Add dual-stack support on flannel

[manuelbuil]

Signed-off-by: Manuel Buil mbuil@suse.com

Proposed Changes

Add the flannel part of the dual-stack support for k3s. First version

Types of Changes

New Feature

Verification

Deploy k3s with:

write-kubeconfig-mode: 644
token: "secret"
cluster-cidr: 10.42.0.0/16,2001:cafe:42:0::/56
service-cidr: 10.43.0.0/16,2001:cafe:42:1::/112
disable-network-policy: true

And having your main interface with an ipv6 address. Of course your infra must allow ipv6 traffic!

Linked Issues

#1405

User-Facing Change

Further Comments

[codecov-commenter]

Codecov Report

Merging #3906 (9fcd79b) into master (5e0fae9) will decrease coverage by 0.04%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##           master    #3906      +/-   ##
==========================================
- Coverage   11.52%   11.47%   -0.05%     
==========================================
  Files         132      132              
  Lines        8928     8965      +37     
==========================================
  Hits         1029     1029              
- Misses       7673     7710      +37     
  Partials      226      226              

Flag	Coverage Δ
inttests	0.69% <0.00%> (-0.01%)	⬇️
unittests	11.12% <0.00%> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/agent/flannel/flannel.go	0.00% <0.00%> (ø)
pkg/agent/flannel/setup.go	0.00% <0.00%> (ø)
pkg/cli/server/server.go	0.00% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5e0fae9...9fcd79b. Read the comment docs.

[vadorovsky]

First remark - could you please make clear in the PR name that it's only about flannel? I.e. flannel: Add dual-stack support

The current title gives an impression that it's supposed to solve dual-stack in the whole k3s at once, which is not true (there is work in kube-router to be done).

[vadorovsky]

Just two nits lol I'm an idiot, I was commenting code from vendor/ 🤦

[vadorovsky]

LGTM, thanks!

[brandond]

Recent versions of Kubernetes allow you to specify multiple non-overlapping, non-contiguous ipv4/ipv6 ranges. Is it too much work to allow that? We should at least handle it properly.

[manuelbuil]

This is a good point Brad! I wanted to look at this but forgot to do it. I don't think flannel supports multiple ranges but I need to verify this. If it does not, I guess we should fail with an error describing this, right?

[manuelbuil]

After some investigations and questions to sig-network guys, the conclusion is that multiple non-overlapping, non-contiguous ipv4/ipv6 ranges is not supported yet. It's under development kubernetes/enhancements#2593

[brandond]

Interesting, I'll have to dig up the changelog entry I was thinking of. It's possible that one of the cloud providers has added support for this already but the core controller-manager nodeipam does not yet.

[manuelbuil]

I added the link in the comment, so that we don't forget this

[brandond]

Here's what I was thinking of - it appears that this is GKE only and hasn't hit core Kubernetes yet:
https://cloud.google.com/kubernetes-engine/docs/how-to/multi-pod-cidr

[manuelbuil]

I'll add the tests in a different commit but same PR

[brandond]

Now that we have tests in, can we pull out the startup check for --flannel-backend=none when using dual-stack? I'm excited to land this!

[manuelbuil]

Now that we have tests in, can we pull out the startup check for --flannel-backend=none when using dual-stack? I'm excited to land this!

Wait, we have unit tests. I'm working on integration tests. Hopefully done tomorrow

[brandond]

Remove the flannel reference from the error message on the next line too.

[manuelbuil]

good catch!

[manuelbuil]

@dereknola could you check the tests please?

[dereknola]

Tests look good