Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Track when we can enable the ipvs mode for the kube-proxy by default #817

Closed
luxas opened this issue May 15, 2018 · 20 comments
Closed

Track when we can enable the ipvs mode for the kube-proxy by default #817

luxas opened this issue May 15, 2018 · 20 comments
Assignees
@rosti
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/network Categorizes an issue or PR as relevant to SIG Network.
Milestone
Next

Comments

@luxas
Copy link
Member

luxas commented May 15, 2018

xref: #816 and #782

cc @kubernetes/sig-network-feature-requests when is ipvs going GA?
@k8s-ci-robot k8s-ci-robot added sig/network Categorizes an issue or PR as relevant to SIG Network. kind/feature Categorizes issue or PR as related to a new feature. labels May 15, 2018
@luxas luxas added this to the v1.12 milestone May 15, 2018
@luxas luxas added kind/enhancement priority/backlog Higher priority than priority/awaiting-more-evidence. labels May 15, 2018
@luxas luxas mentioned this issue May 15, 2018
Closed
@cmluciano
Copy link

cmluciano commented May 15, 2018
edited
Loading

There are no current releases targeted for GA at this time. We are still assembling the GA criteria and gathering feedback from the community.

@luxas
Copy link
Member Author

luxas commented May 15, 2018

Okay, thanks

@timothysc timothysc self-assigned this Jul 3, 2018
@timothysc
Copy link
Member

Only updating to track for this cycle.

@timothysc timothysc modified the milestones: v1.12, v1.13 Aug 25, 2018
@timothysc
Copy link
Member

@kubernetes/sig-network-misc any updates on when ipvs will be the default?

@timothysc
Copy link
Member

@caseydavenport any insight?

@bowei
Copy link
Member

bowei commented Oct 11, 2018

cc: @Lion-Wei

@caseydavenport
Copy link
Member

IPVS kube-proxy went GA in v1.11 - kubernetes/enhancements#265

However, there seem to be a few issues open affecting IPVS mode re: the version of iptables/ipset shipped in the kube-proxy container image that might inhibit its adoption in kubeadm, that we'll need to sort out first.

CC @m1093782566

@Lion-Wei
Copy link

Thanks, @bowei
@caseydavenport , I think both those issue are solved in master, maybe need cherry-pick to 1.11/1.10 to make all version work.
xref:
kubernetes/kubernetes#68974 (comment)
kubernetes/kubernetes#68703 (comment)
I'll trace those issues to make sure they all completely solved.

@m1093782566
Copy link

@caseydavenport

These issues you mentioned has already been fixed and we only need to cherry-pick the fixes.

@timothysc timothysc modified the milestones: v1.13, v1.14 Nov 13, 2018
@timothysc
Copy link
Member

@caseydavenport @Lion-Wei @m1093782566 - Is there any reason for it to not be the default for all deployments?

@timothysc timothysc modified the milestones: v1.14, v1.13 Nov 13, 2018
@neolit123
Copy link
Member

as a side note, our e2e by default does iptables currently.

@timothysc timothysc modified the milestones: v1.13, v1.14 Nov 13, 2018
@Lion-Wei
Copy link

Hi, @timothysc , I think there still an issue kubernetes/kubernetes#70747 we should pay attention.

@timothysc
Copy link
Member

k, I'm thinking we should make this a default for 1.14 out of the gate move the feature gate.

@timothysc timothysc added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Jan 4, 2019
@timothysc timothysc removed the priority/backlog Higher priority than priority/awaiting-more-evidence. label Jan 4, 2019
@timothysc timothysc modified the milestones: v1.14, Next Jan 25, 2019
@timothysc timothysc added priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. and removed priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Jan 25, 2019
@timothysc
Copy link
Member

https://github.com/kubernetes/kubernetes/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+ipvs+label%3Asig%2Fnetwork+

clearly is not ready for defaulting

@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 29, 2019
@timothysc timothysc added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Apr 30, 2019
@neolit123 neolit123 assigned rosti and unassigned timothysc Aug 2, 2019
@neolit123
Copy link
Member

adding some feedback to this old issue.

with Windows nodes in the picture and with the planned changes for multi-OS in the kube-proxy config things are moving in this space.

given the complications i've seen in past reports with IPVS kernel modules missing or disabled on user nodes, i'm inclined to recommend that we do not enable IPVS as the default mode yet.

iptables works and people are familiar with it, IPVS is advanced, faster and feels to me it should be the decisions on the side of cluster operators.

@cmluciano
Copy link

@andrewsykim @lbernail Do you think we should close this issue ? I agree with @neolit123 's comments and I'm not sure if this issue makes sense to keep open.

@andrewsykim
Copy link
Member

Yeah I agree, not sure that it was ever intended for IPVS to be the default.

@lbernail
Copy link

Yeah I think at one point we really wanted to try but we are still lacking tests. I'd say for mid-size clusters iptables is very good because it's very well tested. ipvs makes more sense in large clusters but still does not completely align with what support in iptables mode

@neolit123
Copy link
Member

thanks for the comments. let's continue keeping iptables as the default with opt-in for IPVS, maybe one day making IPVS the default if kube-proxy has it as the default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rosti rosti

Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/network Categorizes an issue or PR as relevant to SIG Network.
Projects
None yet
Milestone
Next
Development

No branches or pull requests