feat(ipv6): add --disable-ipv6 flag for IPv4-only operation#142
feat(ipv6): add --disable-ipv6 flag for IPv4-only operation#142stevensbkang wants to merge 1 commit intodevelopfrom
Conversation
Introduces --disable-ipv6 (KUBESOLO_DISABLE_IPV6) to enforce IPv4-only operation: CoreDNS drops ip6.arpa reverse zones from the Corefile and kubelet registers with an explicit --node-ip to prevent IPv6 node address selection.
There was a problem hiding this comment.
Pull request overview
Adds an IPv4-only operating mode via a new --disable-ipv6 / KUBESOLO_DISABLE_IPV6 flag, plumbing the setting into runtime configuration and CoreDNS generation.
Changes:
- Introduces
--disable-ipv6flag and stores it intypes.Embedded. - Updates CoreDNS deployment to generate either dual-stack or IPv4-only Corefile (drops
ip6.arpawhen disabled). - Adds
--node-ipto kubelet args to influence node address selection.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
types/types.go |
Adds DisableIPv6 to embedded runtime config. |
internal/config/flags/flags.go |
Defines the new --disable-ipv6 / env var flag. |
cmd/kubesolo/main.go |
Wires flag into service state and embedded config; passes into CoreDNS deploy. |
pkg/components/coredns/coredns.go |
Extends CoreDNS deploy API to accept disable-IPv6 behavior. |
pkg/components/coredns/configuration.go |
Splits Corefile into IPv4-only vs dual-stack variants and selects by flag. |
pkg/kubernetes/kubelet/args.go |
Adds --node-ip argument to kubelet invocation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| command.SetArgs([]string{ | ||
| "--config", s.kubeletConfigFile, | ||
| "--hostname-override", s.nodeName, | ||
| "--node-ip", s.nodeIP, |
There was a problem hiding this comment.
--node-ip is now always set. This changes kubelet behavior even when --disable-ipv6 is not enabled and will break IPv6-only hosts (it will force 127.0.0.1 from GetNodeIP() when no IPv4 exists). Consider only adding --node-ip when the new disable-IPv6 mode is enabled (e.g., plumb DisableIPv6 into the kubelet service) or otherwise allow kubelet to auto-select the appropriate node IP in dual-stack/IPv6 setups.
| "--node-ip", s.nodeIP, |
| LocalStorageSharedPath = Application.Flag("local-storage-shared-path", "Path to the shared file system for the local storage. Defaults to empty string.").Envar("KUBESOLO_LOCAL_STORAGE_SHARED_PATH").Default("").String() | ||
| Debug = Application.Flag("debug", "Enable debug logging. Defaults to false.").Envar("KUBESOLO_DEBUG").Default("false").Bool() | ||
| PprofServer = Application.Flag("pprof-server", "Enable pprof server. Defaults to false.").Envar("KUBESOLO_PPROF_SERVER").Default("false").Bool() | ||
| DisableIPv6 = Application.Flag("disable-ipv6", "Disable IPv6 support. When set, CoreDNS will not serve ip6.arpa reverse zones and kubelet will register with an explicit IPv4 node address. Defaults to false.").Envar("KUBESOLO_DISABLE_IPV6").Default("false").Bool() |
There was a problem hiding this comment.
The flag help text says kubelet will only register with an explicit IPv4 node address when this flag is set, but the current kubelet args unconditionally set --node-ip. Either make kubelet’s --node-ip conditional on DisableIPv6, or adjust this description to match the actual behavior.
| @@ -33,7 +33,7 @@ func Deploy(adminKubeconfig string) error { | |||
| return fmt.Errorf("failed to create kubernetes client: %v", err) | |||
| } | |||
|
|
|||
| if err := createConfigMap(ctx, clientset); err != nil { | |||
| if err := createConfigMap(ctx, clientset, disableIPv6); err != nil { | |||
There was a problem hiding this comment.
Changing the exported coredns.Deploy signature to add a positional bool parameter is a breaking API change and the call site doesn’t self-document what true/false means. Consider using an options struct (e.g., Deploy(adminKubeconfig string, opts DeployOptions)) or a separate helper like DeployIPv4Only(...) to keep the API clearer and easier to extend without adding more boolean parameters.
Introduces
--disable-ipv6(KUBESOLO_DISABLE_IPV6) to enforce IPv4-only operation where CoreDNS drops ip6.arpa reverse zones from the Corefile and kubelet registers with an explicit --node-ip to prevent IPv6 node address selection.