Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release 1.25] Update Flannel to fix NAT issue with older iptables version #7137

Closed
rbrtbnfgl opened this issue Mar 22, 2023 · 1 comment
Closed

[Release 1.25] Update Flannel to fix NAT issue with older iptables version #7137

rbrtbnfgl opened this issue Mar 22, 2023 · 1 comment
Assignees
@VestigeJ @rbrtbnfgl
Milestone
v1.25.8+k3s1

Comments

@rbrtbnfgl
Copy link
Contributor

Backport for #7096
@rbrtbnfgl rbrtbnfgl added this to the v1.25.9+k3s1 milestone Mar 22, 2023
@rbrtbnfgl rbrtbnfgl self-assigned this Mar 22, 2023
@rbrtbnfgl rbrtbnfgl mentioned this issue Mar 22, 2023
Merged
@rbrtbnfgl rbrtbnfgl modified the milestones: v1.25.9+k3s1, v1.25.8+k3s1 Mar 22, 2023
@VestigeJ VestigeJ self-assigned this Mar 24, 2023
@VestigeJ
Copy link

Reproduced using VERSION=v1.25.7+k3s1

CENTOS 7.9 Reproduction

bare node installation no configs
$ sudo INSTALL_K3S_VERSION=v1.25.7+k3s1 INSTALL_K3S_EXEC=server ./install-k3s.sh

$ sudo iptables -t nat -vnL | grep -i flannel

Chain FLANNEL-POSTRTG (0 references)

$ iptables --version

iptables v1.4.21

$ k3s -v

k3s version v1.25.7+k3s1 (f7c20e23)
go version go1.19.6

$ grep /etc/os-release -i -e pretty

PRETTY_NAME="CentOS Linux 7 (Core)"
CENTOS 7.9 Validation

upgrade existing single node installation from v1.25.7+k3s1 -> v1.25.8-rc2+k3s1
$ sudo INSTALL_K3S_VERSION=v1.25.8-rc2+k3s1 INSTALL_K3S_EXEC=server ./install-k3s.sh

$ k3s -v

k3s version v1.25.8-rc2+k3s1 (6c5ac022)
go version go1.19.7

$ iptables --version

iptables v1.4.21

$ sudo iptables -t nat -vnL | grep -i flannel

  149  8989 FLANNEL-POSTRTG  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* flanneld masq */
Chain FLANNEL-POSTRTG (1 references)
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x4000/0x4000 /* flanneld masq */
  115  6900 RETURN     all  --  *      *       10.42.0.0/24         10.42.0.0/16         /* flanneld masq */
    0     0 RETURN     all  --  *      *       10.42.0.0/16         10.42.0.0/24         /* flanneld masq */
    0     0 RETURN     all  --  *      *      !10.42.0.0/16         10.42.0.0/24         /* flanneld masq */
    1    45 MASQUERADE  all  --  *      *       10.42.0.0/16        !224.0.0.0/4          /* flanneld masq */
    0     0 MASQUERADE  all  --  *      *      !10.42.0.0/16         10.42.0.0/16         /* flanneld masq */
Ubuntu 18.04 Reproduction

bare node installation no configs
$ sudo INSTALL_K3S_VERSION=v1.25.7+k3s1 INSTALL_K3S_EXEC=server ./install-k3s.sh

$ sudo iptables -t nat -vnL | grep -i flannel

Chain FLANNEL-POSTRTG (0 references)

$ iptables --version

iptables v1.6.1

$ k3s -v

k3s version v1.25.7+k3s1 (f7c20e23)
go version go1.19.6

$ grep /etc/os-release -i -e pretty

PRETTY_NAME="Ubuntu 18.04.6 LTS"
Ubuntu 18.04 Validation upgrade existing single node installation

$ sudo INSTALL_K3S_VERSION=v1.25.8-rc2+k3s1 INSTALL_K3S_EXEC=server ./install-k3s.sh

$ k3s -v

k3s version v1.25.8-rc2+k3s1 (6c5ac022)
go version go1.19.7

$ iptables --version

iptables v1.6.1

$ sudo iptables -t nat -vnL | grep -i flannel

   52  3144 FLANNEL-POSTRTG  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* flanneld masq */
Chain FLANNEL-POSTRTG (1 references)
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x4000/0x4000 /* flanneld masq */
   40  2400 RETURN     all  --  *      *       10.42.0.0/24         10.42.0.0/16         /* flanneld masq */
    0     0 RETURN     all  --  *      *       10.42.0.0/16         10.42.0.0/24         /* flanneld masq */
    0     0 RETURN     all  --  *      *      !10.42.0.0/16         10.42.0.0/24         /* flanneld masq */
    1    45 MASQUERADE  all  --  *      *       10.42.0.0/16        !224.0.0.0/4          /* flanneld masq */
    0     0 MASQUERADE  all  --  *      *      !10.42.0.0/16         10.42.0.0/16         /* flanneld masq */

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VestigeJ VestigeJ

@rbrtbnfgl rbrtbnfgl

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.25.8+k3s1
Development

No branches or pull requests
2 participants
@VestigeJ @rbrtbnfgl