New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hairpin rules are not added when using IPVS with a cloudprovider enabled #30363
Comments
Refer to workaround kubernetes/kubernetes#71851 (comment) |
Root cause What was fixed, or what changes have occurred
Areas or cases that should be tested
What areas could experience regressions? Are the repro steps accurate/minimal? |
Re-opening the issue
Steps followed :
iptables output as mentioned here.
|
The issue is rke-tools is dependent on the RKE fix, but rancher 2.6.3 doesn't have this fix vendored. Looking into it to see if the fix can be in rke-tools alone. |
The command args for kube-proxy don't pass cloud provider aws, so there isn't a way to override Note:
|
Fix now available to test with the latest k8s versions (which have rke-tools v0.1.79):
Can be tested on v2.6-head (which vendors RKE v1.3.4-rc8 so has the RKE fix as well). |
Verifed this on rancher v2.6-head(4df2214), docker install. Case 1 : AWS cloud provider enabled Validation steps followed :
Case 2 : Verify kubelet and kube-proxy continue to get the correct hostname-override if cloud provider is not selected Validation steps followed :
Result :
|
What kind of request is this (question/bug/enhancement/feature request): bug
Steps to reproduce (least amount of steps as possible):
Result:
Other details that may be helpful:
This appears to relate to the IsLocal condition not being matched due to different names for the node being populated with the cloudprovider metadata, the difference in
nodeName
andkubernetes.io/hostname
prevents the hairpin rule and ipset list being added to the nodes, as no “local” pods are detected as endpoints.Environment information
rancher/rancher
/rancher/server
image tag or shown bottom left in the UI): v2.4.5Cluster information
kubectl version
): v1.16.15gz#11904
JIRA: SURE-2373, SURE-3284
The text was updated successfully, but these errors were encountered: