Merge pull request #54437 from danehans/kubeadm_dns_bindaddr

Automatic merge from submit-queue (batch tested with PRs 54437, 54714, 54720). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Adds support for v4/v6 loopback dns bind address. **What this PR does / why we need it**: Previously, IPv4 Loopback addresses (127.0.0.1) were hard coded into the kubeadm dns deployment manifest. This PR adds support for using an IPv6 Loopback (::1) when the kube-dns Service IP is an IPv6 address. **Special notes for your reviewer**: Required for IPv6-only deployments. **Release note**: ```NONE ``` /area ipv6 /sig network
2025-07-30 06:54:01 +00:00 · 2017-10-27 16:51:21 -07:00 · 2017-10-27 16:51:21 -07:00 · 481323c876
commit 481323c876
parent 68b9fa2b89 d4f2fbc39a
3 changed files with 31 additions and 21 deletions
--- a/cmd/kubeadm/app/phases/addons/dns/dns.go
+++ b/cmd/kubeadm/app/phases/addons/dns/dns.go
@ -51,26 +51,35 @@ func EnsureDNSAddon(cfg *kubeadmapi.MasterConfiguration, client clientset.Interf
 		return err
 	}

-	// Get the YAML manifest conditionally based on the k8s version
-	kubeDNSDeploymentBytes := GetKubeDNSManifest(k8sVersion)
-	dnsDeploymentBytes, err := kubeadmutil.ParseTemplate(kubeDNSDeploymentBytes, struct{ ImageRepository, Arch, Version, DNSDomain, DNSProbeType, MasterTaintKey string }{
-		ImageRepository: cfg.ImageRepository,
-		Arch:            runtime.GOARCH,
-		// Get the kube-dns version conditionally based on the k8s version
-		Version:        GetKubeDNSVersion(k8sVersion),
-		DNSDomain:      cfg.Networking.DNSDomain,
-		DNSProbeType:   GetKubeDNSProbeType(k8sVersion),
-		MasterTaintKey: kubeadmconstants.LabelNodeRoleMaster,
-	})
-	if err != nil {
-		return fmt.Errorf("error when parsing kube-dns deployment template: %v", err)
-	}
-
 	dnsip, err := getDNSIP(client)
 	if err != nil {
 		return err
 	}

+	var dnsBindAddr string
+	if dnsip.To16() != nil {
+		dnsBindAddr = "::1"
+	} else {
+		dnsBindAddr = "127.0.0.1"
+	}
+
+	// Get the YAML manifest conditionally based on the k8s version
+	kubeDNSDeploymentBytes := GetKubeDNSManifest(k8sVersion)
+	dnsDeploymentBytes, err := kubeadmutil.ParseTemplate(kubeDNSDeploymentBytes,
+		struct{ ImageRepository, Arch, Version, DNSBindAddr, DNSDomain, DNSProbeType, MasterTaintKey string }{
+			ImageRepository: cfg.ImageRepository,
+			Arch:            runtime.GOARCH,
+			// Get the kube-dns version conditionally based on the k8s version
+			Version:        GetKubeDNSVersion(k8sVersion),
+			DNSBindAddr:    dnsBindAddr,
+			DNSDomain:      cfg.Networking.DNSDomain,
+			DNSProbeType:   GetKubeDNSProbeType(k8sVersion),
+			MasterTaintKey: kubeadmconstants.LabelNodeRoleMaster,
+		})
+	if err != nil {
+		return fmt.Errorf("error when parsing kube-dns deployment template: %v", err)
+	}
+
 	dnsServiceBytes, err := kubeadmutil.ParseTemplate(KubeDNSService, struct{ DNSIP string }{
 		DNSIP: dnsip.String(),
 	})
--- a/cmd/kubeadm/app/phases/addons/dns/dns_test.go
+++ b/cmd/kubeadm/app/phases/addons/dns/dns_test.go
@ -91,10 +91,11 @@ func TestCompileManifests(t *testing.T) {
 	}{
 		{
 			manifest: v180AndAboveKubeDNSDeployment,
-			data: struct{ ImageRepository, Arch, Version, DNSDomain, DNSProbeType, MasterTaintKey string }{
+			data: struct{ ImageRepository, Arch, Version, DNSBindAddr, DNSDomain, DNSProbeType, MasterTaintKey string }{
 				ImageRepository: "foo",
 				Arch:            "foo",
 				Version:         "foo",
+				DNSBindAddr:     "foo",
 				DNSDomain:       "foo",
 				DNSProbeType:    "foo",
 				MasterTaintKey:  "foo",
--- a/cmd/kubeadm/app/phases/addons/dns/manifests.go
+++ b/cmd/kubeadm/app/phases/addons/dns/manifests.go
@ -123,9 +123,9 @@ spec:
        - --cache-size=1000
        - --no-negcache
        - --log-facility=-
-        - --server=/{{ .DNSDomain }}/127.0.0.1#10053
-        - --server=/in-addr.arpa/127.0.0.1#10053
-        - --server=/ip6.arpa/127.0.0.1#10053
+        - --server=/{{ .DNSDomain }}/{{ .DNSBindAddr }}#10053
+        - --server=/in-addr.arpa/{{ .DNSBindAddr }}#10053
+        - --server=/ip6.arpa/{{ .DNSBindAddr }}#10053
        ports:
        - containerPort: 53
          name: dns
@ -156,8 +156,8 @@ spec:
        args:
        - --v=2
        - --logtostderr
-        - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.{{ .DNSDomain }},5,{{ .DNSProbeType }}
-        - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.{{ .DNSDomain }},5,{{ .DNSProbeType }}
+        - --probe=kubedns,{{ .DNSBindAddr }}:10053,kubernetes.default.svc.{{ .DNSDomain }},5,{{ .DNSProbeType }}
+        - --probe=dnsmasq,{{ .DNSBindAddr }}:53,kubernetes.default.svc.{{ .DNSDomain }},5,{{ .DNSProbeType }}
        ports:
        - containerPort: 10054
          name: metrics