-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Treatment of overlapping ServiceCIDR and PodCIDRs #16340
Comments
Thanks @justinsb for creating the issue. |
We allowed this previously, so this is a regression for existing clusters. These clusters are not obviously broken, and the kube-controller-manager (for example) will exclude the service range when issuing node CIDRs. As such, remove validation until we can determine if anything is actually broken by an overlap (and a path forwards if so). Issue kubernetes#16340
We allowed this previously, so this is a regression for existing clusters. These clusters are not obviously broken, and the kube-controller-manager (for example) will exclude the service range when issuing node CIDRs. As such, remove validation until we can determine if anything is actually broken by an overlap (and a path forwards if so). Issue kubernetes#16340
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
We may have introduced a regression, where previously overlapping ServiceCIDR and PodCIDRs were allowed, and now they are blocked by validation.
It does seem that the node-podCIDR allocation logic in kube-controller-manager automatically excludes the ServiceCIDR, so that an overlap should not give a conflict in practice (though we probably still want to discourage it). For example:
https://github.com/kubernetes/kubernetes/blob/98b589a76d57a137d91afc487304d0f699c23288/pkg/controller/nodeipam/ipam/range_allocator.go#L103
/kind bug
(Edited to change "should yield a conflict" to "should not give a conflict" - doh!)
The text was updated successfully, but these errors were encountered: