Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support ipv6 for kubernetes #1071

Merged
merged 1 commit into from
Sep 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
- add metrics dashboard

### Changed
- add support for IPv6 polling and traps for kubernetes deployment

### Fixed

Expand Down
11 changes: 11 additions & 0 deletions charts/splunk-connect-for-snmp/templates/traps/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -84,10 +84,21 @@ spec:
secretKeyRef:
name: {{ include "splunk-connect-for-snmp.name" . }}-splunk
key: hec_token
- name: IPv6_ENABLED
{{- if has "IPv6" .Values.traps.ipFamilies}}
value: "true"
{{ else }}
value: "false"
{{- end }}
ports:
- name: snmp-udp
containerPort: 2162
protocol: UDP
{{- if has "IPv6" .Values.traps.ipFamilies}}
- name: snmp-udp6
containerPort: 2163
protocol: UDP
{{- end }}
volumeMounts:
- name: config
mountPath: "/app/config"
Expand Down
13 changes: 12 additions & 1 deletion charts/splunk-connect-for-snmp/templates/traps/service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ metadata:
annotations:
{{- if .Values.traps.service.usemetallb }}
metallb.universe.tf/allow-shared-ip: {{ .Values.traps.service.metallbsharingkey | default "splunk-connect" | quote }}
metallb.universe.tf/loadBalancerIPs: {{ .Values.traps.loadBalancerIP }}
{{- end }}
{{- if .Values.traps.service.annotations }}
{{ toYaml .Values.traps.service.annotations | indent 4 }}
Expand All @@ -20,7 +21,8 @@ spec:
type: {{ .Values.traps.service.type }}
externalTrafficPolicy: {{ .Values.traps.service.externalTrafficPolicy | default "Local" }}
{{- if .Values.traps.loadBalancerIP }}
loadBalancerIP: {{ .Values.traps.loadBalancerIP }}
ipFamilyPolicy: {{ .Values.traps.ipFamilyPolicy }}
ipFamilies: {{ .Values.traps.ipFamilies | toYaml | nindent 2 }}
{{- end }}
ports:
- port: {{ .Values.traps.service.port }}
Expand All @@ -30,6 +32,15 @@ spec:
targetPort: 2162
protocol: UDP
name: snmp-udp
{{- if has "IPv6" .Values.traps.ipFamilies}}
- port: {{ .Values.traps.service.ipv6Port | default 2163}}
{{- if and .Values.traps.service.nodePort (eq .Values.traps.service.type "NodePort")}}
nodePort: {{ .Values.traps.service.ipv6NodePort | default 30003 }}
{{- end }}
targetPort: 2163
protocol: UDP
name: snmp-udp6
{{- end }}
selector:
{{- include "splunk-connect-for-snmp.traps.selectorLabels" . | nindent 4 }}
{{- end -}}
12 changes: 12 additions & 0 deletions charts/splunk-connect-for-snmp/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -719,12 +719,24 @@
},
"nodePort": {
"type": "integer"
},
"ipv6Port": {
"type": "integer"
},
"ipv6NodePort": {
"type": "integer"
}
}
},
"loadBalancerIP": {
"type": "string"
},
"ipFamilyPolicy": {
"type": "string"
},
"ipFamilies": {
"type": "array"
},
"resources": {
"type": "object",
"additionalProperties": false,
Expand Down
6 changes: 6 additions & 0 deletions charts/splunk-connect-for-snmp/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -425,13 +425,19 @@ traps:
# on a multi-node it's better to set this as NodePort and configure traps.service.nodePort
type: LoadBalancer
port: 162
# ipv6Port: 2163

# nodePort will be set only when type of service is a NodePort
#nodePort: 30000
#ipv6NodePort: 30003

#loadBalancerIP must be set to the IP address in the metallb pool.
#It is required when service type is set to LoadBalancer.
#loadBalancerIP: 18.117.100.37
loadBalancerIP: ""
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4

resources: {}
# limits:
Expand Down
7 changes: 7 additions & 0 deletions docs/configuration/trap-configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,13 @@ See the following example:
traps:
loadBalancerIP: 10.202.4.202
```
If you have enabled the Ipv6 you need to pass IP addresses for both IPv4 and IPv6.
See the following example:

```yaml
traps:
loadBalancerIP: 10.202.4.202,2001:0DB8:AC10:FE01:0000:0000:0000:0001
```

If you want to use the SC4SNMP trap receiver in K8S cluster, configure `NodePort` instead. Use the following configuration:

Expand Down
8 changes: 6 additions & 2 deletions docs/configuration/values-params-description.md
Original file line number Diff line number Diff line change
Expand Up @@ -161,10 +161,14 @@ Detailed documentation about configuring traps can be found in [Traps](../config
| `service.usemetallb` | Enables using metallb | `true` |
| `service.metallbsharingkey` | Sets metallb.universe.tf/allow-shared-ip annotation in trap service | `splunk-connect` |
| `service.type` | [Kubernetes documentation](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | `LoadBalancer` |
| `service.port` | Port of the service to use | `162` |
| `service.port` | Port of the service to use for IPv4 | `162` |
| `service.nodePort` | Port when the `service.type` is `nodePort` | `30000` |
| `service.externalTrafficPolicy` | Controls how Kubernetes routes traffic | `Local` |
| `loadBalancerIP` | Sets loadBalancer IP address in the metallb pool | |
| `service.ipv6Port` | Port of the service to use for IPv6 | `162` |
| `service.ipv6NodePort` | Port when the `service.type` is `nodePort` and IPv6 is enabled | `2163` |
| `loadBalancerIP` | Sets loadBalancer IP address in the metallb pool | `30001` |
| `ipFamilyPolicy` | Specifies if the service is dual stack or single stack | `SingleStack` |
| `ipFamilies` | Defines the address families used for chosen `ipFamilyPolicy` | `IPv4` |
| `resources` | CPU and memory limits and requests for pod | |
| `autoscaling.enabled` | Enables autoscaling for pods | `false` |
| `autoscaling.minReplicas` | Minimum number of running pods when autoscaling is enabled | `1` |
Expand Down
65 changes: 65 additions & 0 deletions docs/gettingstarted/enable-ipv6.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# Enabling IPv6 for SC4SNMP

Default installation of SC4SNMP does not support polling or receiving trap notifications from IPv6 addresses. To enable IPv6, follow instruction below.

## Microk8s
To configure dual-stack network on microk8s follow instructions at [Microk8s page](https://microk8s.io/docs/how-to-dual-stack).
After completing the steps, you can follow the instruction at [Microk8s installation on Ubuntu](mk8s/k8s-microk8s.md#microk8s-installation-on-ubuntu)
to install microk8s.

## Calico
The default CNI used for microk8s is Calico. For pods to be able to reach internet over IPv6, you need to enable
the `natOutgoing` parameter in ipv6 ip pool configuration from calico.
To set it create the yaml file with the following content:
```
# calico-ippool.yaml
---
apiVersion: crd.projectcalico.org/v1
kind: IPPool
metadata:
name: default-ipv6-ippool
spec:
natOutgoing: true
```
You can check with command `microk8s kubectl get ippools -n kube-system` the default name of the ip pool for IPv6. If it differs from `default-ipv6-ippool` you need to change the name in the yaml file.
Then apply the configuration with the following command:
```
microk8s kubectl apply -f calico-ippool.yaml
```

After those changes you can restart the microk8s fot the changes to be applied with the following commands:
```
microk8s stop
microk8s start
```

## Metallb
As of version `1.30` of microk8s, Metallb add-on does not support passing the IPv6 addresses in enable command. To
add the IPv6 addresses to your Metallb configuration, you can prepare the yaml file with configuration like below:
```
# addresspool.yaml
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: default-addresspool
namespace: metallb-system
spec:
addresses:
- 1.1.1.1/32
- 2001:0db8:ac10:fe01:0000:0000:0000:0001/128
```
You can check with command `microk8s kubectl get ipaddresspool -n metallb-system` the default name of the ip address pool created in metallb. If it differs from `default-addresspool` you need to change the name in the yaml file.
You can add the single ip or subnets for both IPv4 and IPv6 under `spec.addresses` section. After preparing the yaml file, apply the configuration with the following command:
```
microk8s kubectl apply -f addresspool.yaml
```

## SC4SNMP
To configure traps to receive notification from IPv4 and IPv6 addresses, you need to add the following configuration to the `values.yaml` file:
```
traps:
ipFamilyPolicy: RequireDualStack
ipFamilies: ["IPv4", "IPv6"]
```
Default trap port for notifications for IPv6 is `2163`. You can change it to any other port if needed with `traps.service.ipv6Port` parameter.
5 changes: 5 additions & 0 deletions docs/gettingstarted/mk8s/k8s-microk8s.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,11 @@ Three node minimum per node:
The following quick start guidance is based on Ubuntu 20.04LTS with MicroK8s and internet access. See other deployment options
in the MicroK8s [documentation](https://microk8s.io/docs), including offline and with proxy.

## Enabling IPv6

If you plan to poll or receive trap notifications from IPv6 addresses, firstly check the instructions for [enabling
IPv6](../enable-ipv6.md).

## Install MicroK8s using Snap

```bash
Expand Down
1 change: 1 addition & 0 deletions mkdocs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ nav:
- Platform Microk8s: "gettingstarted/mk8s/k8s-microk8s.md"
- Install Splunk OpenTelemetry Collector for Kubernetes: "gettingstarted/sck-installation.md"
- Install SC4SNMP: "gettingstarted/sc4snmp-installation.md"
- Enable IPv6: "gettingstarted/enable-ipv6.md"
- Configuration:
- Deployment: "configuration/deployment-configuration.md"
- Configurable values: "configuration/values-params-description.md"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
value: "http://release-name-mibserver/standard.txt"
- name: LOG_LEVEL
value: INFO
- name: PYSNMP_DEBUG
value: ""
- name: SPLUNK_HEC_SCHEME
value: "https"
- name: SPLUNK_HEC_HOST
Expand All @@ -71,6 +73,8 @@ spec:
secretKeyRef:
name: splunk-connect-for-snmp-splunk
key: hec_token
- name: IPv6_ENABLED
value: "false"
ports:
- name: snmp-udp
containerPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@ metadata:
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/allow-shared-ip: "splunk-connect"
metallb.universe.tf/loadBalancerIPs: 10.202.6.213
ikheifets-splunk marked this conversation as resolved.
Show resolved Hide resolved

spec:
type: LoadBalancer
externalTrafficPolicy: Local
loadBalancerIP: 10.202.6.213
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports:
- port: 162
targetPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ spec:
value: "http://release-name-mibserver/standard.txt"
- name: LOG_LEVEL
value: INFO
- name: PYSNMP_DEBUG
value: ""
- name: SPLUNK_HEC_SCHEME
value: "https"
- name: SPLUNK_HEC_HOST
Expand All @@ -70,6 +72,8 @@ spec:
secretKeyRef:
name: splunk-connect-for-snmp-splunk
key: hec_token
- name: IPv6_ENABLED
value: "false"
ports:
- name: snmp-udp
containerPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@ metadata:
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/allow-shared-ip: "splunk-connect"
metallb.universe.tf/loadBalancerIPs: 10.202.6.213

spec:
type: LoadBalancer
externalTrafficPolicy: Local
loadBalancerIP: 10.202.6.213
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports:
- port: 162
targetPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ spec:
value: "http://release-name-mibserver/standard.txt"
- name: LOG_LEVEL
value: INFO
- name: PYSNMP_DEBUG
value: ""
- name: SPLUNK_HEC_SCHEME
value: "https"
- name: SPLUNK_HEC_HOST
Expand All @@ -70,6 +72,8 @@ spec:
secretKeyRef:
name: splunk-connect-for-snmp-splunk
key: hec_token
- name: IPv6_ENABLED
value: "false"
ports:
- name: snmp-udp
containerPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@ metadata:
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/allow-shared-ip: "splunk-connect"
metallb.universe.tf/loadBalancerIPs: 10.202.6.213

spec:
type: LoadBalancer
externalTrafficPolicy: Local
loadBalancerIP: 10.202.6.213
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports:
- port: 162
targetPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
value: "http://release-name-mibserver/standard.txt"
- name: LOG_LEVEL
value: INFO
- name: PYSNMP_DEBUG
value: ""
- name: SPLUNK_HEC_SCHEME
value: "https"
- name: SPLUNK_HEC_HOST
Expand All @@ -71,6 +73,8 @@ spec:
secretKeyRef:
name: splunk-connect-for-snmp-splunk
key: hec_token
- name: IPv6_ENABLED
value: "false"
ports:
- name: snmp-udp
containerPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@ metadata:
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/allow-shared-ip: "splunk-connect"
metallb.universe.tf/loadBalancerIPs: 10.202.6.213

spec:
type: LoadBalancer
externalTrafficPolicy: Local
loadBalancerIP: 10.202.6.213
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports:
- port: 162
targetPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
value: "http://release-name-mibserver/standard.txt"
- name: LOG_LEVEL
value: INFO
- name: PYSNMP_DEBUG
value: ""
- name: SPLUNK_HEC_SCHEME
value: "https"
- name: SPLUNK_HEC_HOST
Expand All @@ -71,6 +73,8 @@ spec:
secretKeyRef:
name: splunk-connect-for-snmp-splunk
key: hec_token
- name: IPv6_ENABLED
value: "false"
ports:
- name: snmp-udp
containerPort: 2162
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,14 @@ metadata:
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/allow-shared-ip: "splunk-connect"
metallb.universe.tf/loadBalancerIPs: 10.202.6.213

spec:
type: LoadBalancer
externalTrafficPolicy: Local
loadBalancerIP: 10.202.6.213
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports:
- port: 162
targetPort: 2162
Expand Down
Loading
Loading