It’d be nice to see kube-proxy IPVS mode work out of the box on the Akash providers.
Kube-proxy in IPTables mode process the connection sequentially which leads to computation complexity of 0(n), where n grows roughly in proportion to number of services and number of backend pods behind each service.
Kube-proxy in IPVS mode: The IPVS implementation uses a hash table managed by the kernel to establish the destination of a packet. kube-proxy’s connection processing in IPVS mode has a computational complexity of O(1), its connection processing performance will stay constant independent of the cluster size.
Currently, the cross-service communication (don’t mix with the DNS discovery! this is container X to service Y communication within same POD) does not work in the IPVS mode due to this line akash/builder.go at 7c39ea403433f7a4bc86a1b8c1539259926ee701 · ovrclk/akash · GitHub in the “akash-deployment-restrictions” network policy.
There might be another way to make it work though, one can try the
kubespray deployment with the
kube_proxy_mode toggle enabled and see if it gets to work that way.
I haven’t been digging this deeper, yet.
I have added the steps for switching the
kube-proxy to use the
IPVS mode in the existing deployments (including the kubespray-based Akash provider deployment) to my write-up here Deploy Akash Provider with kubeadm, containerd, gvisor (“Optional: IPVS mode” section).