Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(cilium): k3s has an API server proxy at 127.0.0.1:6444 #442

Merged
merged 1 commit into from
Feb 5, 2024

Conversation

onedr0p
Copy link
Contributor

@onedr0p onedr0p commented Feb 3, 2024

Proposed Changes

There is no need to use kube-vip LB for this Cilium config, k3s has an API server proxy listening in 127.0.0.1:6444 on all nodes in the cluster. I run with this setup in the https://github.com/onedr0p/cluster-template so just sharing some knowledge to here.

Checklist

  • Tested locally
  • Ran site.yml playbook
  • Ran reset.yml playbook
  • Did not add any unnecessary changes
  • Ran pre-commit install at least once before committing
  • 🚀

@onedr0p
Copy link
Contributor Author

onedr0p commented Feb 3, 2024

Pinging @sholdee as you initially PRed this.

@onedr0p
Copy link
Contributor Author

onedr0p commented Feb 4, 2024

Not sure why the ipv6 test is failing...

@sholdee
Copy link
Contributor

sholdee commented Feb 4, 2024

LGTM. CI issue with IPv6 appears unrelated.

@timothystewart6
Copy link
Contributor

timothystewart6 commented Feb 4, 2024

If that's the case, shouldn't we also clean up the references to apiserver_endpoint that were in this PR?

https://github.com/techno-tim/k3s-ansible/pull/435/files

@onedr0p
Copy link
Contributor Author

onedr0p commented Feb 4, 2024

If that's the case, shouldn't we also clean up the references to apiserver_endpoint that were in this PR?

#435 (files)

Kube vip is still needed to provide external access to the Kube API.

@sholdee
Copy link
Contributor

sholdee commented Feb 4, 2024

Essentially, the worker API server proxies are still dependent on registration with the VIP, so we still need to wait for this connectivity to be established before proceeding.

@timothystewart6
Copy link
Contributor

Thank you both! The ipv6 test has always been kind of flaky, I will revisit this at some point

@timothystewart6 timothystewart6 enabled auto-merge (squash) February 5, 2024 04:05
@timothystewart6 timothystewart6 merged commit 1fb10fa into techno-tim:master Feb 5, 2024
9 checks passed
@onedr0p onedr0p deleted the patch-1 branch February 5, 2024 05:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants