little-ram-17683
02/25/2023, 4:32 AMkube-proxy-arg:
- proxy-mode=ipvs
- ipvs-strict-arp=true
in cluster.yaml
. I mean in which section of yamlcreamy-pencil-82913
02/25/2023, 5:01 AMlittle-ram-17683
02/25/2023, 5:17 AMAlso, you should NOT edit the kube-proxy static pod manifest; any changes you make will be reverted when RKE2 is restarted. You should use the following in your config.yaml instead:
So even if I've created cluster using GUI I have to change this config manually on every node, or what? It's really confusing. Standard behavior for every config is: "You have to do changes in cluster.yaml
in GUI, otherwise it will be overwritten during next rke restartcluster.yaml
and it's documented. For RKE2 it's total messapiVersion: <http://provisioning.cattle.io/v1|provisioning.cattle.io/v1>
kind: Cluster
metadata:
name: <cluster_name>
annotations:
<http://field.cattle.io/creatorId|field.cattle.io/creatorId>: u-ofzeh6vy3n
# key: string
creationTimestamp: '2023-02-09T15:07:17Z'
finalizers:
- <http://wrangler.cattle.io/cloud-config-secret-remover|wrangler.cattle.io/cloud-config-secret-remover>
- <http://wrangler.cattle.io/provisioning-cluster-remove|wrangler.cattle.io/provisioning-cluster-remove>
- <http://wrangler.cattle.io/rke-cluster-remove|wrangler.cattle.io/rke-cluster-remove>
# - string
generation: 20
labels:
{}
# key: string
namespace: fleet-default
resourceVersion: '65757783'
uid: cb31e6c1-51b2-4960-ae4d-038172744181
fields:
- <cluster_name>
- 'true'
- <cluster_name>-kubeconfig
spec:
defaultPodSecurityPolicyTemplateName: ''
kubernetesVersion: v1.24.9+rke2r2
localClusterAuthEndpoint:
caCerts: ''
enabled: false
fqdn: ''
rkeConfig:
additionalManifest: |-
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus 0.0.0.0:9153
forward . <my_ip>
cache 30
loop
reload
loadbalance W
}
chartValues:
rke2-calico:
installation:
calicoNetwork:
bgp: Enabled
controlPlaneTolerations:
- effect: NoSchedule
key: <http://node-role.kubernetes.io/control-plane|node-role.kubernetes.io/control-plane>
operator: Exists
- effect: NoExecute
key: <http://node-role.kubernetes.io/etcd|node-role.kubernetes.io/etcd>
operator: Exists
ipPools:
- blockSize: 26
cidr: 10.48.0.0/21
encapsulation: IPIP
natOutgoing: Enabled
nodeSelector: all()
- blockSize: 122
cidr: 2001::00/64
encapsulation: None
natOutgoing: Enabled
nodeSelector: all()
etcd:
disableSnapshots: false
snapshotRetention: 5
snapshotScheduleCron: 0 */5 * * *
machineGlobalConfig:
cni: calico
disable:
- rke2-ingress-nginx
disable-kube-proxy: false
etcd-expose-metrics: false
profile: null
machinePools:
machineSelectorConfig:
- config:
protect-kernel-defaults: false
registries:
configs:
{}
mirrors:
{}
upgradeStrategy:
controlPlaneConcurrency: '1'
controlPlaneDrainOptions:
deleteEmptyDirData: true
disableEviction: false
enabled: false
force: false
gracePeriod: -1
ignoreDaemonSets: true
skipWaitForDeleteTimeoutSeconds: 0
timeout: 120
workerConcurrency: '1'
workerDrainOptions:
deleteEmptyDirData: true
disableEviction: false
enabled: false
force: false
gracePeriod: -1
ignoreDaemonSets: true
skipWaitForDeleteTimeoutSeconds: 0
timeout: 120
machineSelectorConfig:
- config: {}
__clone: true
cluster.yaml
When I try to add
kube-proxy-arg:
- proxy-mode=ipvs
- ipvs-strict-arp=true
under: rkeConfig:
it disappearsEdit the RKE options under the rkeConfig directive.
kube-proxy-arg:
- proxy-mode=ipvs
- ipvs-strict-arp=true
under:
machineGlobalConfig:
root 3751955 3751907 0 05:42 ? 00:00:00 kube-proxy --cluster-cidr=10.42.0.0/16 --conntrack-max-per-core=0 --conntrack-tcp-timeout-close-wait=0s --conntrack-tcp-timeout-established=0s --healthz-bind-address=127.0.0.1 --hostname-override=worker-2 --ipvs-strict-arp=true --kubeconfig=/var/lib/rancher/rke2/agent/kubeproxy.kubeconfig --proxy-mode=ipvs
creamy-pencil-82913
02/25/2023, 7:06 PMlittle-ram-17683
02/27/2023, 3:07 AMcluster.yaml
in relation to yaml configuration file editable from rancher UIcreamy-pencil-82913
02/27/2023, 3:53 AM