[Release-1.26] - coredns, metrics, nginx and snapshot validation services are always singleStack

[manuelbuil]

Backport fix for coredns, metrics, nginx and snapshot validation services are always singleStack

• coredns, metrics, nginx and snapshot validation services are always singleStack #4776

[ShylajaDevadiga]

Validated using rke2 version v1.26.10-rc2+rke2r1

Environment Details

Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:
Ubuntu 22.04

Cluster Configuration:
3 server 1 agent

Config.yaml:

$ cat config.yaml 
node-ip: <IPv6>,<ipv4>
token: <TOKEN>
write-kubeconfig-mode: 644
cluster-cidr: 2001:cafe:42:0::/56,10.42.0.0/16
service-cidr: 2001:cafe:42:1::/112,10.43.0.0/16

Steps to reproduce the issue and validate the fix

1. Copy config.yaml
2. Install rke2

Validation results:
Services have ipv6 address, based on the order in node-ip flag in the config.yaml
Services have PreferDualStack as default
Pods have ipv6 as well as ipv4 address. kubectl displays it with ipv4 as mentioned here k3s-io/k3s#8598 (comment)

ubuntu@ip-192-168-28-30:~$ rke2 -v
rke2 version v1.26.10-rc2+rke2r1 (825e3188d273e7271a0b5ce924d42455b4d37a34)
go version go1.20.10 X:boringcrypto
ubuntu@ip-192-168-28-30:~$ kubectl get svc -A
NAMESPACE     NAME                                      TYPE        CLUSTER-IP             EXTERNAL-IP   PORT(S)         AGE
default       kubernetes                                ClusterIP   2001:cafe:42:1::1      <none>        443/TCP         21m
kube-system   rke2-coredns-rke2-coredns                 ClusterIP   2001:cafe:42:1::a      <none>        53/UDP,53/TCP   20m
kube-system   rke2-ingress-nginx-controller-admission   ClusterIP   2001:cafe:42:1::886f   <none>        443/TCP         20m
kube-system   rke2-metrics-server                       ClusterIP   2001:cafe:42:1::b83a   <none>        443/TCP         20m
kube-system   rke2-snapshot-validation-webhook          ClusterIP   2001:cafe:42:1::2357   <none>        443/TCP         20m
ubuntu@ip-192-168-28-30:~$ kubectl describe svc -n kube-system    |grep  -i family -A4 -B2
Selector:          app.kubernetes.io/instance=rke2-coredns,app.kubernetes.io/name=rke2-coredns,k8s-app=kube-dns
Type:              ClusterIP
IP Family Policy:  PreferDualStack
IP Families:       IPv6,IPv4
IP:                2001:cafe:42:1::a
IPs:               2001:cafe:42:1::a,10.43.0.10
Port:              udp-53  53/UDP
--
Selector:          app.kubernetes.io/component=controller,app.kubernetes.io/instance=rke2-ingress-nginx,app.kubernetes.io/name=rke2-ingress-nginx
Type:              ClusterIP
IP Family Policy:  PreferDualStack
IP Families:       IPv6,IPv4
IP:                2001:cafe:42:1::886f
IPs:               2001:cafe:42:1::886f,10.43.164.101
Port:              https-webhook  443/TCP
--
Selector:          app=rke2-metrics-server,release=rke2-metrics-server
Type:              ClusterIP
IP Family Policy:  PreferDualStack
IP Families:       IPv6,IPv4
IP:                2001:cafe:42:1::b83a
IPs:               2001:cafe:42:1::b83a,10.43.176.241
Port:              <unset>  443/TCP
--
Selector:          app.kubernetes.io/instance=rke2-snapshot-validation-webhook,app.kubernetes.io/name=rke2-snapshot-validation-webhook
Type:              ClusterIP
IP Family Policy:  PreferDualStack
IP Families:       IPv6,IPv4
IP:                2001:cafe:42:1::2357
IPs:               2001:cafe:42:1::2357,10.43.32.97
Port:              https  443/TCP

Validated pod to pod communication using ipv6 as well as ipv4 address

$ kubectl describe pods 
Name:             multitool-deployment-6d5df55ffc-q2bcl
Namespace:        default
Priority:         0
Service Account:  default
Node:             ip-192-168-28-30/2600:1f1c:ab4:ee48:1037:9f6b:a36c:4368
Start Time:       Thu, 26 Oct 2023 18:41:00 +0000
Labels:           app=multitool
                  pod-template-hash=6d5df55ffc
Annotations:      cni.projectcalico.org/containerID: d5e4671c19d1b17190c5fb0ca45965fa44a49c3bdac9a2cbcc077958eaef84a2
                  cni.projectcalico.org/podIP: 10.42.0.15/32
                  cni.projectcalico.org/podIPs: 10.42.0.15/32,2001:cafe:42::f/128
Status:           Running
IP:               10.42.0.15
IPs:
  IP:           10.42.0.15
  IP:           2001:cafe:42::f
Controlled By:  ReplicaSet/multitool-deployment-6d5df55ffc


$ kubectl exec -it multitool-deployment-6d5df55ffc-q2bcl bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
bash-5.1# ping 10.42.0.15
PING 10.42.0.15 (10.42.0.15) 56(84) bytes of data.
64 bytes from 10.42.0.15: icmp_seq=1 ttl=64 time=0.100 ms
^C
--- 10.42.0.15 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.100/0.100/0.100/0.000 ms
bash-5.1# ping 2001:cafe:42::11
PING 2001:cafe:42::11(2001:cafe:42::11) 56 data bytes
64 bytes from 2001:cafe:42::11: icmp_seq=1 ttl=63 time=0.285 ms
64 bytes from 2001:cafe:42::11: icmp_seq=2 ttl=63 time=0.082 ms
64 bytes from 2001:cafe:42::11: icmp_seq=3 ttl=63 time=0.085 ms
64 bytes from 2001:cafe:42::11: icmp_seq=4 ttl=63 time=0.088 ms
^C
--- 2001:cafe:42::11 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3066ms
rtt min/avg/max/mdev = 0.082/0.135/0.285/0.086 ms
bash-5.1#