search

kubernetes-sigs / kubespray

Deploy a Production Ready Kubernetes Cluster
Apache License 2.0
16.08k stars 6.45k forks source link

ipv6-only deployment fails : runc Download works only with ipv4 node #11650

Open unkn0wn107 opened 4 days ago

unkn0wn107 commented 4 days ago

What happened?

I have 2 workers ipv4 and ipv6, 3 etcd ipv6 only and 2 control-plane ipv6-only in inventory config.

The playbook runs smoothly till runc Download always failing for ipv6-only nodes, previous operations work fine, including downloads of other dependencies.

It works well when I provision ipv4 for all servers

What did you expect to happen?

Runc download well for ipv6-only servers and playbook deployment works till the end.

How can we reproduce it (as minimally and precisely as possible)?

Define an inventory with ipv4-enabled and ipv6-only nodes. It fails at Download runc

OS

Fedora 39 Kernel 6.10.10

Version of Ansible

ansible [core 2.16.12]

Version of Python

3.12.6

Version of Kubespray (commit)

v2.26.0

Network plugin used

calico

Full inventory with variables

Node definitions

etcd-1 ansible_host= ip= etcd-2 ansible_host= ip= etcd-3 ansible_host= ip= control-plane-1 ansible_host= ip= control-plane-2 ansible_host= ip= worker-1 ansible_host= ip= worker-2 ansible_host= ip=

[all] etcd-1 etcd-2 etcd-3 control-plane-1 control-plane-2 worker-1 worker-2

[kube_control_plane] control-plane-1 control-plane-2

[etcd] etcd-1 etcd-2 etcd-3

[kube_node] worker-1 worker-2

[k8s_cluster:children] kube_control_plane kube_node

Command used to invoke ansible

From collection (see below field)

Output of ansible run

- name: Run Kubernetes Installation Playbook
  become: true
  vars:
    ansible_python_interpreter: /usr/bin/python3
    ansible_become: yes
    ansible_become_method: sudo
  import_playbook: kubernetes_sigs.kubespray.cluster
TASK [kubernetes_sigs.kubespray.container-engine/runc : Download_file | Download item] ***
ok: [worker-1]
FAILED - RETRYING: [control-plane-2]: Download_file | Download item (4 retries left).
FAILED - RETRYING: [control-plane-1]: Download_file | Download item (4 retries left).
ok: [worker-2]
FAILED - RETRYING: [control-plane-2]: Download_file | Download item (3 retries left).
FAILED - RETRYING: [control-plane-1]: Download_file | Download item (3 retries left).
FAILED - RETRYING: [control-plane-2]: Download_file | Download item (2 retries left).
FAILED - RETRYING: [control-plane-1]: Download_file | Download item (2 retries left).
FAILED - RETRYING: [control-plane-2]: Download_file | Download item (1 retries left).
FAILED - RETRYING: [control-plane-1]: Download_file | Download item (1 retries left).
fatal: [control-plane-2]: FAILED! => {"attempts": 4, "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
fatal: [control-plane-1]: FAILED! => {"attempts": 4, "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

Anything else we need to know

No response

tico88612 commented 1 day ago

Can you try to download the GitHub release on an ipv6 host?

Technically, this is not a Kubespray issue. It depends on whether GitHub supports IPv6. I used dig to check GitHub, but there is no AAAA record.