Support custom CALICO_IPV4POOL_NAT_OUTGOING

Signed-off-by: pixiake <guofeng@yunify.com>
2025-12-26 01:22:51 +00:00 · 2023-07-07 08:36:22 +08:00 · 2023-07-07 08:36:22 +08:00 · 6105305d8a
parent 4488091476
commit 6105305d8a
5 changed files with 27 additions and 8 deletions
--- a/cmd/kk/apis/kubekey/v1alpha2/network_types.go
+++ b/cmd/kk/apis/kubekey/v1alpha2/network_types.go
@ -27,9 +27,10 @@ type NetworkConfig struct {
 }

 type CalicoCfg struct {
-	IPIPMode  string `yaml:"ipipMode" json:"ipipMode,omitempty"`
-	VXLANMode string `yaml:"vxlanMode" json:"vxlanMode,omitempty"`
-	VethMTU   int    `yaml:"vethMTU" json:"vethMTU,omitempty"`
+	IPIPMode        string `yaml:"ipipMode" json:"ipipMode,omitempty"`
+	VXLANMode       string `yaml:"vxlanMode" json:"vxlanMode,omitempty"`
+	VethMTU         int    `yaml:"vethMTU" json:"vethMTU,omitempty"`
+	Ipv4NatOutgoing *bool  `yaml:"ipv4NatOutgoing" json:"ipv4NatOutgoing,omitempty"`
 }

 type FlannelCfg struct {
@ -133,3 +134,11 @@ func (n *NetworkConfig) EnableMultusCNI() bool {
 	}
 	return *n.MultusCNI.Enabled
 }
+
+// EnableIPV4POOL_NAT_OUTGOING is used to determine whether to enable CALICO_IPV4POOL_NAT_OUTGOING.
+func (c *CalicoCfg) EnableIPV4POOL_NAT_OUTGOING() bool {
+	if c.Ipv4NatOutgoing == nil {
+		return true
+	}
+	return *c.Ipv4NatOutgoing
+}
--- a/cmd/kk/pkg/bootstrap/os/templates/init_script.go
+++ b/cmd/kk/pkg/bootstrap/os/templates/init_script.go
@ -87,7 +87,7 @@ echo 'vm.max_map_count = 262144' >> /etc/sysctl.conf
 echo 'vm.swappiness = 0' >> /etc/sysctl.conf
 echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
 echo 'fs.inotify.max_user_instances = 524288' >> /etc/sysctl.conf
-echo 'fs.inotify.max_user_watches = 524288' >> /etc/sysctl.conf
+echo 'fs.inotify.max_user_watches = 10240001' >> /etc/sysctl.conf
 echo 'fs.pipe-max-size = 4194304' >> /etc/sysctl.conf
 echo 'fs.aio-max-nr = 262144' >> /etc/sysctl.conf
 echo 'kernel.pid_max = 65535' >> /etc/sysctl.conf
--- a/cmd/kk/pkg/kubernetes/kubernetes_status.go
+++ b/cmd/kk/pkg/kubernetes/kubernetes_status.go
@ -142,6 +142,9 @@ func (k *KubernetesStatus) LoadKubeConfig(runtime connector.Runtime, kubeConf *c
 	kubeConfigStr := k.KubeConfig

 	oldServer := fmt.Sprintf("server: https://%s:%d", kubeConf.Cluster.ControlPlaneEndpoint.Domain, kubeConf.Cluster.ControlPlaneEndpoint.Port)
+	if kubeConf.Cluster.ControlPlaneEndpoint.Address == "" {
+		kubeConf.Cluster.ControlPlaneEndpoint.Address = runtime.GetHostsByRole(common.Master)[0].GetAddress()
+	}
 	newServer := fmt.Sprintf("server: https://%s:%d", kubeConf.Cluster.ControlPlaneEndpoint.Address, kubeConf.Cluster.ControlPlaneEndpoint.Port)
 	newKubeConfigStr := strings.Replace(kubeConfigStr, oldServer, newServer, -1)

--- a/cmd/kk/pkg/plugins/network/modules.go
+++ b/cmd/kk/pkg/plugins/network/modules.go
@ -141,6 +141,7 @@ func deployCalico(d *DeployNetworkPluginModule) []task.Interface {
 				"IPIPMode":                d.KubeConf.Cluster.Network.Calico.IPIPMode,
 				"VXLANMode":               d.KubeConf.Cluster.Network.Calico.VXLANMode,
 				"ConatinerManagerIsIsula": d.KubeConf.Cluster.Kubernetes.ContainerManager == "isula",
+				"IPV4POOLNATOUTGOING":     d.KubeConf.Cluster.Network.Calico.EnableIPV4POOL_NAT_OUTGOING(),
 			},
 		},
 		Parallel: true,
@ -179,10 +180,10 @@ func deployFlannel(d *DeployNetworkPluginModule) []task.Interface {
 			Template: templates.Flannel,
 			Dst:      filepath.Join(common.KubeConfigDir, templates.Flannel.Name()),
 			Data: util.Data{
-				"KubePodsCIDR": d.KubeConf.Cluster.Network.KubePodsCIDR,
-				"FlannelImage": images.GetImage(d.Runtime, d.KubeConf, "flannel").ImageName(),
+				"KubePodsCIDR":       d.KubeConf.Cluster.Network.KubePodsCIDR,
+				"FlannelImage":       images.GetImage(d.Runtime, d.KubeConf, "flannel").ImageName(),
 				"FlannelPluginImage": images.GetImage(d.Runtime, d.KubeConf, "flannel-cni-plugin").ImageName(),
-				"BackendMode":  d.KubeConf.Cluster.Network.Flannel.BackendMode,
+				"BackendMode":        d.KubeConf.Cluster.Network.Flannel.BackendMode,
 			},
 		},
 		Parallel: true,
--- a/cmd/kk/pkg/plugins/network/templates/calico_v1.16+.go
+++ b/cmd/kk/pkg/plugins/network/templates/calico_v1.16+.go
@ -4594,6 +4594,13 @@ spec:
            # Enable or Disable VXLAN on the default IP pool.
            - name: CALICO_IPV4POOL_VXLAN
              value: "{{ .VXLANMode }}"
+{{- if .IPV4POOLNATOUTGOING }}
+            - name: CALICO_IPV4POOL_NAT_OUTGOING
+              value: "true"
+{{- else }}
+            - name: CALICO_IPV4POOL_NAT_OUTGOING
+              value: "false"
+{{- end }}
            # Enable or Disable VXLAN on the default IPv6 IP pool.
            - name: CALICO_IPV6POOL_VXLAN
              value: "Never"
@ -4834,5 +4841,4 @@ spec:
 ---
 # Source: calico/templates/configure-canal.yaml

-
    `)))