Calculate ServiceClusterIP and DNS IP from CIDR
Matt Rickard
parent
e2dd95ed39
commit
30667cb406
8
Makefile
8
Makefile
|
|
@ -26,7 +26,7 @@ HYPERKIT_BUILD_IMAGE ?= karalabe/xgo-1.8.3
|
|||
BUILD_IMAGE ?= gcr.io/google_containers/kube-cross:v1.9.1-1
|
||||
ISO_BUILD_IMAGE ?= $(REGISTRY)/buildroot-image
|
||||
|
||||
ISO_VERSION ?= v0.23.6
|
||||
ISO_VERSION ?= v0.23.5
|
||||
ISO_BUCKET ?= minikube/iso
|
||||
|
||||
GOOS ?= $(shell go env GOOS)
|
||||
|
|
@ -256,9 +256,9 @@ endif
|
|||
|
||||
.PHONY: install-hyperkit-driver
|
||||
install-hyperkit-driver: out/docker-machine-driver-hyperkit
|
||||
sudo cp out/docker-machine-driver-hyperkit $(GOBIN)/docker-machine-driver-hyperkit
|
||||
sudo chown root:wheel $(GOBIN)/docker-machine-driver-hyperkit
|
||||
sudo chmod u+s $(GOBIN)/docker-machine-driver-hyperkit
|
||||
sudo cp out/docker-machine-driver-hyperkit $(HOME)/bin/docker-machine-driver-hyperkit
|
||||
sudo chown root:wheel $(HOME)/bin/docker-machine-driver-hyperkit
|
||||
sudo chmod u+s $(HOME)/bin/docker-machine-driver-hyperkit
|
||||
|
||||
.PHONY: check-release
|
||||
check-release:
|
||||
|
|
|
|||
|
|
@ -27,15 +27,11 @@ import (
|
|||
)
|
||||
|
||||
func NewLocalkubeServer() *localkube.LocalkubeServer {
|
||||
// net.ParseCIDR returns multiple values. Use the IPNet return value
|
||||
_, defaultServiceClusterIPRange, _ := net.ParseCIDR(util.DefaultServiceClusterIP + "/24")
|
||||
|
||||
_, defaultServiceCIDR, _ := net.ParseCIDR(util.DefaultServiceCIDR)
|
||||
return &localkube.LocalkubeServer{
|
||||
Containerized: false,
|
||||
DNSDomain: util.DefaultDNSDomain,
|
||||
DNSIP: net.ParseIP(util.DefaultDNSIP),
|
||||
LocalkubeDirectory: util.DefaultLocalkubeDirectory,
|
||||
ServiceClusterIPRange: *defaultServiceClusterIPRange,
|
||||
APIServerAddress: net.ParseIP("0.0.0.0"),
|
||||
APIServerPort: util.APIServerPort,
|
||||
APIServerInsecureAddress: net.ParseIP("127.0.0.1"),
|
||||
|
|
@ -44,6 +40,7 @@ func NewLocalkubeServer() *localkube.LocalkubeServer {
|
|||
ShouldGenerateKubeconfig: false,
|
||||
ShouldGenerateCerts: true,
|
||||
ShowVersion: false,
|
||||
ServiceClusterIPRange: *defaultServiceCIDR,
|
||||
RuntimeConfig: map[string]string{"api/all": "true"},
|
||||
ExtraConfig: util.ExtraOptionSlice{},
|
||||
}
|
||||
|
|
@ -54,7 +51,6 @@ func AddFlags(s *localkube.LocalkubeServer) {
|
|||
flag.BoolVar(&s.Containerized, "containerized", s.Containerized, "If kubelet should run in containerized mode")
|
||||
flag.BoolVar(&s.EnableDNS, "enable-dns", s.EnableDNS, "DEPRECATED: Please run kube-dns as a cluster addon")
|
||||
flag.StringVar(&s.DNSDomain, "dns-domain", s.DNSDomain, "The cluster dns domain")
|
||||
flag.IPVar(&s.DNSIP, "dns-ip", s.DNSIP, "The cluster dns IP")
|
||||
flag.StringVar(&s.LocalkubeDirectory, "localkube-directory", s.LocalkubeDirectory, "The directory localkube will store files in")
|
||||
flag.IPNetVar(&s.ServiceClusterIPRange, "service-cluster-ip-range", s.ServiceClusterIPRange, "The service-cluster-ip-range for the apiserver")
|
||||
flag.IPVar(&s.APIServerAddress, "apiserver-address", s.APIServerAddress, "The address the apiserver will listen securely on")
|
||||
|
|
|
|||
|
|
@ -198,6 +198,7 @@ func runStart(cmd *cobra.Command, args []string) {
|
|||
FeatureGates: viper.GetString(featureGates),
|
||||
ContainerRuntime: viper.GetString(containerRuntime),
|
||||
NetworkPlugin: viper.GetString(networkPlugin),
|
||||
ServiceCIDR: pkgutil.DefaultServiceCIDR,
|
||||
ExtraOptions: extraOptions,
|
||||
ShouldLoadCachedImages: shouldCacheImages,
|
||||
}
|
||||
|
|
@ -364,7 +365,7 @@ func init() {
|
|||
startCmd.Flags().StringArrayVar(&dockerOpt, "docker-opt", nil, "Specify arbitrary flags to pass to the Docker daemon. (format: key=value)")
|
||||
startCmd.Flags().String(apiServerName, constants.APIServerName, "The apiserver name which is used in the generated certificate for localkube/kubernetes. This can be used if you want to make the apiserver available from outside the machine")
|
||||
startCmd.Flags().String(dnsDomain, constants.ClusterDNSDomain, "The cluster dns domain name used in the kubernetes cluster")
|
||||
startCmd.Flags().StringSliceVar(&insecureRegistry, "insecure-registry", []string{pkgutil.DefaultInsecureRegistry}, "Insecure Docker registries to pass to the Docker daemon")
|
||||
startCmd.Flags().StringSliceVar(&insecureRegistry, "insecure-registry", nil, "Insecure Docker registries to pass to the Docker daemon. The default service CIDR range will automatically be added.")
|
||||
startCmd.Flags().StringSliceVar(®istryMirror, "registry-mirror", nil, "Registry mirrors to pass to the Docker daemon")
|
||||
startCmd.Flags().String(kubernetesVersion, constants.DefaultKubernetesVersion, "The kubernetes version that the minikube VM will use (ex: v1.2.3) \n OR a URI which contains a localkube binary (ex: https://storage.googleapis.com/minikube/k8sReleases/v1.3.0/localkube-linux-amd64)")
|
||||
startCmd.Flags().String(containerRuntime, "", "The container runtime to be used")
|
||||
|
|
|
|||
|
|
@ -32,6 +32,10 @@ func StartKubeletServer(lk LocalkubeServer) func() error {
|
|||
if err != nil {
|
||||
return func() error { return err }
|
||||
}
|
||||
dnsIP, err := util.GetDNSIP(lk.ServiceClusterIPRange.String())
|
||||
if err != nil {
|
||||
return func() error { return err }
|
||||
}
|
||||
|
||||
// Master details
|
||||
config.KubeConfig = flag.NewStringFlag(util.DefaultKubeConfigPath)
|
||||
|
|
@ -45,7 +49,7 @@ func StartKubeletServer(lk LocalkubeServer) func() error {
|
|||
|
||||
// Networking
|
||||
config.ClusterDomain = lk.DNSDomain
|
||||
config.ClusterDNS = []string{lk.DNSIP.String()}
|
||||
config.ClusterDNS = []string{dnsIP.String()}
|
||||
// For kubenet plugin.
|
||||
config.PodCIDR = "10.180.1.0/24"
|
||||
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ import (
|
|||
"strconv"
|
||||
|
||||
"github.com/golang/glog"
|
||||
"github.com/pkg/errors"
|
||||
|
||||
utilnet "k8s.io/apimachinery/pkg/util/net"
|
||||
"k8s.io/apiserver/pkg/util/flag"
|
||||
|
|
@ -47,7 +48,6 @@ type LocalkubeServer struct {
|
|||
Containerized bool
|
||||
EnableDNS bool
|
||||
DNSDomain string
|
||||
DNSIP net.IP
|
||||
LocalkubeDirectory string
|
||||
ServiceClusterIPRange net.IPNet
|
||||
APIServerAddress net.IP
|
||||
|
|
@ -263,7 +263,11 @@ func (lk LocalkubeServer) GenerateKubeconfig() error {
|
|||
}
|
||||
|
||||
func (lk LocalkubeServer) getAllIPs() ([]net.IP, error) {
|
||||
ips := []net.IP{net.ParseIP(util.DefaultServiceClusterIP)}
|
||||
serviceIP, err := util.GetServiceClusterIP(lk.ServiceClusterIPRange.String())
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "getting service cluster ip")
|
||||
}
|
||||
ips := []net.IP{serviceIP}
|
||||
addrs, err := net.InterfaceAddrs()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ type KubernetesConfig struct {
|
|||
ContainerRuntime string
|
||||
NetworkPlugin string
|
||||
FeatureGates string
|
||||
ServiceCIDR string
|
||||
ExtraOptions util.ExtraOptionSlice
|
||||
|
||||
ShouldLoadCachedImages bool
|
||||
|
|
|
|||
|
|
@ -38,8 +38,6 @@ var (
|
|||
"ca.crt", "ca.key", "apiserver.crt", "apiserver.key", "proxy-client-ca.crt",
|
||||
"proxy-client-ca.key", "proxy-client.crt", "proxy-client.key",
|
||||
}
|
||||
// This is the internalIP , the API server and other components communicate on.
|
||||
internalIP = net.ParseIP(util.DefaultServiceClusterIP)
|
||||
)
|
||||
|
||||
// SetupCerts gets the generated credentials required to talk to the APIServer.
|
||||
|
|
@ -95,6 +93,11 @@ func SetupCerts(cmd CommandRunner, k8s KubernetesConfig) error {
|
|||
}
|
||||
|
||||
func generateCerts(k8s KubernetesConfig) error {
|
||||
serviceIP, err := util.GetServiceClusterIP(k8s.ServiceCIDR)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "getting service cluster ip")
|
||||
}
|
||||
|
||||
localPath := constants.GetMinipath()
|
||||
|
||||
caCertPath := filepath.Join(localPath, "ca.crt")
|
||||
|
|
@ -142,7 +145,7 @@ func generateCerts(k8s KubernetesConfig) error {
|
|||
certPath: filepath.Join(localPath, "apiserver.crt"),
|
||||
keyPath: filepath.Join(localPath, "apiserver.key"),
|
||||
subject: "minikube",
|
||||
ips: []net.IP{net.ParseIP(k8s.NodeIP), internalIP},
|
||||
ips: []net.IP{net.ParseIP(k8s.NodeIP), serviceIP},
|
||||
alternateNames: util.GetAlternateDNS(k8s.DNSDomain),
|
||||
caCertPath: caCertPath,
|
||||
caKeyPath: caKeyPath,
|
||||
|
|
|
|||
|
|
@ -325,7 +325,7 @@ func generateConfig(k8s bootstrapper.KubernetesConfig) (string, error) {
|
|||
ExtraArgs []ComponentExtraArgs
|
||||
}{
|
||||
CertDir: util.DefaultCertPath,
|
||||
ServiceCIDR: util.DefaultInsecureRegistry,
|
||||
ServiceCIDR: util.DefaultServiceCIDR,
|
||||
AdvertiseAddress: k8s.NodeIP,
|
||||
APIServerPort: util.APIServerPort,
|
||||
KubernetesVersion: k8s.KubernetesVersion,
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ import (
|
|||
|
||||
cfg "k8s.io/minikube/pkg/minikube/config"
|
||||
"k8s.io/minikube/pkg/minikube/constants"
|
||||
pkgutil "k8s.io/minikube/pkg/util"
|
||||
|
||||
"k8s.io/minikube/pkg/util"
|
||||
)
|
||||
|
|
@ -167,7 +168,7 @@ func GetHostDriverIP(api libmachine.API) (net.IP, error) {
|
|||
func engineOptions(config MachineConfig) *engine.Options {
|
||||
o := engine.Options{
|
||||
Env: config.DockerEnv,
|
||||
InsecureRegistry: config.InsecureRegistry,
|
||||
InsecureRegistry: append([]string{pkgutil.DefaultServiceCIDR}, config.InsecureRegistry...),
|
||||
RegistryMirror: config.RegistryMirror,
|
||||
ArbitraryFlags: config.DockerOpt,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,18 +16,44 @@ limitations under the License.
|
|||
|
||||
package util
|
||||
|
||||
import (
|
||||
"net"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// These constants are used by both minikube and localkube
|
||||
const (
|
||||
APIServerPort = 8443
|
||||
DefaultLocalkubeDirectory = "/var/lib/localkube"
|
||||
DefaultCertPath = DefaultLocalkubeDirectory + "/certs/"
|
||||
DefaultKubeConfigPath = DefaultLocalkubeDirectory + "/kubeconfig"
|
||||
DefaultServiceClusterIP = "10.0.0.1"
|
||||
DefaultDNSDomain = "cluster.local"
|
||||
DefaultDNSIP = "10.0.0.10"
|
||||
DefaultInsecureRegistry = "10.0.0.0/24"
|
||||
DefaultServiceCIDR = "10.96.0.0/12"
|
||||
)
|
||||
|
||||
// GetServiceClusterIP returns the first IP of the ServiceCIDR
|
||||
func GetServiceClusterIP(serviceCIDR string) (net.IP, error) {
|
||||
ip, _, err := net.ParseCIDR(serviceCIDR)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "parsing default service cidr")
|
||||
}
|
||||
ip = ip.To4()
|
||||
ip[3]++
|
||||
return ip, nil
|
||||
}
|
||||
|
||||
// GetDNSIP returns x.x.x.10 of the service CIDR
|
||||
func GetDNSIP(serviceCIDR string) (net.IP, error) {
|
||||
ip, _, err := net.ParseCIDR(serviceCIDR)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "parsing default service cidr")
|
||||
}
|
||||
ip = ip.To4()
|
||||
ip[3] = 10
|
||||
return ip, nil
|
||||
}
|
||||
|
||||
func GetAlternateDNS(domain string) []string {
|
||||
return []string{"kubernetes.default.svc." + domain, "kubernetes.default.svc", "kubernetes.default", "kubernetes", "localhost"}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ func testClusterDNS(t *testing.T) {
|
|||
t.Fatalf("running nslookup in pod:%s", err)
|
||||
}
|
||||
dnsOutput := string(dnsByteArr)
|
||||
if !strings.Contains(dnsOutput, "Server") || !strings.Contains(dnsOutput, "Address 1") {
|
||||
t.Errorf("DNS lookup failed, could not find dns server. Output: %s", dnsOutput)
|
||||
if !strings.Contains(dnsOutput, "10.96.0.1") || !strings.Contains(dnsOutput, "10.0.0.10") {
|
||||
t.Errorf("DNS lookup failed, could not find both 10.06.0.1 and 10.96.0.10. Output: %s", dnsOutput)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue