Kmesh cannot start when --enable-ipsec=true and no IPsec pre-shared keys set by kmeshctl #1289
Description
What happened:
Kmesh cannot start when --enable-ipsec=true and no IPsec pre-shared keys set by kmeshctl.
What you expected to happen:
Kmesh should start properly even if no IPsec pre-shared keys is set.
How to reproduce it (as minimally and precisely as possible):
Start Kmesh with --enable-ipsec=true and do not set IPsec pre-shared keys by kmeshctl.
Anything else we need to know?:
Log output:
[root@Aero15 kmesh]# k logs -f -n kmesh-system kmesh-gzwks
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --bpf-fs-path=\"/sys/fs/bpf\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --cgroup2-path=\"/mnt/kmesh_cgroup2\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --cni-etc-path=\"/etc/cni/net.d\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --conflist-name=\"\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --enable-bypass=\"false\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --enable-ipsec=\"true\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --enable-mda=\"false\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --enable-secret-manager=\"false\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --help=\"false\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --mode=\"dual-engine\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --monitoring=\"true\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --plugin-cni-chained=\"true\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="FLAG: --profiling=\"false\"" subsys=manager
time="2025-03-28T03:14:43Z" level=info msg="kmesh start with Normal" subsys=bpf
time="2025-03-28T03:14:45Z" level=info msg="bpf loader start successfully" subsys=manager
time="2025-03-28T03:14:45Z" level=info msg="cleaned kmesh_version map" subsys=bpf
time="2025-03-28T03:14:45Z" level=info msg="cleanup bpf map success" subsys=bpf
Error: failed to new IPsec controller, failed to load ipsec key from file ./kmesh-ipsec/ipSec: load ipsec keys failed: open ./kmesh-ipsec/ipSec: no such file or directory
time="2025-03-28T03:14:45Z" level=error msg="failed to new IPsec controller, failed to load ipsec key from file ./kmesh-ipsec/ipSec: load ipsec keys failed: open ./kmesh-ipsec/ipSec: no such file or directory" subsys=main
Error: parse BpfConfig failed, stat /mnt/kmesh_cgroup2: no such file or directory
time="2025-03-28T03:14:45Z" level=error msg="parse BpfConfig failed, stat /mnt/kmesh_cgroup2: no such file or directory" subsys=main
kmesh exit
Environment:
- Kmesh version: 3a81bcc
- Kmesh mode(kmesh has
Kernel-Native ModeandDuel-Engine Mode): Dual-Engine Mode - Istio version: v1.24.0
- Kernel version: 5.15
- Others: