-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Closed
Description
Hi,
nginx:latest
doesn't seem to listen on IPv6 addresses. This is a problem on v6 only kubernetes/docker as they thus have no connectivity.
Steps to reproduce
Create a deployment with
$ kubectl create deployment d-nginx --image=nginx
deployment.apps/d-nginx created
Then, we can check that the container doesn't reply on IPv6:
$ kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
d-nginx-b94ddb98b-b9hgx 1/1 Running 0 16s xxxx:xxxx:cafe:1002:27:ffff:0:bcee pik-c1-33-vm-3 <none> <none>
$ curl http://[xxxx:xxxx:cafe:1002:27:ffff:0:bcee]
curl: (7) Failed to connect to xxxx:xxxx:cafe:1002:27:ffff:0:bcee port 80: Connection refused
Logging in on the pod, I can indeed see that it listens on IPv4 only:
root@d-nginx-b94ddb98b-b9hgx:/# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
And its connectivity:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
174: eth0@if175: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP
inet6 xxxx:xxxx:cafe:1002:27:ffff:0:bcee/128 scope global nodad
valid_lft forever preferred_lft forever
inet6 fe80::f048:dfff:fe05:1e74/64 scope link
valid_lft forever preferred_lft forever
Expected results
however, it works with httpd
for example:
$ kubectl create deployment d-httpd --image=httpd
deployment.apps/d-httpd created
$ kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
d-httpd-549ff79598-5s2xd 1/1 Running 0 10s xxxx:xxxx:cafe:1002:7:ffff:0:b3cd pik-c1-13-vm-1 <none> <none>
$ curl http://[xxxx:xxxx:cafe:1002:7:ffff:0:b3cd]
<html><body><h1>It works!</h1></body></html>
Should we listen by default on v6 addresses too ?
Cheers
ludovicm67 and bavishal
Metadata
Metadata
Assignees
Labels
No labels