Apr 16, 2024

Change the CIDR for Running Kubernetes

cgxxv

kubernetescidr

276 Words | 1 Minute, 15 Seconds

2024-04-16 10:31 +0800

First of first

This operation will lead the kube cluster unavailable for some minutes. Take care.

Releated files and kube objects

  1. /etc/kubernetes/manifest/kube-apiserver.yaml
  2. kubectl -n kube-system edit svc/kube-dns
  3. /var/lib/kubelet/config.yaml
  4. kubectl -n kube-system edit cm kubelet-config

Update kube-apiserver manifest

# vim /etc/kubernetes/manifests/kube-apiserver.yaml
...
spec:
  containers:
  - command:
    - kube-apiserver
...
    - --service-account-signing-key-file=/etc/kubernetes/pki/sa.key
    - --service-cluster-ip-range=100.96.0.0/12   # Change
    - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
...

Edit kube-dns service

# kubectl -n kube-system edit svc kube-dns
...
# in the service YAML, modify the 'strategy'. save and quit to apply the changes!
spec:
  clusterIP: 100.96.0.10 # Change
  clusterIPs:
  - 100.96.0.10 # Change
  internalTrafficPolicy: Cluster
...

Replace kube-dns

kubectl replace -f /tmp/kubectl-edit-3485293250.yaml --force 

# see the new IP address given to the service
kubectl -n kube-system get svc

controlplane $ kubectl -n kube-system get svc
NAME       TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)                  AGE
kube-dns   ClusterIP   100.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   6s

Update kubelet config

# vim /var/lib/kubelet/config.yaml 
# within the config.yaml file, change the clusterDNS value to 100.96.0.10
...
cgroupDriver: systemd
clusterDNS:
- 100.96.0.10 # Change
clusterDomain: cluster.local
...

Update kubelet-config configmap

# kubectl -n kube-system edit cm kubelet-config
# in the kubelet configMap, change the value for clusterDNS to 100.96.0.10
...
data:
  kubelet: |
...
    cgroupDriver: systemd
    clusterDNS:
    - 100.96.0.10 # Change
    clusterDomain: cluster.local
...

Update configmap, kubelet service

# apply the update to the kubelet configuration immediately on the node
kubeadm upgrade node phase kubelet-config
systemctl daemon-reload
systemctl restart kubelet

Verifing

# start a pod named 'netshoot' using the image 'nicolaka/netshoot' ensuring that the pod stays in a running state.
kubectl run netshoot --image=nicolaka/netshoot --command sleep --command "3600"

# login the checking pod container
kubectl exec netshoot -it -- /bin/bash

# cat the /etc/resolv.conf
cat /etc/resolv.conf

nslookup kubernetes.default

See Also