fix(kuma-cp) use ipv4 when ipv4 and ipv6 are available #1947
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When doing demo, Jakub realised something was wrong and Kuma was not working on Google's GKE with Kubernetes 1.19.9 and `kuma-init` containers injected to demos' services were failing without any logs or errors. Everything was working fine on GKE with Kubernetes 1.18.x though, so we realized containers in the newer versions have attached both, IPv4 and IPv6 IP addresses. After adding `--verbose` flag to `kuma-init` we found the message: ``` ip6tables-restore v1.8.4 (legacy): ip6tables-restore: unable to initialize table 'nat' Error occurred at line: 1 ``` so it reassured me the problem is related to IPv6, when tried to manually play with `ip6tables` it became clear to me that something is wrong with kernel modules related to iptables for ipv6 and then I figured out that GKE is not supporting IPv6 at all, even if network interfaces are receiving IPv6 addresses. Because in our code, if after asking for IP address of network interface, we would receive IPv6 address first, we were assuming we can use IPv6. I rolled back to the solution where we are asking for nic IPv4 addresses and if there is none, but there is an address assigned, we are assumming it has to be IPv6. It means everytime when there will be both - IPv4 and IPv6 available, we will be using IPv4 (unfortunately) Signed-off-by: Bart Smykla <bartek@smykla.com>
|
OK this might be something specific to this particular release of GKE where "GKE is not supporting IPv6 at all, even if network interfaces are receiving IPv6 addresses." |
|
This PR is not relevant anymore, as the issue was "fixed" by: #2051 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
When doing demo, Jakub realized something was wrong and Kuma was
not working on Google's GKE with Kubernetes 1.19.9 and
kuma-initcontainers injected to demos' services were failing without
any logs or errors.
Everything was working fine on GKE with Kubernetes 1.18.x though,
so we realized containers in the newer versions have attached
both, IPv4 and IPv6 IP addresses.
After adding
--verboseflag tokuma-initwe found the message:so it reassured me the problem is related to IPv6, when tried to
manually play with
ip6tablesit became clear to me thatsomething is wrong with kernel modules related to iptables for ipv6
and then I figured out that GKE is not supporting IPv6 at all,
even if network interfaces are receiving IPv6 addresses.
Because in our code, if after asking for IP address of network
interface, we would receive IPv6 address first, we were assuming
we can use IPv6.
I rolled back to the solution where we are asking for nic
IPv4 addresses and if there is none, but there is an address
assigned, we are assuming it has to be IPv6.
It means every time when there will be both - IPv4 and IPv6
available, we will be using IPv4 (unfortunately)