From f2e1a37cf447ae6ac115757a9626c2825b6ceb91 Mon Sep 17 00:00:00 2001 From: Roberto Bonafiglia Date: Mon, 27 May 2024 10:20:41 +0200 Subject: [PATCH] Added node-public-ip annotation Signed-off-by: Roberto Bonafiglia --- Documentation/kubernetes.md | 5 +++-- pkg/subnet/kube/annotations.go | 4 ++++ pkg/subnet/kube/kube.go | 4 ++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/Documentation/kubernetes.md b/Documentation/kubernetes.md index 62697d4602..fc7e98619f 100644 --- a/Documentation/kubernetes.md +++ b/Documentation/kubernetes.md @@ -31,8 +31,9 @@ If you want to deploy `flannel` securely in a shared namespace or want more fine Other options include [Kyverno](https://kyverno.io/policies/pod-security/) and [OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper). # Annotations -* `flannel.alpha.coreos.com/public-ip`, `flannel.alpha.coreos.com/public-ipv6`: Define the used public IP of the node. If configured when Flannel starts it'll be used as the `public-ip` and `public-ipv6` flag. -* `flannel.alpha.coreos.com/public-ip-overwrite`, `flannel.alpha.coreos.com/public-ipv6-overwrite`: Allows to overwrite the public IP of a node. Useful if the public IP can not determined from the node, e.G. because it is behind a NAT. It can be automatically set to a nodes `ExternalIP` using the [flannel-node-annotator](https://github.com/alvaroaleman/flannel-node-annotator). +Additional annotations can be configured on a specific node as parameters used when Flannel starts on that specific node +* `flannel.alpha.coreos.com/node-public-ip`, `flannel.alpha.coreos.com/node-public-ipv6`: Define the used IP of the node in case the node has multiple interface it selects the interface with the configured IP for the backend tunnel. If configured when Flannel starts it'll be used as the `public-ip` and `public-ipv6` flag. +* `flannel.alpha.coreos.com/public-ip-overwrite`, `flannel.alpha.coreos.com/public-ipv6-overwrite`: Allows to overwrite the public IP of a node that IP can be not configured on the node. Useful if the public IP can not determined from the node, e.G. because it is behind a NAT and the other nodes need to use it to create the tunnel. It can be automatically set to a nodes `ExternalIP` using the [flannel-node-annotator](https://github.com/alvaroaleman/flannel-node-annotator). See also the "NAT" section in [troubleshooting](./troubleshooting.md) if UDP checksums seem corrupted. ## Older versions of Kubernetes diff --git a/pkg/subnet/kube/annotations.go b/pkg/subnet/kube/annotations.go index dfe5fc09cf..83c6c8616e 100644 --- a/pkg/subnet/kube/annotations.go +++ b/pkg/subnet/kube/annotations.go @@ -27,6 +27,8 @@ type annotations struct { BackendType string BackendPublicIP string BackendPublicIPv6 string + BackendNodePublicIP string + BackendNodePublicIPv6 string BackendPublicIPOverwrite string BackendPublicIPv6Overwrite string } @@ -63,8 +65,10 @@ func newAnnotations(prefix string) (annotations, error) { BackendV6Data: prefix + "backend-v6-data", BackendType: prefix + "backend-type", BackendPublicIP: prefix + "public-ip", + BackendNodePublicIP: prefix + "node-public-ip", BackendPublicIPOverwrite: prefix + "public-ip-overwrite", BackendPublicIPv6: prefix + "public-ipv6", + BackendNodePublicIPv6: prefix + "node-public-ipv6", BackendPublicIPv6Overwrite: prefix + "public-ipv6-overwrite", } diff --git a/pkg/subnet/kube/kube.go b/pkg/subnet/kube/kube.go index f1dbcda6e5..ee120bcd77 100644 --- a/pkg/subnet/kube/kube.go +++ b/pkg/subnet/kube/kube.go @@ -653,8 +653,8 @@ func (ksm *kubeSubnetManager) GetStoredPublicIP(ctx context.Context) (string, st if node != nil && node.Annotations != nil { log.Infof("List of node(%s) annotations: %#+v", ksm.nodeName, node.Annotations) - publicIP := node.Annotations[ksm.annotations.BackendPublicIP] - publicIPv6 := node.Annotations[ksm.annotations.BackendPublicIPv6] + publicIP := node.Annotations[ksm.annotations.BackendNodePublicIP] + publicIPv6 := node.Annotations[ksm.annotations.BackendNodePublicIPv6] return publicIP, publicIPv6 }