Configure IPVS¶
MKE supports the setting of values for all IPVS related parameters that are exposed by kube-proxy.
Kube-proxy runs on each cluster node, its role being to load-balance traffic whose destination is services (via cluster IPs and node ports) to the correct backend pods. Of the modes in which kube-proxy can run, IPVS (IP Virtual Server) offers the widest choice of load balancing algorithms and superior scalability.
Refer to the Calico documentation, Comparing kube-proxy modes: iptables or IPVS? for detailed information on IPVS.
Caution
You can only enable IPVS for MKE at installation, and it persists throughout the life of the cluster. Thus, you cannot switch to iptables at a later stage or switch over existing MKE clusters to use IPVS proxier.
MKE supports setting values for all IPVS-related parameters. For full parameter details, refer to the Kubernetes documentation for kube-proxy.
Use the kube-proxy-mode parameter at install time to enable IPVS proxier. The
two valid values are iptables
(default) and ipvs
.
You can specify the following ipvs parameters for kube-proxy:
ipvs_exclude_cidrs
ipvs_min_sync_period
ipvs_scheduler
ipvs_strict_arp = false
ipvs_sync_period
ipvs_tcp_timeout
ipvs_tcpfin_timeout
ipvs_udp_timeout
To set these values at the time of bootstrap/installation:
Add the required values under [cluster_config] in a TOML file (for example,
config.toml
).Create a config named
com.docker.ucp.config
from this TOML file:docker config create com.docker.ucp.config config.toml
Use the
--existing-config
parameter when installing MKE. You can also change these values post-install using theMKE-s ucp/config-toml
endpoint.
Caution
If you are using MKE 3.3.x with IPVS proxier and plan to upgrade to MKE 3.4.x, you must upgrade to MKE 3.4.3 or later as earlier versions of MKE 3.4.x do not support IPVS proxier.