-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade notes for CNI #379
Upgrade notes for CNI #379
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: youssefazrak The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@irozzo-1A @xrstf PTAL |
|
||
```bash | ||
iptables -t nat -D POSTROUTING -s 172.25.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE | ||
iptables -t nat -D POSTROUTING ! -s 172.25.0.0/16 -d 172.25.0.0/16 -j MASQUERADE |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the pod CIDR cannot be configured to be different from 172.25.0.0/16
? In such case we should mention that those commands should be adapted accordingly
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From Kubermatic perspective, it is hardcoded for the user clusters.
I agree though it's better to make the point clear. @irozzo-1A updated the sentence accordingly.
/lgtm |
LGTM label has been added. Git tree hash: 5258812ffe5a23261c72f1f3e00fac1c107d536b
|
When upgrading to Kubermatic v2.12, Flannel version is bumped to v0.11 which has an issue when detecting/flushing the iptables of the nat table/POSTROUTING chain.
This leads to having communication broken when using NetworkPolicies and Pods trying to reach each other on different nodes.
This PR introduces a small note on the upgrade document for 2.11 > 2.12 with a workaround.