Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

etcd component does not support IPv6 only addresses #5180

Open
4 tasks done
rnalrd opened this issue Nov 5, 2024 · 2 comments · May be fixed by #5181
Open
4 tasks done

etcd component does not support IPv6 only addresses #5180

rnalrd opened this issue Nov 5, 2024 · 2 comments · May be fixed by #5181
Assignees
@ncopa
Labels
bug Something isn't working
Milestone
1.32

Comments

@rnalrd
Copy link

rnalrd commented Nov 5, 2024

Before creating an issue, make sure you've checked the following:

  • You are running the latest released version of k0s
  • Make sure you've searched for existing issues, both open and closed
  • Make sure you've searched for PRs too, a fix might've been merged already
  • You're looking at docs for the released version, "main" branch docs are usually ahead of released versions.

Platform

Linux 6.6.59-0-virt #1-Alpine SMP PREEMPT_DYNAMIC 2024-11-04 07:38:04 x86_64 Linux
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.20.3
PRETTY_NAME="Alpine Linux v3.20"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"

Version

v1.31.2+k0s.0

Sysinfo

`k0s sysinfo` 
Total memory: 7.8 GiB (pass)
File system of /var/lib/k0s: ext4 (pass)
Disk space available for /var/lib/k0s: 26.3 GiB (pass)
Relative disk space available for /var/lib/k0s: 92% (pass)
Name resolution: localhost: [::1 127.0.0.1] (pass)
Operating system: Linux (pass)
  Linux kernel release: 6.6.59-0-virt (pass)
  Max. file descriptors per process: current: 4096 / max: 4096 (warning: < 65536)
  AppArmor: unavailable (pass)
  Executable in PATH: modprobe: /sbin/modprobe (pass)
  Executable in PATH: mount: /bin/mount (pass)
  Executable in PATH: umount: /bin/umount (pass)
  /proc file system: mounted (0x9fa0) (pass)
  Control Groups: version 2 (pass)
    cgroup controller "cpu": available (is a listed root controller) (pass)
    cgroup controller "cpuacct": available (via cpu in version 2) (pass)
    cgroup controller "cpuset": available (is a listed root controller) (pass)
    cgroup controller "memory": available (is a listed root controller) (pass)
    cgroup controller "devices": available (device filters attachable) (pass)
    cgroup controller "freezer": available (cgroup.freeze exists) (pass)
    cgroup controller "pids": available (is a listed root controller) (pass)
    cgroup controller "hugetlb": available (is a listed root controller) (pass)
    cgroup controller "blkio": available (via io in version 2) (pass)
  CONFIG_CGROUPS: Control Group support: built-in (pass)
    CONFIG_CGROUP_FREEZER: Freezer cgroup subsystem: built-in (pass)
    CONFIG_CGROUP_PIDS: PIDs cgroup subsystem: built-in (pass)
    CONFIG_CGROUP_DEVICE: Device controller for cgroups: built-in (pass)
    CONFIG_CPUSETS: Cpuset support: built-in (pass)
    CONFIG_CGROUP_CPUACCT: Simple CPU accounting cgroup subsystem: built-in (pass)
    CONFIG_MEMCG: Memory Resource Controller for Control Groups: built-in (pass)
    CONFIG_CGROUP_HUGETLB: HugeTLB Resource Controller for Control Groups: built-in (pass)
    CONFIG_CGROUP_SCHED: Group CPU scheduler: built-in (pass)
      CONFIG_FAIR_GROUP_SCHED: Group scheduling for SCHED_OTHER: built-in (pass)
        CONFIG_CFS_BANDWIDTH: CPU bandwidth provisioning for FAIR_GROUP_SCHED: built-in (pass)
    CONFIG_BLK_CGROUP: Block IO controller: built-in (pass)
  CONFIG_NAMESPACES: Namespaces support: built-in (pass)
    CONFIG_UTS_NS: UTS namespace: built-in (pass)
    CONFIG_IPC_NS: IPC namespace: built-in (pass)
    CONFIG_PID_NS: PID namespace: built-in (pass)
    CONFIG_NET_NS: Network namespace: built-in (pass)
  CONFIG_NET: Networking support: built-in (pass)
    CONFIG_INET: TCP/IP networking: built-in (pass)
      CONFIG_IPV6: The IPv6 protocol: built-in (pass)
    CONFIG_NETFILTER: Network packet filtering framework (Netfilter): built-in (pass)
      CONFIG_NETFILTER_ADVANCED: Advanced netfilter configuration: built-in (pass)
      CONFIG_NF_CONNTRACK: Netfilter connection tracking support: module (pass)
      CONFIG_NETFILTER_XTABLES: Netfilter Xtables support: module (pass)
        CONFIG_NETFILTER_XT_TARGET_REDIRECT: REDIRECT target support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_COMMENT: "comment" match support: module (pass)
        CONFIG_NETFILTER_XT_MARK: nfmark target and match support: module (pass)
        CONFIG_NETFILTER_XT_SET: set target and match support: module (pass)
        CONFIG_NETFILTER_XT_TARGET_MASQUERADE: MASQUERADE target support: module (pass)
        CONFIG_NETFILTER_XT_NAT: "SNAT and DNAT" targets support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: "addrtype" address type match support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_CONNTRACK: "conntrack" connection tracking match support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_MULTIPORT: "multiport" Multiple port match support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_RECENT: "recent" match support: module (pass)
        CONFIG_NETFILTER_XT_MATCH_STATISTIC: "statistic" match support: module (pass)
      CONFIG_NETFILTER_NETLINK: module (pass)
      CONFIG_NF_NAT: module (pass)
      CONFIG_IP_SET: IP set support: module (pass)
        CONFIG_IP_SET_HASH_IP: hash:ip set support: module (pass)
        CONFIG_IP_SET_HASH_NET: hash:net set support: module (pass)
      CONFIG_IP_VS: IP virtual server support: module (pass)
        CONFIG_IP_VS_NFCT: Netfilter connection tracking: built-in (pass)
        CONFIG_IP_VS_SH: Source hashing scheduling: module (pass)
        CONFIG_IP_VS_RR: Round-robin scheduling: module (pass)
        CONFIG_IP_VS_WRR: Weighted round-robin scheduling: module (pass)
      CONFIG_NF_CONNTRACK_IPV4: IPv4 connetion tracking support (required for NAT): unknown (warning)
      CONFIG_NF_REJECT_IPV4: IPv4 packet rejection: module (pass)
      CONFIG_NF_NAT_IPV4: IPv4 NAT: unknown (warning)
      CONFIG_IP_NF_IPTABLES: IP tables support: module (pass)
        CONFIG_IP_NF_FILTER: Packet filtering: module (pass)
          CONFIG_IP_NF_TARGET_REJECT: REJECT target support: module (pass)
        CONFIG_IP_NF_NAT: iptables NAT support: module (pass)
        CONFIG_IP_NF_MANGLE: Packet mangling: module (pass)
      CONFIG_NF_DEFRAG_IPV4: module (pass)
      CONFIG_NF_CONNTRACK_IPV6: IPv6 connetion tracking support (required for NAT): unknown (warning)
      CONFIG_NF_NAT_IPV6: IPv6 NAT: unknown (warning)
      CONFIG_IP6_NF_IPTABLES: IP6 tables support: module (pass)
        CONFIG_IP6_NF_FILTER: Packet filtering: module (pass)
        CONFIG_IP6_NF_MANGLE: Packet mangling: module (pass)
        CONFIG_IP6_NF_NAT: ip6tables NAT support: module (pass)
      CONFIG_NF_DEFRAG_IPV6: module (pass)
    CONFIG_BRIDGE: 802.1d Ethernet Bridging: module (pass)
      CONFIG_LLC: module (pass)
      CONFIG_STP: module (pass)
  CONFIG_EXT4_FS: The Extended 4 (ext4) filesystem: module (pass)
  CONFIG_PROC_FS: /proc file system support: built-in (pass)

What happened?

etcd does not start because IPv6 address is not enclosed in square brackets

Steps to reproduce

  1. Cluster deployment file template my.yaml
apiVersion: k0sctl.k0sproject.io/v1beta1
kind: Cluster
metadata:
  name: k0s-demo
spec:
  hosts:
  - role: controller
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::1
      user: root
      keyPath: ~/.ssh/id_ed25519

  - role: controller
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::2
      user: root
      keyPath: ~/.ssh/id_ed25519

  - role: controller
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::3
      user: root
      keyPath: ~/.ssh/id_ed25519

  - role: worker
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::4
      user: root
      keyPath: ~/.ssh/id_ed25519
    files:
      - src: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
        dstDir: /var/lib/k0s/images/
        perm: 0600
  - role: worker
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::5
      user: root
      keyPath: ~/.ssh/id_ed25519
    files:
      - src: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
        dstDir: /var/lib/k0s/images/
        perm: 0600

  - role: worker
    k0sDownloadURL: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
    openSSH:
      address: aaa:bbb:301:102:c85d::6
      user: root
      keyPath: ~/.ssh/id_ed25519
    files:
      - src: https://myhost.mydomain.com/k0s-v1.31.2+k0s.0-amd64
        dstDir: /var/lib/k0s/images/
        perm: 0600
  k0s:
    dynamicConfig: true
    config:
      spec:
        telemetry:
          enabled: false
        network:
          provider: calico
          calico:
            mode: "bird"
          dualStack:
            enabled: true
            IPv6podCIDR: "fd00::/108"
            IPv6serviceCIDR: "fd01::/108"
          podCIDR: 172.20.0.0/16
          serviceCIDR: 172.21.0.0/16
          nodeLocalLoadBalancing:
            enabled: true
            type: EnvoyProxy
  1. Deploy cluster with k0sctl apply -f my.yaml

Expected behavior

Cluster up and running

Actual behavior

Cluster installation fails on all nodes

Screenshots and logs

Output of k0sctl apply command:

INFO ==> Running phase: Initialize the k0s cluster 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::1: installing k0s controller 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::1: waiting for the k0s service to start 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::1: waiting for kubernetes api to respond 
INFO * Running clean-up for phase: Acquire exclusive host lock 
INFO * Running clean-up for phase: Install k0s binaries on hosts 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::6: cleaning up k0s binary tempfile 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::3: cleaning up k0s binary tempfile 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::1: cleaning up k0s binary tempfile 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::2: cleaning up k0s binary tempfile 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::5: cleaning up k0s binary tempfile 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::4: cleaning up k0s binary tempfile 
INFO * Running clean-up for phase: Initialize the k0s cluster 
INFO [OpenSSH] root@aaa:bbb:301:102:c85d::1: cleaning up 
INFO ==> Apply failed                    
FATA apply failed - log file saved to /home/myuser/.cache/k0sctl/k0sctl.log: context deadline exceeded
command failed: client exec: command failed: command wait: exit status 7

Excerpt of /var/log/k0s.log from one of the nodes:

time="2024-11-05 12:49:05" level=info msg="Restarted (13)" component=etcd
time="2024-11-05 12:49:05" level=info msg="invalid value \"https://aaa:bbb:301:102:c85d::1:2380\" for flag -listen-peer-urls: URL address does not have the form \"host:port\": https://aaa:bbb:301:102:c85d::1:2380" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="Usage:" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd [flags]" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Start an etcd server." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd --version" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Show the version of etcd." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd -h | --help" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Show the help information about etcd." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd --config-file" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Path to the server configuration file. Note that if a configuration file is provided, other command line flags and environment variables will be ignored." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd gateway" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Run the stateless pass-through etcd TCP connection forwarding proxy." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="  etcd grpc-proxy" component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info msg="    Run the stateless etcd v3 gRPC L7 reverse proxy." component=etcd stream=stderr
time="2024-11-05 12:49:05" level=info component=etcd stream=stderr

Additional context

No response
@rnalrd rnalrd added the bug Something isn't working label Nov 5, 2024
@ncopa ncopa self-assigned this Nov 5, 2024
@ncopa ncopa added this to the 1.32 milestone Nov 5, 2024
@ncopa
Copy link
Collaborator

ncopa commented Nov 5, 2024

I think k0s technically only support dual stack (ipv4+ipv6), but this seems like relatively easy to fix.

@jnummelin
Copy link
Member

I think k0s technically only support dual stack (ipv4+ipv6)

That's more for the cluster networking (CNI etc.) which etcd is not really part of. So I do not see any issue supporting ipv6 on etcd parts.

@ncopa ncopa linked a pull request Nov 5, 2024 that will close this issue
Open
16 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ncopa ncopa

Labels
bug Something isn't working
Projects
None yet
Milestone
1.32
Development

Successfully merging a pull request may close this issue.

Fix etcd peer URL to support ipv6 ncopa/k0s
3 participants
@ncopa @rnalrd @jnummelin