kubeadm doesn't check address families are consistent

[NeilW]

BUG REPORT

Versions

kubeadm version (use kubeadm version):
kubeadm version: &version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.0", GitCommit:"91e7b4fd31fcd3d5f436da26c980becec37ceefe", GitTreeState:"clean", BuildDate:"2018-06-27T20:14:41Z", GoVersion:"go1.10.2", Compiler:"gc", Platform:"linux/amd64"}
Environment:

• Kubernetes version (use kubectl version):
  Client Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.0", GitCommit:"91e7b4fd31fcd3d5f436da26c980becec37ceefe", GitTreeState:"clean", BuildDate:"2018-06-27T20:17:28Z", GoVersion:"go1.10.2", Compiler:"gc", Platform:"linux/amd64"}
  Server Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.0", GitCommit:"91e7b4fd31fcd3d5f436da26c980becec37ceefe", GitTreeState:"clean", BuildDate:"2018-06-27T20:08:34Z", GoVersion:"go1.10.2", Compiler:"gc", Platform:"linux/amd64"}
• Cloud provider or hardware configuration:
  brightbox
• OS (e.g. from /etc/os-release):
  Ubuntu LTS 18.04
• Kernel (e.g. uname -a):
  Linux srv-jlhyq 4.15.0-23-generic Updating kubeadm manifests #25-Ubuntu SMP Wed May 23 18:02:16 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
• Others:
  containerd github.com/containerd/containerd v1.1.2 468a545b9edcd5932818eb9de8e72413e616e86e

What happened?

kube-proxy fails with incorrect IP address family version when using an IPv6 serviceSubnet

E0720 13:06:37.024035       1 utils.go:138] fd8d:726f:29fb::ea28:367f:1 in clusterIP has incorrect IP version (service default/kubernetes).
E0720 13:06:37.024065       1 utils.go:138] fd8d:726f:29fb::ea28:367f:a in clusterIP has incorrect IP version (service kube-system/kube-dns).

What you expected to happen?

The default IP addresses and bind addresses selected should be consistent with the configuration given by the user, or an error issued.

How to reproduce it (as minimally and precisely as possible)?

apiVersion: kubeadm.k8s.io/v1alpha2
kind: MasterConfiguration
clusterName: kubernetes
networking:
  dnsDomain: cluster.local
  serviceSubnet: fd8d:726f:29fb::ea28:367f:0/112
kubernetesVersion: v1.11.0
apiServerExtraArgs:
  cloud-provider: external
controllerManagerExtraArgs:
  cloud-provider: external
nodeRegistration:
  criSocket: /var/run/containerd/containerd.sock

kubeadm init --config kubeadm.conf with the above config

Anything else we need to know?

The default address selection mechanism used by kubeadm favours IPv4 addresses, and that api address is used to determine the kube-proxy bind addresses - regardless of other address settings in the config. Given the move to dual-stack the default bind address should likely be '::' all the time unless IPv6 is turned off on the server/interface.

[timothysc]

/cc @kad

[kad]

/assign

[ashwanikhemani]

Is anyone working on this? If not, I would like to work on this.

[neolit123]

@ashwanikhemani
sure, go ahead!

/lifecycle active

[neolit123]

ticket seems inactive.

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[neolit123]

with the dual-stack support in k8s and kubeadm this space is changing.

Given the move to dual-stack the default bind address should likely be '::' all the time unless IPv6 is turned off on the server/interface.

i'm pretty sure this should work in 1.14+.
see https://github.com/kubernetes/kubernetes/blob/release-1.14/cmd/kubeadm/app/util/config/initconfiguration.go#L134-L139

please re-open if needed.