Do not set --hostname-override on kube-proxy when joining a cluster #4360
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
neoaggelos
added a commit
that referenced
this pull request
Jan 12, 2024
shayancanonical
pushed a commit
to canonical/mysql-router-k8s-operator
that referenced
this pull request
Aug 30, 2024
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [canonical/microk8s](https://github.com/canonical/microk8s) | minor | `1.28` -> `1.31` | --- ### Release Notes <details> <summary>canonical/microk8s (canonical/microk8s)</summary> ### [`v1.31`](https://github.com/canonical/microk8s/releases/tag/v1.31): MicroK8s 1.31 released! [Compare Source](https://github.com/canonical/microk8s/compare/v1.30...v1.31) #### In this release ##### Kubernetes 1.31 Read more at https://kubernetes.io/blog/2024/08/13/kubernetes-v1-31-release/ ##### Dqlite efficiency We spent a lot of effort in improving the efficiency of the default datastore, [dqlite](https://github.com/canonical/k8s-dqlite). You will find improvements in the performance of concurrent queries and open telemetry integration. ##### Important updates - helm upgrade to v3.14.4 - cert-manager to v1.14.5 - cilium to v1.15.2 - gopaddle to v5.0 - falco to v4.5.1 - cloudnative pg to v1.23.3 ##### Many thanks to our contributors - [@​TecIntelli](https://github.com/TecIntelli) - [@​jasonumiker](https://github.com/jasonumiker) - [@​Gayathri-Bluemeric](https://github.com/Gayathri-Bluemeric) - [@​DLDClodio](https://github.com/DLDClodio) - [@​stalb](https://github.com/stalb) - [@​alphayax](https://github.com/alphayax) - [@​o0th](https://github.com/o0th) - [@​ShrishtiKarkera](https://github.com/ShrishtiKarkera) ### [`v1.30`](https://github.com/canonical/microk8s/releases/tag/v1.30): MicroK8s 1.30 released! [Compare Source](https://github.com/canonical/microk8s/compare/v1.29...v1.30) #### Featured in this release ##### Kubernetes 1.30 obviously Read more at https://kubernetes.io/blog/2024/04/17/kubernetes-v1-30-release/ ##### Dqlite stability With the help of [@​miro-balaz](https://github.com/miro-balaz) we identified and patched a few issued that improve the reliability of our default datastore in resource limiting environments. ##### Important updates Most notably - containerd to v1.6.28 and runc to v.1.1.12 - gpu-operator to v23.9.1 ##### New addon - Stunner by [@​smeng9](https://github.com/smeng9), a Kubernetes media gateway for WebRTC #### In detail ##### What's changed in detail - Do not set --hostname-override on kube-proxy when joining a cluster by [@​neoaggelos](https://github.com/neoaggelos) in [canonical/microk8s#4360 - Use build-snaps instead of manually installing the go snap by [@​IsaacJT](https://github.com/IsaacJT) in [canonical/microk8s#4377 - Bump containerd to v1.6.28 and runc to v.1.1.12 by [@​louiseschmidtgen](https://github.com/louiseschmidtgen) in [canonical/microk8s#4398 - Fix erroneous microk8s join invocations by adding validation by [@​skatsaounis](https://github.com/skatsaounis) in [canonical/microk8s#4397 ##### External contributors - [@​IsaacJT](https://github.com/IsaacJT) made their first contribution in [canonical/microk8s#4377 - [@​skatsaounis](https://github.com/skatsaounis) made their first contribution in [canonical/microk8s#4397 - [@​miro-balaz](https://github.com/miro-balaz) rewrote the dqlite list query [canonical/k8s-dqlite#83 - [@​smeng9](https://github.com/smeng9) contributed a new addon Stunner [canonical/microk8s-community-addons#223 - [@​udit-uniyal](https://github.com/udit-uniyal) addressed KubeArmor installation issue [canonical/microk8s-community-addons#216 ### [`v1.29`](https://github.com/canonical/microk8s/releases/tag/v1.29): MicroK8s v1.29 released! [Compare Source](https://github.com/canonical/microk8s/compare/v1.28...v1.29) #### Featured in this release ##### "Quality of life" improvements A lot of effort has gone into the datastore, DQlite. In this release we introduced the following improvements: - DQlite node role reassignment in case of failure domain availability changes - Optional admission control to ensure performance - Handling the out-of-disk-space cases - Performance improvements related to static linking of DQlite and SQL query preparation ##### New addons by our partners and community members - Falco: the cloud-native security tool that employs custom rules on kernel events to provide real-time alerts - CloudNative PG Operator: Leveraging cloud native Postgres for Kubernetes adds speed, efficiency and protection for your infrastructure modernization - ngrok: Ingress Controller instantly adds connectivity, load balancing, authentication, and observability to your services #### Detail list of updates since last release ##### Kubernetes core services - Kubernetes 1.29 ##### Usability Improvements - Improved messaging in joining nodes - Fix the default IP shown in ‘microk8s add-node’ output when using FRR (thanks [@​nihr23](https://github.com/nihr43)) - Improve connectivity check in installers, thank you [@​smithyuk](https://github.com/smithyuk) - Handle out of low disk capacity on dqlite nodes - Admission control to protect from dqlite performance degradation - Failure domain control plain datastore rebalance - Memory argument warning in installer, thank you [@​eddiesimeon](https://github.com/eddiesimeon) ##### Addon updates - New addon: nvidia, allows for enabling the gpu and network operators - New addon: Falco v3.7.1, thank you [@​jasonumiker](https://github.com/jasonumiker) - New addon: CloudNativePG, thank you [@​sxd](https://github.com/sxd) - New addon: ngrok, thank you [@​russorat](https://github.com/russorat) - Added default-class option to hostpath-storage, thank you [@​overtfuture](https://github.com/overtfuture) - Upgraded sosivio to v1.7.1, thank you [@​DanArlowski](https://github.com/DanArlowski) - Upgrade linkerd to v2.14.3, thank you [@​balchua](https://github.com/balchua) - Upgraded KWasm operator to version v0.3.0, thank you [@​0xE282B0](https://github.com/0xE282B0) - Upgrade keda to v2.12.0, thank you [@​balchua](https://github.com/balchua) - Upgraded hostpath-storage to v1.5.0 - Upgraded MICROCKS to v1.8.0, thank you [@​yada](https://github.com/yada) - hostpath-storage option not to be set as the default storage class, courtesy of [@​overtfuture](https://github.com/overtfuture) - Removed ondat addon from the community repository </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 1am and before 3am every weekday" in timezone Etc/UTC, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/canonical/mysql-router-k8s-operator). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Closes #4345
Needs backport on all supported tracks
kube-proxymust be configured to use the same node name askubelet, otherwise services with Local external traffic policy fail to forward traffic (since node name of endpoints does not match the node name of the proxy).Description
In the past (for non HA), we would set
--hostname-overrideflags on both kube-proxy and kubelet services. In recent times, we do not need to do this, and we end in a situation where kubelet is running with its proper hostname, but kube-proxy still tries to find a node with the IP as name (which does not exist).For more details, see #4345 (comment)
Change
--hostname-overrideflag on the kube-proxy when joining a cluster. We would only do this if we set this flag for kubelet as well, but we don't.Testing
Locally