Migrating flannel aws-vpc from etcd coodination to kube-subnet-mgr

121 views
Skip to first unread message

Matthias Rampke

unread,
Mar 6, 2017, 10:18:59 AM3/6/17
to Kubernetes user discussion and Q&A
Hi,

I am trying to work out how to upgrade a Kubernetes cluster to use the kube-subnet-mgr from flannel 0.7.0 safely. This is running with the aws-vpc backend, so flannel itself is only the control plane.

I plan to whole-sale replace the nodes in the process, for unrelated reasons (this is part of a Kubernetes upgrade).

While I have a mixed cluster where half the flanneld speak to etcd to coordinate, and half speak to kube-apiserver to coordinate, will they start fighting over the AWS VPC route table? If so, how can I do this upgrade?

Thank you,
MR

PS: this is not CoreOS but in reworking this I've used the current kube-flannel.yml as a template, so our new setup is essentially that. Pre-migration, it is a flanneld 0.6.x running outside of Kubernetes, and speaking to etcd directly.

Brandon Philips

unread,
Mar 7, 2017, 7:52:18 PM3/7/17
to kubernet...@googlegroups.com, Casey Callendrello, Tom Denham
Hello Matthias-

This is not something we planned a migration for. In general trying to do some sort of networking migration on a running Kubernetes cluster is going to lead to a bad time.

Adding Casey and Tom in case they have any brilliant ideas.

Brandon

--
You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-use...@googlegroups.com.
To post to this group, send email to kubernet...@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Matthias Rampke

unread,
Mar 8, 2017, 3:41:39 AM3/8/17
to kubernet...@googlegroups.com, Casey Callendrello, Tom Denham

How does it manage the AWS route table? Will each node only manage its own entry, or will they try to remove entries that they think should not be there?

In the former case it'd be fine I suppose.

/MR

Matthias Rampke

unread,
Mar 8, 2017, 5:23:50 AM3/8/17
to kubernet...@googlegroups.com, Casey Callendrello, Tom Denham
I did some testing and the behaviour is "good enough for me". Even when having two disparate flannels, with overlapping networks, manage the same route table, they don't remove each other's active entries. They won't know about all allocated subnets, but for this particular case the probability of a collision is low enough that I can deal with it manually if need be.

Thank you!
MR


Reply all
Reply to author
Forward
0 new messages