-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
provide an option to bring up a cluster without a cni installed. #278
Comments
/assign |
+1. It'd be awesome to be able to put kind into Calico's CI, and starting with CNI configured but not installed makes it easy to install dev builds or master builds. I'd imagine the same would be true for pretty much all the CNI plugins. |
we should bring the CNI topic on monday. my proposal ATM is the following:
related topic is enabling offline support for a set of CNI plugins.
|
-1 on shipping all 3 unless they are small, our images are big. I've been working on a rough design for alternate images, and looking at other options for pre-loading / caching (eg a local image mirror). The additional thing to skipping the overlay apply step in kind is we also need to skip the node readiness check / The other reason to consider doing this is EG Cillium, which we simply can't ship by default currently because it relies on kernel modules and we need to support docker for mac / windows + docker-ce on random distros. |
i think they are roughly 5-10 MB.
that is true.
flannel is a step ahead on the Windows front. in fact i just had to patch their 0.11.0 manifest a couple of days ago. |
er docker for windows != windows images, still linux images. (we only support linux containers for now.... windows nodes may be interesting someday) |
ah, my confusion. windows containers are out of scope for now. |
Please correct me if I'm wrong here, but the primary purpose of kind today is to support running of CNCF conformance tests on kind created clusters. CNCF tests however appear to be network plugin agnostic, so having in built support for many CNIs does not address this primary goal. Having said that, as a plugin developer, I would love to use kind for e2e testing of my plugin. Here, IMO, the burden of the actual integration should be placed on the plugin developer (me). Kind just needs to kept flexible enough to support all CNI compatible plugins and not limit support to only the most popular. My recommendation would be to keep kind as lean as possible (bare minimum required for CNCF tests) but provide the appropriate hooks for someone who wishes to do more. |
So let me clarify some things then 🙃
It's initially meant for testing Kubernetes proper, initially we only ran the conformance tests. The scope is expanded at this point to include testing things on top of Kubernetes.
To be clear again, we're talking about tests run by Kubernetes the project, not the CNCF.
Yes and no. The burden should be on you to test your plugin, but for everyone who is not testing a CNI plugin there should be no burden to get a cluster up with a default configuration. For that reason when we build an image it includes Kubernetes binaries, images, ... etcd. (and haproxy so we can run HA clusters for testing kubeadm IE part of the Kubernetes project) and soon a CNI. The minimum viable components to boot a standard cluster. Necessarily we must ship one of the CNIs ourselves for this purpose. Which one we ship is dictated by running on our user platforms without any additional work, so we can't EG ship cillium as the default yet. We can additionally support users hooking an alternate CNI, but we won't actively ship those. We don't have enough momentum to version and support many of these ourselves, which is why the discussion about "most popular" came up.
Bare minimum yes, but again, "CNCF tests" is not really a thing. The conformance tests currently are a subset of the end to end tests that the Kubernetes project develops for testing clusters, and which ones are in the subset is also defined by a work group out of Kubernetes / SIG API Machinery. |
The mechanism by which the default is shipped should probably work for building a custom image with a different default CNI ideally, but our "official" usage will need to pick something. So far weave seems to work widely without kernel modules etc. so we're using that. |
Thanks for the clarifications! :) What you said sounds perfect! |
Understood, thanks! I'm also planning to remove that note from the README / homepage today, we're using kind for much more than just testing kubernetes with the conformance tests, some rough scoping has been added to https://kind.sigs.k8s.io/docs/contributing/project-scope/ but needs more fleshing out. |
Regarding the different CNI plugins it's important to mention that some of them can fail because inside the container we don't have the folder |
if the container shares a kernel with the host and if do you happen to know which CNI plugins will fail for the lack of this folder inside the container? so in terms of weave, calico and flannel the part of bringing up the cluster works.
|
I just hit the problem yesterday with one "containerization" of the neutron OpenStack service that's using an openvswitch agent and checks for this value. I think that you are right and we'll find out later with the conformance testing, I just thought that it was important to mention to avoid other people spending time troubleshooting the problem 😅
great, it seems that can be solved from the CNI plugin side making that check optional and "trusting" the operator but, just curiosity, do you think that it's worth exposing the |
given the top 3 most popular plugins (survey results) already work, i'd say we consider this only once support for another plugin is requested that faces the problem. |
This patch adds an option to configure `kind` clusters with IPv6 `./kind create cluster --ipv6` the clusters are configured correctly but is no fully functional because it depends on the CNI configurations that's still WIP kubernetes-sigs#278 Reference: kubernetes-sigs#280 Signed-off-by: Antonio Ojea <[email protected]>
This patch adds an option to configure `kind` clusters with IPv6 `./kind create cluster --ipv6` the clusters are configured correctly but is no fully functional because it depends on the CNI configurations that's still WIP kubernetes-sigs#278 Reference: kubernetes-sigs#280 Signed-off-by: Antonio Ojea <[email protected]>
I'm able to launch kubernetes IPv6 single and multinode clusters but it turns out that weave doesn't support IPv6. what will be the best option moving forward, default CNI to Calico or implement a configurable CNI option that allows us to use IPv6? |
I'm pretty sure calico's manifests at least do not support ARM, and it requires installing an etcd to the cluster. 🤔 CNI can be hacked around by modifying what is in the image in the short term, at boot we read the manifest etc. from the node image. |
Btw #205 (comment) |
the calico CNI supports ARM64, but not ARM(32). with the golang ease of mutli-arch, in theory it's easier to add support for another arch, compared to adding ipv6 support. |
@neolit123 I see the binaries but not the images / manifest. I hope we wouldn't need to ship those ourselves. Their guide for Kubernetes still requires amd64. |
Hmm this is worth referencing from a purely CNI on arm (not k8s) POV: https://community.arm.com/tools/b/blog/posts/understanding-and-deploying-overlay-networks |
they are lacking a schema v2 mutli-arch docker manifest linked from their k8s manifest. the multi-arch images do exist: e.g. |
No need for a separate etcd if you use the Calico manifest that runs using the kubernetes api as a datastore (stores its data in CRDs). At present that also means using host-local IPAM, but that's getting fixed soon... |
seems to point to images such as but images such as are there plans to support multi-arch manifests anytime soon? |
I'm told that calico images went schema v2 from calico v3.4 So https://docs.projectcalico.org/v3.5/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml should be multi-arch. And I think it is:
|
This patch adds an option to configure `kind` clusters with IPv6 `./kind create cluster --ipv6` the clusters are configured correctly but is no fully functional because it depends on the CNI configurations that's still WIP kubernetes-sigs#278 Reference: kubernetes-sigs#280 Signed-off-by: Antonio Ojea <[email protected]>
If you need this feature, please reply to |
@BenTheElder I think we can close this issue since #530 was merged |
Agreed. This is implemented. |
* fix: show error when subnet doesn't exist * group if --------- Co-authored-by: stg <[email protected]>
This option will enable the user to deploy their choice of cni in advance of kind supporting a variety of cni implementations.
The text was updated successfully, but these errors were encountered: