Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP do not merge] Go with the default proxymode (iptables with userspace as fallback) #145

Open
wants to merge 6 commits into
base: master
from

Conversation

Projects
None yet
1 participant
@ktsakalozos
Copy link
Collaborator

commented Oct 22, 2018

As shown in #140 there some services may be sensitive on certain clouds (rabbitmq on Azure). Now that we have a decent testing setup on our CI I would like to give the default proxy-mode another try.

Fixes: #140

@ktsakalozos

This comment has been minimized.

Copy link
Collaborator Author

commented Oct 23, 2018

This PR is failing the dns test on travis with:

=================================== FAILURES ===================================
_____________________________ TestAddons.test_dns ______________________________
self = <test-addons.TestAddons object at 0x7f9aed2674d0>
    def test_dns(self):
        """
        Sets up DNS addon and validates it works.
    
        """
        print("Enabling DNS")
        microk8s_enable("dns")
        wait_for_pod_state("", "kube-system", "running", label="k8s-app=kube-dns")
        # Create a bbox
        print("Validating dns")
>       validate_dns()
test-addons.py:37: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
validators.py:22: in validate_dns
    output = kubectl("exec -ti busybox -- nslookup kubernetes.default.svc.cluster.local")
utils.py:39: in kubectl
    return run_until_success(cmd)
utils.py:20: in run_until_success
    output = check_output(cmd.split()).strip().decode('utf8')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
popenargs = (['/snap/bin/microk8s.kubectl', 'exec', '-ti', 'busybox', '--', 'nslookup', ...],)
kwargs = {}, process = <subprocess.Popen object at 0x7f9aed267890>
output = ';; connection timed out; no servers could be reached\r\n\r\n'
unused_err = None, retcode = 1
cmd = ['/snap/bin/microk8s.kubectl', 'exec', '-ti', 'busybox', '--', 'nslookup', ...]
    def check_output(*popenargs, **kwargs):
        r"""Run command with arguments and return its output as a byte string.
    
        If the exit code was non-zero it raises a CalledProcessError.  The
        CalledProcessError object will have the return code in the returncode
        attribute and output in the output attribute.
    
        The arguments are the same as for the Popen constructor.  Example:
    
        >>> check_output(["ls", "-l", "/dev/null"])
        'crw-rw-rw- 1 root root 1, 3 Oct 18  2007 /dev/null\n'
    
        The stdout argument is not allowed as it is used internally.
        To capture standard error in the result, use stderr=STDOUT.
    
        >>> check_output(["/bin/sh", "-c",
        ...               "ls -l non_existent_file ; exit 0"],
        ...              stderr=STDOUT)
        'ls: non_existent_file: No such file or directory\n'
        """
        if 'stdout' in kwargs:
            raise ValueError('stdout argument not allowed, it will be overridden.')
        process = Popen(stdout=PIPE, *popenargs, **kwargs)
        output, unused_err = process.communicate()
        retcode = process.poll()
        if retcode:
            cmd = kwargs.get("args")
            if cmd is None:
                cmd = popenargs[0]
>           raise CalledProcessError(retcode, cmd, output=output)
E           CalledProcessError: Command '['/snap/bin/microk8s.kubectl', 'exec', '-ti', 'busybox', '--', 'nslookup', 'kubernetes.default.svc.cluster.local']' returned non-zero exit status 1
/usr/lib/python2.7/subprocess.py:573: CalledProcessError
@ktsakalozos

This comment has been minimized.

Copy link
Collaborator Author

commented Oct 23, 2018

Same issue we had with CDK charmed-kubernetes/bundle#505

ktsakalozos added some commits Oct 23, 2018

@ktsakalozos

This comment has been minimized.

Copy link
Collaborator Author

commented Oct 23, 2018

Although this looks more correct it will still use "userspace" on azure because cpuinfo reports it to be a "hypervisor".

Based on https://docs.travis-ci.com/user/reference/overview/ travis will give me a machine on GCE and that one needs userspace proxymode while on Azure userspace will not work. Do we need a cloud provider specific solution?

@ktsakalozos ktsakalozos changed the title Go with the default proxymode (iptables with userspace as fallback) [WIP do not merge] Go with the default proxymode (iptables with userspace as fallback) Oct 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.