Don't autodetect CPLB IP as host private address#1101
Merged
Conversation
twz123
reviewed
Jun 16, 2026
There was a problem hiding this comment.
Pull request overview
This PR addresses issue #1100 where, with Control Plane Load Balancing (Keepalived/VRRP) enabled, k0sctl may autodetect a CPLB VIP as a host’s private address during the “Gather host facts” phase, leading to incorrect kubelet --node-ip and subsequent failures on re-apply.
Changes:
- Prevents assigning an autodetected private address when it matches a CPLB IP from the embedded k0s config.
- Adds unit tests covering CPLB-IP detection and the updated private-address selection behavior.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
phase/gather_facts.go |
Adds CPLB IP detection (isCPLBIP) and uses it to avoid setting a VIP as the host private address. |
phase/gather_facts_test.go |
Introduces tests for isCPLBIP and for GatherFacts.investigateHost private-address behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
kke
force-pushed
the
dont-autodetect-cplb-vip
branch
from
65c5c87 to
b958e32
Compare
kke
force-pushed
the
dont-autodetect-cplb-vip
branch
from
b958e32 to
3d7c5a1
Compare
kke
force-pushed
the
dont-autodetect-cplb-vip
branch
from
3d7c5a1 to
9594515
Compare
kke
force-pushed
the
dont-autodetect-cplb-vip
branch
from
9594515 to
2352109
Compare
When CPLB is enabled, k0sctl may detect VRRP VIPs as node private address. This commit checks for the match and skips setting the private address if it is one of the CPLB IPs. Fixes k0sproject#1100 Signed-off-by: dshishliannikov <dshishliannikov@mirantis.com> Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
VRRPInstances is a list in k0s config, not a mapping. The previous struct definition caused yaml.Unmarshal to silently fail, so VRRP VIPs were never detected and the CPLB IP check was effectively broken. Fix by making VRRPInstances a slice and iterating over all instances when checking VIPs. Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
Address review feedback on the CPLB private-address detection: - Move the duplicated k0sCPLBConfig struct and parsing into a single shared helper in the cluster package (Spec.CPLBVIPs / cplbConfig), reused by both clusterExternalAddress and gather facts. The two structs had already diverged (the cluster one lacked vrrpInstances). - Precompute the CPLB VIP set once per GatherFacts.Run instead of marshalling/unmarshalling the full k0s config for every host. - Log a debug message when an autodetected private address is skipped because it matches a CPLB VIP, so an empty PrivateAddress is explainable. - Migrate the matching-semantics tests to TestCPLBVIPs in the cluster package. Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
linux.Ubuntu already embeds configurer.Linux (via linux.Debian) and satisfies configurer.Configurer on its own, so embedding cfg.Linux alongside it was redundant. Embed only linux.Ubuntu and drop the now unused configurer import. Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
Move the CPLB VIP set precomputation out of Run and into a Prepare override, which is the idiomatic place for deriving per-phase state from the config. The manager calls Prepare before Run, so the set is ready by the time investigateHost runs. Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
Cluster.Spec is a pointer and can be nil when a Cluster is constructed programmatically or partially decoded. Calling CPLBVIPs on a nil Spec would panic, so only precompute the VIP set when a spec is present; a nil cplbVIPs map is safe to read from. Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
kke
force-pushed
the
dont-autodetect-cplb-vip
branch
from
2352109 to
0f87724
Compare
kke
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When CPLB is enabled, k0sctl may detect VRRP VIPs
as node private address. This commit checks for
the match and skips setting the private address
if it is one of the CPLB IPs.
Fixes #1100