From 48e666a6757ece7d0ede84926221a1d68f82f388 Mon Sep 17 00:00:00 2001 From: Kay Yan Date: Fri, 26 Aug 2022 10:48:04 +0000 Subject: [PATCH] fix-kube-vip-strict-arp --- docs/kube-vip.md | 8 ++++++++ inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml | 2 +- .../kubernetes/control-plane/defaults/main/kube-proxy.yml | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/docs/kube-vip.md b/docs/kube-vip.md index 17e4fb12786..9ba402d1269 100644 --- a/docs/kube-vip.md +++ b/docs/kube-vip.md @@ -2,6 +2,14 @@ kube-vip provides Kubernetes clusters with a virtual IP and load balancer for both the control plane (for building a highly-available cluster) and Kubernetes Services of type LoadBalancer without relying on any external hardware or software. +## Prerequisites + +You have to configure `kube_proxy_strict_arp` when the kube_proxy_mode is `ipvs` and kube-vip ARP is enabled. + +```yaml +kube_proxy_strict_arp: true +``` + ## Install You have to explicitly enable the kube-vip extension: diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml index 271466744d0..5215e1fd91c 100644 --- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml @@ -125,7 +125,7 @@ kube_apiserver_port: 6443 # (https) kube_proxy_mode: ipvs # configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface -# must be set to true for MetalLB to work +# must be set to true for MetalLB, kube-vip(ARP enabled) to work kube_proxy_strict_arp: false # A string slice of values which specify the addresses to use for NodePorts. diff --git a/roles/kubernetes/control-plane/defaults/main/kube-proxy.yml b/roles/kubernetes/control-plane/defaults/main/kube-proxy.yml index 6c3b113a77a..52346fad103 100644 --- a/roles/kubernetes/control-plane/defaults/main/kube-proxy.yml +++ b/roles/kubernetes/control-plane/defaults/main/kube-proxy.yml @@ -77,7 +77,7 @@ kube_proxy_exclude_cidrs: [] kube_proxy_scheduler: rr # configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface -# must be set to true for MetalLB to work +# must be set to true for MetalLB, kube-vip(ARP enabled) to work kube_proxy_strict_arp: false # kube_proxy_tcp_timeout is the timeout value used for idle IPVS TCP sessions.