diff --git a/docs/book/src/topics/ipv6.md b/docs/book/src/topics/ipv6.md index 863c6835444..47bf37e0d3d 100644 --- a/docs/book/src/topics/ipv6.md +++ b/docs/book/src/topics/ipv6.md @@ -121,14 +121,6 @@ The reference [ipv6 flavor](https://raw.githubusercontent.com/kubernetes-sigs/cl - Kubernetes version needs to be 1.18+ -- The :53 port needs to be free on the host so coredns can use it. In 18.04, systemd-resolved uses the port :53 on the host and is used by default for DNS. This causes the coredns pods to crash for single stack IPv6 with bind address already in use as coredns pods are run on hostNetwork to leverage the host routes for DNS resolution. This is done by running the following commands in postKubeadmCommands: -```yaml - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved -``` - - The coredns pod needs to run on the host network, so it can leverage host routes for the v4 network to do the DNS resolution. The workaround is to edit the coredns deployment and add `hostNetwork: true`: ```bash kubectl patch deploy/coredns -n kube-system --type=merge -p '{"spec": {"template": {"spec":{"hostNetwork": true}}}}' diff --git a/templates/cluster-template-dual-stack.yaml b/templates/cluster-template-dual-stack.yaml index bb9034fb186..1a76de515da 100644 --- a/templates/cluster-template-dual-stack.yaml +++ b/templates/cluster-template-dual-stack.yaml @@ -124,11 +124,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: [] machineTemplate: infrastructureRef: @@ -236,8 +232,3 @@ spec: azure-container-registry-config: /etc/kubernetes/azure.json cloud-provider: external name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd diff --git a/templates/cluster-template-ipv6.yaml b/templates/cluster-template-ipv6.yaml index 49d0e3837ca..427878470b6 100644 --- a/templates/cluster-template-ipv6.yaml +++ b/templates/cluster-template-ipv6.yaml @@ -129,11 +129,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: [] machineTemplate: infrastructureRef: @@ -252,8 +248,3 @@ spec: cloud-provider: external cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd diff --git a/templates/flavors/dual-stack/machine-deployment.yaml b/templates/flavors/dual-stack/machine-deployment.yaml index 8b03448f8d9..73504b49c72 100644 --- a/templates/flavors/dual-stack/machine-deployment.yaml +++ b/templates/flavors/dual-stack/machine-deployment.yaml @@ -45,11 +45,6 @@ metadata: spec: template: spec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd joinConfiguration: nodeRegistration: name: '{{ ds.meta_data["local_hostname"] }}' diff --git a/templates/flavors/dual-stack/patches/kubeadm-controlplane.yaml b/templates/flavors/dual-stack/patches/kubeadm-controlplane.yaml index 8c71bf6d83a..393e70c0067 100644 --- a/templates/flavors/dual-stack/patches/kubeadm-controlplane.yaml +++ b/templates/flavors/dual-stack/patches/kubeadm-controlplane.yaml @@ -4,11 +4,6 @@ metadata: name: "${CLUSTER_NAME}-control-plane" spec: kubeadmConfigSpec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd initConfiguration: nodeRegistration: name: '{{ ds.meta_data["local_hostname"] }}' diff --git a/templates/flavors/ipv6/machine-deployment.yaml b/templates/flavors/ipv6/machine-deployment.yaml index 3b38e7f61b1..54f08b38675 100644 --- a/templates/flavors/ipv6/machine-deployment.yaml +++ b/templates/flavors/ipv6/machine-deployment.yaml @@ -45,11 +45,6 @@ metadata: spec: template: spec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd joinConfiguration: nodeRegistration: name: '{{ ds.meta_data["local_hostname"] }}' diff --git a/templates/flavors/ipv6/patches/kubeadm-controlplane.yaml b/templates/flavors/ipv6/patches/kubeadm-controlplane.yaml index dff8d9cbb7b..d39888815d5 100644 --- a/templates/flavors/ipv6/patches/kubeadm-controlplane.yaml +++ b/templates/flavors/ipv6/patches/kubeadm-controlplane.yaml @@ -4,11 +4,6 @@ metadata: name: "${CLUSTER_NAME}-control-plane" spec: kubeadmConfigSpec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd initConfiguration: nodeRegistration: name: '{{ ds.meta_data["local_hostname"] }}' diff --git a/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml b/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml index e3fe8921b66..cc2599a1d9a 100644 --- a/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml +++ b/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml @@ -221,11 +221,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: - bash -c /tmp/oot-cred-provider.sh - bash -c /tmp/kubeadm-bootstrap.sh @@ -424,11 +420,6 @@ spec: image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd preKubeadmCommands: - bash -c /tmp/oot-cred-provider.sh - bash -c /tmp/kubeadm-bootstrap.sh diff --git a/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml b/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml index 47db71be8e1..d4bcdb228a2 100644 --- a/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml +++ b/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml @@ -228,11 +228,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: - bash -c /tmp/oot-cred-provider.sh - bash -c /tmp/kubeadm-bootstrap.sh @@ -442,11 +438,6 @@ spec: image-credential-provider-bin-dir: /var/lib/kubelet/credential-provider image-credential-provider-config: /var/lib/kubelet/credential-provider-config.yaml name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd preKubeadmCommands: - bash -c /tmp/oot-cred-provider.sh - bash -c /tmp/kubeadm-bootstrap.sh diff --git a/templates/test/ci/cluster-template-prow-dual-stack.yaml b/templates/test/ci/cluster-template-prow-dual-stack.yaml index a8b281da0da..068f2b618e9 100644 --- a/templates/test/ci/cluster-template-prow-dual-stack.yaml +++ b/templates/test/ci/cluster-template-prow-dual-stack.yaml @@ -129,11 +129,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: [] machineTemplate: infrastructureRef: @@ -247,11 +243,6 @@ spec: azure-container-registry-config: /etc/kubernetes/azure.json cloud-provider: external name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachinePool @@ -319,11 +310,6 @@ spec: cloud-provider: azure cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd --- apiVersion: addons.cluster.x-k8s.io/v1alpha1 kind: HelmChartProxy diff --git a/templates/test/ci/cluster-template-prow-ipv6.yaml b/templates/test/ci/cluster-template-prow-ipv6.yaml index 5333a067798..56be10154e9 100644 --- a/templates/test/ci/cluster-template-prow-ipv6.yaml +++ b/templates/test/ci/cluster-template-prow-ipv6.yaml @@ -136,11 +136,7 @@ spec: mounts: - - LABEL=etcd_disk - /var/lib/etcddisk - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd + postKubeadmCommands: [] preKubeadmCommands: [] machineTemplate: infrastructureRef: @@ -259,11 +255,6 @@ spec: cloud-provider: external cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachinePool @@ -341,11 +332,6 @@ spec: cloud-provider: azure cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd --- apiVersion: addons.cluster.x-k8s.io/v1alpha1 kind: HelmChartProxy diff --git a/templates/test/ci/prow-ci-version-dual-stack/patches/machine-deployment.yaml b/templates/test/ci/prow-ci-version-dual-stack/patches/machine-deployment.yaml index 8a7763b6b76..997bb3f7620 100644 --- a/templates/test/ci/prow-ci-version-dual-stack/patches/machine-deployment.yaml +++ b/templates/test/ci/prow-ci-version-dual-stack/patches/machine-deployment.yaml @@ -7,16 +7,3 @@ spec: template: spec: enableIPForwarding: true ---- -apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 -kind: KubeadmConfigTemplate -metadata: - name: "${CLUSTER_NAME}-md-0" -spec: - template: - spec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd diff --git a/templates/test/ci/prow-ci-version-ipv6/patches/machine-deployment.yaml b/templates/test/ci/prow-ci-version-ipv6/patches/machine-deployment.yaml index 37c7a5463aa..b0bc490a3c5 100644 --- a/templates/test/ci/prow-ci-version-ipv6/patches/machine-deployment.yaml +++ b/templates/test/ci/prow-ci-version-ipv6/patches/machine-deployment.yaml @@ -5,11 +5,6 @@ metadata: spec: template: spec: - postKubeadmCommands: - # This frees up :53 on the host for the coredns pods - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - - systemctl restart systemd-resolved containerd joinConfiguration: nodeRegistration: name: '{{ ds.meta_data["local_hostname"] }}' diff --git a/templates/test/ci/prow-dual-stack/machine-pool-dualstack.yaml b/templates/test/ci/prow-dual-stack/machine-pool-dualstack.yaml index de74108b093..4dbf566e403 100644 --- a/templates/test/ci/prow-dual-stack/machine-pool-dualstack.yaml +++ b/templates/test/ci/prow-dual-stack/machine-pool-dualstack.yaml @@ -64,8 +64,3 @@ spec: cloud-provider: azure cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd diff --git a/templates/test/ci/prow-ipv6/machine-pool-ipv6.yaml b/templates/test/ci/prow-ipv6/machine-pool-ipv6.yaml index d9c8a4b4048..ca2e1d6f510 100644 --- a/templates/test/ci/prow-ipv6/machine-pool-ipv6.yaml +++ b/templates/test/ci/prow-ipv6/machine-pool-ipv6.yaml @@ -74,8 +74,4 @@ spec: cloud-provider: azure cluster-dns: '[fd00::10]' name: '{{ ds.meta_data["local_hostname"] }}' - postKubeadmCommands: - - echo "DNSStubListener=no" >> /etc/systemd/resolved.conf - - mv /etc/resolv.conf /etc/resolv.conf.OLD && ln -s /run/systemd/resolve/resolv.conf - /etc/resolv.conf - - systemctl restart systemd-resolved containerd +