-
Notifications
You must be signed in to change notification settings - Fork 583
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CNI (installed by RKE) Crashloopback on Ubuntu 22.04 nodes #3114
Comments
How is it possible to run k8s v1.24.X with |
Did you find a solution to this? I'm experiencing something similar on Kubernetes 1.25.2-00 with containerd 1.5.9 and 1.6.14, but I'm installing manually, rather than with Rancher. |
It turned out that for me, flannel was being restarted because kube-proxy was restarting frequently. I finally determined that the root cause was that I needed to set SystemdCgroup in /etc/containerd.config.toml. This fixed it for me:
I'm not sure why that's not set by default on Ubuntu 22.04 (at least it's not on Arm64). Maybe it's fixed in more recent versions of containerd, but containerd doesn't seem to regenerate /etc/containerd, let alone the config.toml on reinstall. |
Hi, Sorry for this very late response...
I enable CRI on my Docker Daemon so i don't use Dockershim : gitpod-io/gitpod#5410 (comment)
Pffff yeah... It seems to be an issue with Kernel > 5.4 and iptables implementation. I'll try to get more logs next time ;) |
Wow, so you actually use Would this modification work for an existing cluster? Make the changes inside the VMs for containerd, then modify the kubelet params and do an |
Note: I suppose containerd was installed by docker, so you actually have docker installed, but I suppose docker is not in use in your scenario. It would be also interesting to only have containerd installed without docker but it's just a note. For an existing cluster, docker could remain installed, I don't care much if the cluster actually uses containerd. |
Sorry again for the delay... !
Yes of course ! You will have a down of your production, but it is quite possible ! This is what I did on my homelab 1 year ago and it still working (upgrades included) !
We don't care about Here an example from my homelab new node
quadeare@atlas:~$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13576fa11308 rancher/hyperkube:v1.24.6-rancher1 "/opt/rke-tools/entr…" 10 days ago Up 6 days kube-proxy
53f2a41165ba rancher/hyperkube:v1.24.6-rancher1 "/opt/rke-tools/entr…" 10 days ago Up 6 days kubelet
0cecd6700bce rancher/rke-tools:v0.1.87 "/bin/bash" 10 days ago Created service-sidekick
7dbbcaf6c66d rancher/rke-tools:v0.1.87 "nginx-proxy CP_HOST…" 10 days ago Up 6 days nginx-proxy And quadeare@atlas:~$ sudo ctr -n k8s.io c ls
CONTAINER IMAGE RUNTIME
062d4a48f99da36d3be5c8dd9bdad13cea80f716867d71cc086807b22ea076a3 registry.k8s.io/pause:3.6 io.containerd.runc.v2
0ef744b6799e99f27eea0e9d14aad7ab9eb1e3a2167e376a609abab4e0f3b64f registry.k8s.io/pause:3.6 io.containerd.runc.v2
104ebeff985ec3c66a7ef2a1b76fb0746a176c7177bd6773243361ecdf6ce336 registry.k8s.io/pause:3.6 io.containerd.runc.v2
136a2261945e2f30bfe6aa55482490f63cc10c351b4eabee09c1eef887dd7931 docker.io/longhornio/longhorn-manager:v1.2.4 io.containerd.runc.v2
1daa32452b74bdb333c1e3e485453da52df712c968c5316d8293de3de9810f39 docker.io/rancher/mirrored-calico-kube-controllers:v3.22.0 io.containerd.runc.v2
1ddc5a1c2a83b432747b75abd36d4c66a1ca5eae21f6b187c36452fad4ef48cc docker.io/rancher/mirrored-coredns-coredns:1.9.3 io.containerd.runc.v2
2054ff552c6a921faf3f66c7b1e2138349c4f029483cd46ffc329174327e78b7 docker.io/longhornio/longhorn-engine:v1.2.4 io.containerd.runc.v2
...
... and many other pods... Well, you can continue using |
@quadeare |
Bumping this issue as I have the same problem with ubuntu 22.04 and flannel with rke1, i tried 'sudo update-alternatives --set iptables /usr/sbin/iptables-legacy' which used to be the fix for this but it no longer seems to work. |
This repository uses an automated workflow to automatically label issues which have not had any activity (commit/comment/label) for 60 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the issue so the workflow can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the latest release), the workflow will automatically close the issue in 14 days. Thank you for your contributions. |
Sorry for this very very late response... I just upgrade my home lab today and i test your workaround. I'm now able to run RKE1 on Ubuntu 22.04 without any issue. Have a nice day ! |
RKE version: 1.4.1 (same with 1.3.16)
Docker version: (
docker version
,docker info
preferred)Operating system and kernel: (
cat /etc/os-release
,uname -r
preferred)Type/provider of hosts: (VirtualBox/Bare-metal/AWS/GCE/DO) : Baremetal and Scaleway VM (tested on both
cluster.yml file:
Steps to Reproduce: Install RKE suite with the CNI you want
Results:
CNI Crashloopback ONLY on 22.04 nodes without any error logs.
Kube-system pods list :
CNI pod describe
Flannel logs :
The text was updated successfully, but these errors were encountered: