Fix IPv6 handling for loadbalancer addresses

Signed-off-by: Brad Davidson <[email protected]>

Author: brandond

pkg/agent/config/config.go

@@ -456,10 +456,15 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
 	if err != nil {
 		return nil, pkgerrors.WithMessage(err, "failed to retrieve configuration from server")
 	}
+
+	nodeName, nodeIPs, err := util.GetHostnameAndIPs(envInfo.NodeName, envInfo.NodeIP.Value())
+	if err != nil {
+		return nil, pkgerrors.WithMessage(err, "failed to get node name and addresses")
+	}
+
 	// If the supervisor and externally-facing apiserver are not on the same port, tell the proxy where to find the apiserver.
 	if controlConfig.SupervisorPort != controlConfig.HTTPSPort {
-		isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(envInfo.NodeIP.Value())))
-		if err := proxy.SetAPIServerPort(controlConfig.HTTPSPort, isIPv6); err != nil {
+		if err := proxy.SetAPIServerPort(controlConfig.HTTPSPort, utilsnet.IsIPv6(nodeIPs[0])); err != nil {
 			return nil, pkgerrors.WithMessagef(err, "failed to set apiserver port to %d", controlConfig.HTTPSPort)
 		}
 	}
@@ -499,11 +504,6 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
 	newNodePasswordFile := filepath.Join(nodeConfigPath, "password")
 	upgradeOldNodePasswordPath(oldNodePasswordFile, newNodePasswordFile)
 
-	nodeName, nodeIPs, err := util.GetHostnameAndIPs(envInfo.NodeName, envInfo.NodeIP.Value())
-	if err != nil {
-		return nil, err
-	}
-
 	// If there is a VPN, we must overwrite NodeIP and flannel interface
 	var vpnInfo vpn.VPNInfo
 	if envInfo.VPNAuth != "" {

pkg/agent/loadbalancer/loadbalancer.go

@@ -2,15 +2,16 @@ package loadbalancer
 
 import (
 	"context"
-	"fmt"
 	"net"
 	"net/url"
 	"os"
 	"path/filepath"
+	"strconv"
 	"strings"
 	"time"
 
 	"github.com/inetaf/tcpproxy"
+	"github.com/k3s-io/k3s/pkg/util"
 	"github.com/k3s-io/k3s/pkg/util/metrics"
 	"github.com/k3s-io/k3s/pkg/version"
 	"github.com/sirupsen/logrus"
@@ -40,14 +41,11 @@ var (
 // New contstructs a new LoadBalancer instance. The default server URL, and
 // currently active servers, are stored in a file within the dataDir.
 func New(ctx context.Context, dataDir, serviceName, defaultServerURL string, lbServerPort int, isIPv6 bool) (_lb *LoadBalancer, _err error) {
-	config := net.ListenConfig{Control: reusePort}
-	var localAddress string
+	bindAddress := "127.0.0.1"
 	if isIPv6 {
-		localAddress = fmt.Sprintf("[::1]:%d", lbServerPort)
-	} else {
-		localAddress = fmt.Sprintf("127.0.0.1:%d", lbServerPort)
+		bindAddress = "::1"
 	}
-	listener, err := config.Listen(ctx, "tcp", localAddress)
+	listener, err := util.ListenWithLoopback(ctx, bindAddress, strconv.Itoa(lbServerPort))
 	defer func() {
 		if _err != nil {
 			logrus.Warnf("Error starting load balancer: %s", _err)
@@ -67,11 +65,11 @@ func New(ctx context.Context, dataDir, serviceName, defaultServerURL string, lbS
 
 	// Set explicit port from scheme
 	if serverURL.Port() == "" {
-		if strings.ToLower(serverURL.Scheme) == "http" {
-			serverURL.Host += ":80"
-		}
-		if strings.ToLower(serverURL.Scheme) == "https" {
-			serverURL.Host += ":443"
+		switch strings.ToLower(serverURL.Scheme) {
+		case "http":
+			serverURL.Host = net.JoinHostPort(serverURL.Hostname(), "80")
+		case "https":
+			serverURL.Host = net.JoinHostPort(serverURL.Hostname(), "443")
 		}
 	}
 

pkg/agent/run.go

@@ -339,9 +339,13 @@ func createProxyAndValidateToken(ctx context.Context, cfg *cmds.Agent) (proxy.Pr
 	if err := os.MkdirAll(agentDir, 0700); err != nil {
 		return nil, err
 	}
-	isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(cfg.NodeIP.Value())))
 
-	proxy, err := proxy.NewSupervisorProxy(ctx, !cfg.DisableLoadBalancer, agentDir, cfg.ServerURL, cfg.LBServerPort, isIPv6)
+	_, nodeIPs, err := util.GetHostnameAndIPs(cfg.NodeName, cfg.NodeIP.Value())
+	if err != nil {
+		return nil, pkgerrors.WithMessage(err, "failed to get node name and addresses")
+	}
+
+	proxy, err := proxy.NewSupervisorProxy(ctx, !cfg.DisableLoadBalancer, agentDir, cfg.ServerURL, cfg.LBServerPort, utilsnet.IsIPv6(nodeIPs[0]))
 	if err != nil {
 		return nil, err
 	}

pkg/cluster/cluster.go

@@ -2,16 +2,19 @@ package cluster
 
 import (
 	"context"
+	"net"
 	"net/url"
 	"strings"
 	"time"
 
+	"github.com/k3s-io/k3s/pkg/cli/cmds"
 	"github.com/k3s-io/k3s/pkg/clientaccess"
 	"github.com/k3s-io/k3s/pkg/cluster/managed"
 	"github.com/k3s-io/k3s/pkg/daemons/config"
 	"github.com/k3s-io/k3s/pkg/daemons/executor"
 	"github.com/k3s-io/k3s/pkg/etcd"
 	"github.com/k3s-io/k3s/pkg/metrics"
+	"github.com/k3s-io/k3s/pkg/util"
 	"github.com/k3s-io/kine/pkg/endpoint"
 	pkgerrors "github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -116,8 +119,13 @@ func (c *Cluster) startEtcdProxy(ctx context.Context) error {
 	if err != nil {
 		return err
 	}
-	defaultURL.Host = defaultURL.Hostname() + ":2379"
-	etcdProxy, err := etcd.NewETCDProxy(ctx, c.config.SupervisorPort, c.config.DataDir, defaultURL.String(), utilsnet.IsIPv6CIDR(c.config.ServiceIPRanges[0]))
+	_, nodeIPs, err := util.GetHostnameAndIPs(cmds.AgentConfig.NodeName, cmds.AgentConfig.NodeIP.Value())
+	if err != nil {
+		pkgerrors.WithMessage(err, "failed to get node name and addresses")
+	}
+
+	defaultURL.Host = net.JoinHostPort(defaultURL.Hostname(), "2379")
+	etcdProxy, err := etcd.NewETCDProxy(ctx, c.config.SupervisorPort, c.config.DataDir, defaultURL.String(), utilsnet.IsIPv6(nodeIPs[0]))
 	if err != nil {
 		return err
 	}

pkg/daemons/agent/agent.go

@@ -163,8 +163,7 @@ func writeKubeletConfig(path string, config *kubeletconfig.KubeletConfiguration)
 
 func defaultKubeletConfig(cfg *daemonconfig.Agent) (*kubeletconfig.KubeletConfiguration, error) {
 	bindAddress := "127.0.0.1"
-	isIPv6 := utilsnet.IsIPv6(net.ParseIP([]string{cfg.NodeIP}[0]))
-	if isIPv6 {
+	if utilsnet.IsIPv6(net.ParseIP([]string{cfg.NodeIP}[0])) {
 		bindAddress = "::1"
 	}