search

K8sbykeshed / k8s-service-validator

Kubernetes Network Service Validator
22 stars 10 forks source link

Antrea-proxy #86

Closed knabben closed 2 years ago

knabben commented 2 years ago 
❯ kubectl get pods                                                                                                                                                                                                                                                   
Unable to connect to the server: net/http: TLS handshake timeout
2021-12-22T01:42:03.787880416Z stderr F E1222 01:42:03.787694       1 available_controller.go:524] v1beta1.system.antrea.tanzu.vmware.com failed with: failing or missing response from https://10.96.128.183:443/apis/system.antrea.tanzu.vmware.com/v1beta1: Get "https://10.96.128.183:443/apis/system.antrea.tanzu.vmware.com/v1beta1": context deadline exceeded
2021-12-22T01:42:03.78872321Z stderr F E1222 01:42:03.788656       1 available_controller.go:524] v1beta2.controlplane.antrea.io failed with: failing or missing response from https://10.96.128.183:443/apis/controlplane.antrea.io/v1beta2: Get "https://10.96.128.183:443/apis/controlplane.antrea.io/v1beta2": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
2021-12-22T01:42:03.788783882Z stderr F E1222 01:42:03.788717       1 available_controller.go:524] v1alpha1.stats.antrea.io failed with: failing or missing response from https://10.96.128.183:443/apis/stats.antrea.io/v1alpha1: Get "https://10.96.128.183:443/apis/stats.antrea.io/v1alpha1": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
2021-12-22T01:42:03.805540795Z stderr F E1222 01:42:03.805469       1 available_controller.go:524] v1beta1.system.antrea.tanzu.vmware.com failed with: Operation cannot be fulfilled on apiservices.apiregistration.k8s.io "v1beta1.system.antrea.tanzu.vmware.com": the object has been modified; please apply your changes to the latest version and try again
yzaccc commented 2 years ago

The ci failed because did not run "./hack/kind-fix-networking.sh", which is required to use antrea proxy on existing kind clusters, to use ovs. refer:

# This script is required for Antrea to work properly in a Kind cluster on Linux. It takes care of
# disabling TX hardware checksum offload for the veth interface (in the host's network namespace) of
# each Kind Node. This is required when using OVS in userspace mode. Refer to
# https://github.com/antrea-io/antrea/issues/14 for more information.
knabben commented 2 years ago

We could test with full Antrea-proxy capabilities and remove kube-proxy. For this we can

1) put the full configuration yaml (changed) on gist and use it. 2) update the configmap in the flight and restart antrea components.

knabben commented 2 years ago

/lgtm