kubeadm: kubeadm should warn about missing podSubnet/clusterCIDR

BUG REPORT

Versions

kubeadm version (use kubeadm version): kubeadm version: &version.Info{Major:“1”, Minor:“11”, GitVersion:“v1.11.0”, GitCommit:“91e7b4fd31fcd3d5f436da26c980becec37ceefe”, GitTreeState:“clean”, BuildDate:“2018-06-27T20:14:41Z”, GoVersion:“go1.10.2”, Compiler:“gc”, Platform:“linux/amd64”} Environment:

  • Kubernetes version (use kubectl version): Client Version: version.Info{Major:“1”, Minor:“11”, GitVersion:“v1.11.0”, GitCommit:“91e7b4fd31fcd3d5f436da26c980becec37ceefe”, GitTreeState:“clean”, BuildDate:“2018-06-27T20:17:28Z”, GoVersion:“go1.10.2”, Compiler:“gc”, Platform:“linux/amd64”} Server Version: version.Info{Major:“1”, Minor:“11”, GitVersion:“v1.11.0”, GitCommit:“91e7b4fd31fcd3d5f436da26c980becec37ceefe”, GitTreeState:“clean”, BuildDate:“2018-06-27T20:08:34Z”, GoVersion:“go1.10.2”, Compiler:“gc”, Platform:“linux/amd64”}
  • Cloud provider or hardware configuration: brightbox
  • OS (e.g. from /etc/os-release): Ubuntu 18.04 LTS
  • Kernel (e.g. uname -a): Linux srv-jlhyq 4.15.0-23-generic #25-Ubuntu SMP Wed May 23 18:02:16 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
  • Others:

What happened?

Without a pod subnet specified, or a specific clusterCIDR specified you get:

W0720 13:06:36.713799       1 proxier.go:311] clusterCIDR not specified, unable to distinguish between internal and external traffic

from kube-proxy and masquerade facilities will be affected

What you expected to happen?

The clusterCIDR should be given to kube-proxy, or a warning issued during init

Given the number of CNI plugins that require a subnet specification there should be at least a warning from kubeadm about the impact of failing to tell the system what addresses the pods will be using.

How to reproduce it (as minimally and precisely as possible)?

kubeadm init without a podSubnet

Anything else we need to know?

There appears to be a bit of a battle going on between the top down allocation of system’s addresses and the bottom up discovery of the system’s addresses, with bits of each leaking into the instructions. Perhaps a pre-flight check is required to ensure consistency.

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Reactions: 1
  • Comments: 19 (14 by maintainers)

Most upvoted comments

@rajibmitra this PR was already sent, but we didn’t decide on how to handle this check properly: https://github.com/kubernetes/kubernetes/pull/68682

+1
neolit123 on Feb 17, 2019

bump @xlgao-zju – are you still working on this? 😃 cheers!

+1
stealthybox on Sep 12, 2018
Read more comments on GitHub
← kubeadm: kubeadm should not re-use bind-address for api-server while using experimental-control-plane
kubeadm: kubeadm upgrade apply failure with same kubernetes version →