Contents
Overview
Microk8s で kube-ovn を有効化します。
※2023/1/3時点では有効化できません。
kube-ovn に期待すること
最近、仕事でも IPv6 を考えることが多く、自宅環境もデュアルスタック(IPv4/IPv6)化を進めています。大抵の Linux ベースのアプリケーションは問題なくデュアルスタックに対応していますが、現在の Microk8s は kube-ovn の有効化が近道のようです。
期待しているのは下記の記事の内容です。
https://github.com/kubeovn/kube-ovn/blob/master/docs/dual-stack.md
kube-ovn の有効化
kube-ovn を有効化します。
デフォルトの addons
デフォルトの Microk8s の addons は下記の通りです。kube-ovn は disabled になっています。
myadmin@ubuntu:~$ microk8s status
microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
disabled:
cert-manager # (core) Cloud native certificate management
community # (core) The community addons repository
dashboard # (core) The Kubernetes dashboard
dns # (core) CoreDNS
gpu # (core) Automatic enablement of Nvidia CUDA
host-access # (core) Allow Pods connecting to Host services smoothly
hostpath-storage # (core) Storage class; allocates storage from host directory
ingress # (core) Ingress controller for external access
kube-ovn # (core) An advanced network fabric for Kubernetes
mayastor # (core) OpenEBS MayaStor
metallb # (core) Loadbalancer for your Kubernetes cluster
metrics-server # (core) K8s Metrics Server for API access to service metrics
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
registry # (core) Private image registry exposed on localhost:32000
storage # (core) Alias to hostpath-storage add-on, deprecated
kube-ovn の有効化①
kube-ovn を有効化してみますが、force オプションが必要なようです。こういった出力があると少し期待できます。
myadmin@ubuntu:~$ microk8s enable kube-ovn
Infer repository core for addon kube-ovn
Warning: this is a potentially destructive operation. Please enable kube-ovn
with:
microk8s enable kube-ovn --force
kube-ovn の有効化②
force オプションを付けて kube-ovn を再度有効化してみますが、エラーになりました。深追いはしていませんが、PodSecurityPolicy のバージョンが異なるようですね。
myadmin@ubuntu:~$ microk8s enable kube-ovn --force Infer repository core for addon kube-ovn Label node dev-gen-k8s (10.0.32.113) node/dev-gen-k8s labeled Remove Calico CNI configmap "calico-config" deleted customresourcedefinition.apiextensions.k8s.io "bgpconfigurations.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "bgppeers.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "blockaffinities.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "caliconodestatuses.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "clusterinformations.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "felixconfigurations.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "globalnetworkpolicies.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "globalnetworksets.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "hostendpoints.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "ipamblocks.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "ipamconfigs.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "ipamhandles.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "ippools.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "ipreservations.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "kubecontrollersconfigurations.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "networkpolicies.crd.projectcalico.org" deleted customresourcedefinition.apiextensions.k8s.io "networksets.crd.projectcalico.org" deleted clusterrole.rbac.authorization.k8s.io "calico-kube-controllers" deleted clusterrolebinding.rbac.authorization.k8s.io "calico-kube-controllers" deleted clusterrole.rbac.authorization.k8s.io "calico-node" deleted clusterrolebinding.rbac.authorization.k8s.io "calico-node" deleted daemonset.apps "calico-node" deleted serviceaccount "calico-node" deleted deployment.apps "calico-kube-controllers" deleted serviceaccount "calico-kube-controllers" deleted poddisruptionbudget.policy "calico-kube-controllers" deleted Deploy kube-ovn CRDs customresourcedefinition.apiextensions.k8s.io/iptables-eips.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/iptables-fip-rules.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/iptables-dnat-rules.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/iptables-snat-rules.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/ips.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/vips.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/subnets.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/vlans.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/provider-networks.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/vpcs.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/vpc-nat-gateways.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/security-groups.kubeovn.io created customresourcedefinition.apiextensions.k8s.io/htbqoses.kubeovn.io created Deploy ovn components configmap/ovn-config created serviceaccount/ovn created clusterrole.rbac.authorization.k8s.io/system:ovn created clusterrolebinding.rbac.authorization.k8s.io/ovn created service/ovn-nb created service/ovn-sb created service/ovn-northd created deployment.apps/ovn-central created daemonset.apps/ovs-ovn created error: resource mapping not found for name: "kube-ovn" namespace: "" from "/var/snap/microk8s/4221/args/cni-network/ovn.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first Traceback (most recent call last): File "/var/snap/microk8s/common/addons/core/addons/kube-ovn/enable", line 106, inenable() File "/snap/microk8s/4221/usr/lib/python3/dist-packages/click/core.py", line 722, in __call__ return self.main(*args, **kwargs) File "/snap/microk8s/4221/usr/lib/python3/dist-packages/click/core.py", line 697, in main rv = self.invoke(ctx) File "/snap/microk8s/4221/usr/lib/python3/dist-packages/click/core.py", line 895, in invoke return ctx.invoke(self.callback, **ctx.params) File "/snap/microk8s/4221/usr/lib/python3/dist-packages/click/core.py", line 535, in invoke return callback(*args, **kwargs) File "/var/snap/microk8s/common/addons/core/addons/kube-ovn/enable", line 90, in enable subprocess.check_call([KUBECTL, "apply", "-f", ovn_yaml]) File "/snap/microk8s/4221/usr/lib/python3.6/subprocess.py", line 311, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '[PosixPath('/snap/microk8s/4221/microk8s-kubectl.wrapper'), 'apply', '-f', PosixPath('/var/snap/microk8s/4221/args/cni-network/ovn.yaml')]' returned non-zero exit status 1.
Ubuntu 22.04 Microk8s kube-ovn