Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release-1.27] - Agent node IP not replaced with Tailscale VPN IP #10140

Closed
manuelbuil opened this issue May 23, 2024 · 1 comment
Closed

[Release-1.27] - Agent node IP not replaced with Tailscale VPN IP #10140

manuelbuil opened this issue May 23, 2024 · 1 comment
Assignees
@VestigeJ @manuelbuil
Labels
kind/backport
Milestone
v1.27.15+k3s1

Comments

@manuelbuil
Copy link
Contributor

Backport fix for Agent node IP not replaced with Tailscale VPN IP
@manuelbuil manuelbuil self-assigned this May 23, 2024
@manuelbuil manuelbuil mentioned this issue May 23, 2024
Merged
@manuelbuil manuelbuil added this to the v1.27.15+k3s1 milestone May 23, 2024
@VestigeJ
Copy link

##Environment Details
Reproduced using VERSION=v1.27.14+k3s1
Validated using COMMIT=331ce7066667f650b3563de5ba1b1f363d00d68d

Infrastructure

  • Cloud

Node(s) CPU architecture, OS, and version:

Linux 5.14.21-150500.53-default x86_64 GNU/Linux
PRETTY_NAME="SUSE Linux Enterprise Server 15 SP5"

Config.yaml:

node-external-ip: 1.11.111.31
server: https://1.1.1.71:6443
token: YOUR_TOKEN_HERE
vpn-auth-file: /etc/rancher/k3s/vpn

Reproduction

$ curl https://get.k3s.io --output install-"k3s".sh
$ sudo chmod +x install-"k3s".sh
$ sudo groupadd --system etcd && sudo useradd -s /sbin/nologin --system -g etcd etcd
$ sudo modprobe ip_vs_rr
$ sudo modprobe ip_vs_wrr
$ sudo modprobe ip_vs_sh
$ sudo printf "on_oovm.panic_on_oom=0 \nvm.overcommit_memory=1 \nkernel.panic=10 \nkernel.panic_ps=1 \nkernel.panic_on_oops=1 \n" > ~/90-kubelet.conf
$ sudo cp 90-kubelet.conf /etc/sysctl.d/
$ sudo systemctl restart systemd-sysctl
$ get_tailscale //function posted below
$ sudo mkdir -p /etc/rancher/k3s/
$ sudo vim /etc/rancher/k3s/vpn
$ COMMIT=331ce7066667f650b3563de5ba1b1f363d00d68d
$ sudo INSTALL_K3S_COMMIT=$COMMIT INSTALL_K3S_EXEC=agent ./install-k3s.sh

Results:

Two identically configured agents join the primary node and you can see the difference in behavor in the output.
$ kgn

NAME               STATUS   ROLES                       AGE    VERSION                 INTERNAL-IP      EXTERNAL-IP      OS-IMAGE                              KERNEL-VERSION              CONTAINER-RUNTIME
ip-1-1-1-21        Ready    <none>                      38s    v1.27.14+k3s1           1.1.1.21         1.11.111.21     SUSE Linux Enterprise Server 15 SP5   5.14.21-150500.53-default   containerd://1.7.15-k3s1.27
ip-1-1-1-71        Ready    control-plane,etcd,master   101s   v1.27.14+k3s1           100.77.213.109   1.11.111.71     SUSE Linux Enterprise Server 15 SP5   5.14.21-150500.53-default   containerd://1.7.15-k3s1.27
ip-1-1-1-31        Ready    <none>                      20s    v1.27.14+k3s-331ce706   100.86.92.4      1.11.111.31     SUSE Linux Enterprise Server 15 SP5   5.14.21-150500.53-default   containerd://1.7.15-k3s1.27

get_tailscale() {
    curl -fsSL https://tailscale.com/install.sh -o install-ts.sh
    chmod +x install-ts.sh
    sudo ./install-ts.sh
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VestigeJ VestigeJ

@manuelbuil manuelbuil

Labels
kind/backport
Projects
K3s Development
Status: Done Issue
Milestone
v1.27.15+k3s1
Development

No branches or pull requests
2 participants
@VestigeJ @manuelbuil