Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flannel CNI fails if ipv6 is disable in kernel #936

Closed
qrpike opened this issue Jan 30, 2018 · 6 comments
Closed

Flannel CNI fails if ipv6 is disable in kernel #936

qrpike opened this issue Jan 30, 2018 · 6 comments
Labels
wontfix

Comments

@qrpike
Copy link

qrpike commented Jan 30, 2018

I disable ipv6 as one of the boot options for the kernel. I have been using flannel for a while now, and it's been working fine. However when I upgrade from 1.8.x to kubernetes 1.9.x it starts failing due to ipv6 sysctl directories not existing.

I'm not sure if this is a flannel or CNI problem, since I'm in the coreos ecosystem I figured I would ask here first.

Expected Behavior

CNI should create the interface in flannel when creating a new pod.

Current Behavior

I have flannel setup with VXLAN with directrouting enabled. When I start the coreos kubelet 1.9.x I get the following:

Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547096    2062 remote_runtime.go:92] RunPodSandbox from runtime service failed: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod "node-problem-detector-xqp5k_kube-system" network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547148    2062 kuberuntime_sandbox.go:54] CreatePodSandbox for pod "node-problem-detector-xqp5k_kube-system(7d585c3f-fbee-11e7-b6ee-1eb535d7075a)" failed: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod "node-problem-detector-xqp5k_kube-system" network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547165    2062 kuberuntime_manager.go:647] createPodSandbox for pod "node-problem-detector-xqp5k_kube-system(7d585c3f-fbee-11e7-b6ee-1eb535d7075a)" failed: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod "node-problem-detector-xqp5k_kube-system" network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547236    2062 pod_workers.go:186] Error syncing pod 7d585c3f-fbee-11e7-b6ee-1eb535d7075a ("node-problem-detector-xqp5k_kube-system(7d585c3f-fbee-11e7-b6ee-1eb535d7075a)"), skipping: failed to "CreatePodSandbox" for "node-problem-detector-xqp5k_kube-system(7d585c3f-fbee-11e7-b6ee-1eb535d7075a)" with CreatePodSandboxError: "CreatePodSandbox for pod \"node-problem-detector-xqp5k_kube-system(7d585c3f-fbee-11e7-b6ee-1eb535d7075a)\" failed: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod \"node-problem-detector-xqp5k_kube-system\" network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory"
Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547441    2062 cni.go:259] Error adding network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
Jan 29 22:42:34 blade02 kubelet-wrapper[2062]: E0130 03:42:34.547461    2062 cni.go:227] Error while adding to cni network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory

Possible Solution

Check if the ipv6 directory exists before trying to write to it

Steps to Reproduce (for bugs)

Disable ipv6 as a boot option, try running kubernetes 1.9.x

Context

Your Environment

  • Flannel version: v0.10.0
  • Backend used (e.g. vxlan or udp):
    VXLAN with directrouting=true
  • Etcd version:
    3.2.9
  • Kubernetes version (if used):
    1.9.X ( Tried with 1.9.0, 1.9.1, and 1.9.2 coreos images, eg: v1.9.2_coreos.0 )
  • Operating System and version:
    Container Linux by CoreOS stable (1576.5.0)
  • Link to your project (optional):
@xuanyuan300
Copy link

+1

@wangyaliyali
Copy link

how to resolve this problem?

@qrpike
Copy link
Author

qrpike commented Feb 7, 2018

@Wujiandong @wangyaliyali I put in an issue into CNI ( containernetworking/cni#532 )

This is fixed in master, however we are just waiting for a release. see:

@Paxa Paxa mentioned this issue Apr 5, 2018
Closed
@KevinTHU
Copy link

KevinTHU commented Apr 27, 2018
edited
Loading

it is a kernel problem, reference https://bugzilla.redhat.com/show_bug.cgi?id=1445054, and some comment say

Reproduced on 3.10.0-632.el7 kernel using script in comment 1. Adding ip6_disable=1 to kernel cmdline made vxlan not working.

Verified on 3.10.0-668.el7 kernel. The vxlan works with or without ip6_disable=1 on kernel cmdline.

@PaulFurtado
Copy link

@qrpike This fix was merged in containernetworking/plugins#62
And it's in the v0.7.0 release: containernetworking/plugins@v0.6.0...v0.7.0

@KevinTHU That looks like a different bug than the CNI errors shown above

@chrisohaver chrisohaver mentioned this issue Sep 25, 2018
Closed
galexrt added a commit to galexrt/k8s-vagrant-multi-node that referenced this issue Feb 7, 2019
@galexrt
Use canal as CNI for Ubuntu
908a4ef 
Flannel does seem to work in the VM because of
flannel-io/flannel#936.
Interestingly even after sysctl enabling IPv6 it doesn't work.
This was referenced Apr 12, 2019
Closed
Closed
@stale
Copy link

stale bot commented Jan 26, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix label Jan 26, 2023
@stale stale bot closed this as completed Feb 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@qrpike @PaulFurtado @xuanyuan300 @wangyaliyali @KevinTHU