Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat change of cluster and service cidr #1080

Merged
merged 2 commits into from
Nov 6, 2023
Merged

Feat change of cluster and service cidr #1080

merged 2 commits into from
Nov 6, 2023

Conversation

tschuering
Copy link
Contributor

@mysticaltech

Problem

You cannot change the cluster_ipv4_cidr and service_ipv4_cidr really. I tested this with Cilium and if changed those values to...

cluster_ipv4_cidr = "10.48.0.0/12"
service_ipv4_cidr = "10.64.0.0/12"

The ClusterIP of "kubernetes" service in default namespace was well referencing to 10.64.0.1 but the rest of the services were still running in 10.43.0.0/16 CIDR. To permanent set those values, you need to make sure that these values are fixed set in the config.yaml of k3s. This was well the case for the initial config create in init.tf for the first control plane node, but not the config update later on all control plane nodes. Also what it is missing for that feature to get really this working is setting the cluster-dns value which defines the IPv4 address of the core-dns service, which is always set fixed by k3s. Here a screenshot which gives you an overview of those values for "k3s server" command:

Bildschirmfoto 2023-11-04 um 06 51 43

Solution and therefore PR

  1. Set cluster-cidr and service-cidr permanent in control_planes.tf
  2. Add new config variable for kube-hetzner called cluster_dns_ipv4 for setting the IPv4 address of the core-dns service, which needs to sit in the service-cidr
  3. Added variable and default value of k3s in variables.tf
  4. Added some explanation in kube.tf.example and also hints that you should never change those values after initialization of a cluster, otherwise this would lead probably to serious consequences. I am not 100% sure about the DNS part, but I guess it is better to let this stay there too.

Proof it works

Bildschirmfoto 2023-11-04 um 07 26 10

@tschuering tschuering changed the base branch from master to staging November 4, 2023 06:47
mysticaltech
mysticaltech approved these changes Nov 5, 2023
View reviewed changes
Copy link
Collaborator

@mysticaltech mysticaltech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, good improvements

@mysticaltech
Copy link
Collaborator

@Silvest89 @M4t7e Could you please validate this too please 🙏

M4t7e
M4t7e approved these changes Nov 5, 2023
View reviewed changes
Copy link
Contributor

@M4t7e M4t7e left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

cluster-cidr and service-cidr should actually be added to control_planes.tf through #902. Thx for fixing that and adding the DNS setting! See also my old comment: #902 (comment)

Silvest89
Silvest89 approved these changes Nov 6, 2023
View reviewed changes
Copy link
Contributor

@Silvest89 Silvest89 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mysticaltech mysticaltech merged commit 6c15d41 into kube-hetzner:staging Nov 6, 2023
5 checks passed
@mysticaltech
Copy link
Collaborator

@tschuering Awesome contributions. Thank you for that. Both PRs have been merged and released in v2.9.2! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mysticaltech mysticaltech mysticaltech approved these changes

@Silvest89 Silvest89 Silvest89 approved these changes

@M4t7e M4t7e M4t7e approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tschuering @mysticaltech @Silvest89 @M4t7e