I deployed a service myservice
to the k8s cluster. Using kubectl describe serivce ...
, I can find that the service ip is 172.20.127.114
I am trying to figure out how this service ip is assigned. Is it assigned by K8s controller and stored in DNS? How does K8S control decide on the IP range?
kubectl describe service myservice
Name: myservice
Namespace: default
Labels: app=myservice
app.kubernetes.io/instance=myservice
Annotations: argocd.argoproj.io/sync-wave: 3
Selector: app=myservice
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 172.20.127.114
IPs: 172.20.127.114
Port: <unset> 80/TCP
TargetPort: 5000/TCP
Endpoints: 10.34.188.30:5000,10.34.89.157:5000
Session Affinity: None
Events: <none>
CodePudding user response:
kuebernetes controller accepts service CIDR range using service-cluster-ip-range parameter. Service IP is assigned from this CIDR block.
The kubernetes controller pod name might vary in each environment. update the pod name accordingly
CodePudding user response:
Kubernetes assigns a stable, reliable IP address to each newly created service from the cluster's pool of available service IP addresses. Previously, Amazon EKS automatically chose a value for this range based on the primary CIDR block of the Amazon VPC used by the cluster.
The Kubernetes service IP address range can be configured for all newly created EKS clusters using for instance eksctl.
If you want to specify which IPv4 Classless Inter-domain Routing (CIDR) block Kubernetes assigns service IP addresses from, specify the serviceIPv4CIDR.
Check this out
Hope it helped somehow.
CodePudding user response:
- The Pod IP Addresses comes from
CNI
Api-server
,Etcd
,Kube-Proxy
,Scheduler
andcontroller-Manager
IP Addresses come fromServer/Node
IP AddressService
IP address range is defined in theAPI Server
Configuration
If we check API Configuration, we can see the - --service-cluster-ip-range=10.96.0.0/12
option in command section, A CIDR notation IP range from which to assign service cluster IPs:
sudo vim /etc/kubernetes/manifests/kube-apiserver.yaml
See all defaults configurations:
kubeadm config print init-defaults
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 1.2.3.4
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: node
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: { }
dns: { }
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: 1.24.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
scheduler: { }
Change Default CIDR IP Range
You can configure Kube API Server with many different options:
- when bootstrapping the cluster via
kubeadm init --service-cidr <IP Range>
- Change
kube-apiserver
directly (kubelet
periodically scans the configurations for changes)
sudo vim /etc/kubernetes/manifests/kube-apiserver.yaml
- Note that with option number
2
, you are going to get Theconnection to the server IP:6443 was refused - did you specify the right host or port?
error for a while, so you have to wait a couple of minutes tokube-apiserver
start again... - The new CIDR block only applies for newly created Services, which means old Services still remain in the old CIDR block, for testing:
kubectl create service clusterip test-cidr-block --tcp 80:80
Then Check the newly created Service...