blog

12021-06-10

SEAN K.H. LIAO

contour ipv6

So, you've run out of ipv4 addresses and want to start running kubernetes with ipv6. Anyway, for whatever reason you chose contour as the ingress controller. You apply the manifests and...

» k get pod
NAME                      READY   STATUS    RESTARTS   AGE
contour-758d8f4c8-srjbh   0/1     Running   0          10m
envoy-ltz64               1/2     Running   0          10m

What could possibly have gone wrong?

» k describe pod contour-758d8f4c8-srjbh
...
Events:
  ...
  Warning  Unhealthy    3s (x61 over 10m)   kubelet            Readiness probe failed: dial tcp [fd00:10:244::d]:8001: connect: connection refused

» k describe pod envoy-ltz64
...
Events:
  ...
  Warning  Unhealthy         2m4s (x13 over 2m52s)  kubelet            Readiness probe failed: Get "http://[fd00:10:244::c]:8002/ready": dial tcp [fd00:10:244::c]:8002: connect: connection refused

connection refused, so the pods aren't listening on the correct addresses? Anyway the docs don't mention anything about ipv6 yet, but looking at the configuration, lets just set all the --xxx-address= flags to :: so we're sure it works on ipv6. Note all the "" quoting because... yaml.

      containers:
      - args:
        - serve
        - --incluster
        - "--xds-address=::"
        - "--stats-address=::"
        - "--debug-http-address=::"
        - "--http-address=::"
        - "--health-address=::"
        - "--envoy-service-http-address=::"
        - "--envoy-service-https-address=::"
        ...
---
      - args:
        - bootstrap
        - /config/envoy.json
        - "--admin-address=::"

So this works.

Anyway, after asking in slack, this is confirmed to be more or less the changes needed.