fuwafuwalabs/k6u
3
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
Kubernetes operator for assisting with dynamic IPv6 prefixes.
63 commits 1 branch 3 tags 200 KiB
Find a file
Exact
Renovate Bot 70de705d8f
All checks were successful
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/cron/build Pipeline was successful
Details
chore(deps): update docker.io/library/rust:1.91.1-alpine docker digest to fbcca3e
2025-11-11 01:16:03 +00:00
.woodpecker chore(deps): update woodpeckerci/plugin-kaniko docker tag to v2.1.1 2025-11-08 20:32:44 +00:00
src Split out try update to own function 2025-04-25 19:38:17 -04:00
.gitignore v0.1.0 2025-04-25 19:32:10 -04:00
Cargo.lock Update to kube v2, k8s-openapi 0.26.0, kube-leader-election 0.42.0 2025-11-08 14:59:35 -05:00
Cargo.toml v0.2.0 2025-11-08 14:59:52 -05:00
Containerfile chore(deps): update docker.io/library/rust:1.91.1-alpine docker digest to fbcca3e 2025-11-11 01:16:03 +00:00
LICENSE.md Add license 2025-04-27 13:20:56 -04:00
Makefile Use fuwafuwalabs project for container 2025-06-27 11:19:01 -04:00
README.md Add readme 2025-04-27 13:22:56 -04:00
renovate.json chore(config): migrate renovate config 2025-09-18 17:04:41 -04:00

README.md

k6u

k6u (k8s IPv6Updater) is a Kubernetes operator for assisting with CiliumNetworkPolicy management when using dual-stack networking under the mercy of an internet service provider who refuses to give you a static IPv6 prefix.

How?

Deploy the operator to your cluster as a DaemonSet:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    app.kubernetes.io/name: k6u
  name: k6u
  namespace: kube-system
spec:
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/name: k6u
  template:
    metadata:
      labels:
        app.kubernetes.io/name: k6u
    spec:
      containers:
      - env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: spec.nodeName
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: RUST_LOG
          value: info
        - name: UPDATE_INTERVAL
          value: "10"
        image: registry.fuwafuwatime.moe/concord/k6u:latest
        imagePullPolicy: Always
        name: k6u
        resources:
          limits:
            cpu: 8m
            memory: 16Mi
          requests:
            cpu: 4m
            memory: 8Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          readOnlyRootFilesystem: true
          runAsGroup: 1000
          runAsNonRoot: true
          runAsUser: 1000
          seccompProfile:
            type: RuntimeDefault
      dnsPolicy: ClusterFirst
      hostNetwork: true
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: k6u
      serviceAccountName: k6u
      terminationGracePeriodSeconds: 30
  updateStrategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate

When it starts, it will automatically deploy the CRDs. Then, create a corresponding IP6UpdateConfig:

apiVersion: apps.fuwafuwatime.moe/v1
kind: IP6UpdateConfig
metadata:
  name: ip6-update-config
spec:
  delegatedPrefixLength: 60
  ciliumCIDRGroups:
  - ciliumCIDRGroupName: ip6-local-lan
    prefixIds:
    - 0
    - 1
    - 2

Set your spec.delegatedPrefixLength to the size of your delegated prefix. Then, add a mapping to your spec.ciliumCIDRGroups with a ciliumCIDRGroupName that matches the name of a CiliumCIDRGroup you'd like to update, and prefixIds to the prefix IDs you'd like to add to that CIDR group. Note that the entire CiliumCIDRGroup's externalCIDRs will be overwritten.

Finally, for each node in your cluster where the DaemonSet runs, create a corresponding IP6UpdateNodeConfig:

apiVersion: apps.fuwafuwatime.moe/v1
kind: IP6UpdateNodeConfig
metadata:
  name: ip6-update-node1
spec:
  nodeSelector:
    kubernetes.io/hostname: node1.example.com
  interface: eth0

Set the spec.nodeSelector to match the node this applies to, and set the spec.interface to match the name of a network interface to monitor for the IPv6 prefix.

After that, you should see your CiliumCIDRGroup update automatically.

License

See LICENSE.md.