file tree

Hide file tree

Showing 3 changed files with 71 additions and 31 deletions.
diff --git a/pkg/apis/config/defaults/networking.go b/pkg/apis/config/defaults/networking.go
@@ -0,0 +1,49 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package defaults contains cross-api-version configuration defaults
+package defaults
+
+// APIServerAddressIPv4 is the default IPv4 address for the Networking.APIServerAddress field
+const APIServerAddressIPv4 = "127.0.0.1"
+
+// APIServerAddressIPv6 is the default IPv6 address for the Networking.APIServerAddress field
+const APIServerAddressIPv6 = "::1"
+
+// PodSubnetIPv4 is the default IPv4 subnet for the Networking.PodSubnet field
+const PodSubnetIPv4 = "10.244.0.0/16"
+
+// node-mask cidr default is /64, so we need a larger subnet, we use /56 following best practices
+// xref: https://www.ripe.net/publications/docs/ripe-690#4--size-of-end-user-prefix-assignment---48---56-or-something-else-
+
+// PodSubnetIPv6 is the default IPv6 subnet for the Networking.PodSubnet field
+const PodSubnetIPv6 = "fd00:10:244::/56"
+
+// PodSubnetDualStack is the default DualStack subnet for the Networking.ServiceSubnet field
+const PodSubnetDualStack = "10.244.0.0/16,fd00:10:244::/56"
+
+// https://github.com/kubernetes/kubernetes/blob/746404f82a28e55e0b76ffa7e40306fb88eb3317/cmd/kubeadm/app/apis/kubeadm/v1beta2/defaults.go#L32
+// Note: kubeadm is using a /12 subnet, that may allocate a 2^20 bitmap in etcd
+// we allocate a /16 subnet that allows 65535 services (current Kubernetes tested limit is O(10k) services)
+
+// ServiceSubnetIPv4 is the default IPv4 subnet for the Networking.ServiceSubnet field
+const ServiceSubnetIPv4 = "10.96.0.0/16"
+
+// ServiceSubnetIPv6 is the default IPv6 subnet for the Networking.PodSubnet field
+const ServiceSubnetIPv6 = "fd00:10:96::/112"
+
+// ServiceSubnetDualStack is the default DualStack subnet for the Networking.ServiceSubnet field
+const ServiceSubnetDualStack = "10.96.0.0/16,fd00:10:96::/112"
diff --git a/pkg/apis/config/v1alpha4/default.go b/pkg/apis/config/v1alpha4/default.go
@@ -39,39 +39,35 @@ func SetDefaultsCluster(obj *Cluster) {
 	if obj.Networking.IPFamily == "" {
 		obj.Networking.IPFamily = IPv4Family
 	}
-	// default to listening on 127.0.0.1:randomPort on ipv4
-	// and [::1]:randomPort on ipv6
+	// default the API server address
 	if obj.Networking.APIServerAddress == "" {
-		obj.Networking.APIServerAddress = "127.0.0.1"
+		obj.Networking.APIServerAddress = defaults.APIServerAddressIPv4
 		if obj.Networking.IPFamily == IPv6Family {
-			obj.Networking.APIServerAddress = "::1"
+			obj.Networking.APIServerAddress = defaults.APIServerAddressIPv6
 		}
 	}
+
 	// default the pod CIDR
 	if obj.Networking.PodSubnet == "" {
-		obj.Networking.PodSubnet = "10.244.0.0/16"
+		obj.Networking.PodSubnet = defaults.PodSubnetIPv4
 		if obj.Networking.IPFamily == IPv6Family {
-			// node-mask cidr default is /64 so we need a larger subnet, we use /56 following best practices
-			// xref: https://www.ripe.net/publications/docs/ripe-690#4--size-of-end-user-prefix-assignment---48---56-or-something-else-
-			obj.Networking.PodSubnet = "fd00:10:244::/56"
+			obj.Networking.PodSubnet = defaults.PodSubnetIPv6
 		}
 		if obj.Networking.IPFamily == DualStackFamily {
-			obj.Networking.PodSubnet = "10.244.0.0/16,fd00:10:244::/56"
+			obj.Networking.PodSubnet = defaults.PodSubnetDualStack
 		}
 	}
 	// default the service CIDR using a different subnet than kubeadm default
-	// https://github.com/kubernetes/kubernetes/blob/746404f82a28e55e0b76ffa7e40306fb88eb3317/cmd/kubeadm/app/apis/kubeadm/v1beta2/defaults.go#L32
-	// Note: kubeadm is using a /12 subnet, that may allocate a 2^20 bitmap in etcd
-	// we allocate a /16 subnet that allows 65535 services (current Kubernetes tested limit is O(10k) services)
 	if obj.Networking.ServiceSubnet == "" {
-		obj.Networking.ServiceSubnet = "10.96.0.0/16"
+		obj.Networking.ServiceSubnet = defaults.ServiceSubnetIPv4
 		if obj.Networking.IPFamily == IPv6Family {
-			obj.Networking.ServiceSubnet = "fd00:10:96::/112"
+			obj.Networking.ServiceSubnet = defaults.ServiceSubnetIPv6
 		}
 		if obj.Networking.IPFamily == DualStackFamily {
-			obj.Networking.ServiceSubnet = "10.96.0.0/16,fd00:10:96::/112"
+			obj.Networking.ServiceSubnet = defaults.ServiceSubnetDualStack
 		}
 	}
+
 	// default the KubeProxyMode using iptables as it's already the default
 	if obj.Networking.KubeProxyMode == "" {
 		obj.Networking.KubeProxyMode = IPTablesProxyMode

diff --git a/pkg/internal/apis/config/default.go b/pkg/internal/apis/config/default.go