search

gravitl / netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
https://netmaker.io
Other
9.4k stars 547 forks source link

[Bug]: Error while create network | AWS EKS | K8S #1988

Closed jeenadeepak closed 1 year ago

jeenadeepak commented 1 year ago

Contact Details

Deepak.jeena@huru.co

What happened?

I have success fully install netmaker on AWS EKS, but I am receiving error when I am trying to create network, I have shared logs and Netmaker configurations, I am trying using WG_QUICK_USERSPACE_IMPLEMENTATION/wireguard-go.

kubectl get pods -n vpn NAME READY STATUS RESTARTS AGE netmaker-0 1/1 Running 0 12m netmaker-mqtt-6bcb9f4ff8-cjbpl 1/1 Running 0 13m netmaker-ui-6c6cc954b5-jlhvh 1/1 Running 0 13m

Netmaker configuration

kubectl get StatefulSet netmaker -n vpn -oyaml 

apiVersion: apps/v1
kind: StatefulSet
metadata:
  annotations:
    meta.helm.sh/release-name: netmaker
    meta.helm.sh/release-namespace: vpn
  creationTimestamp: "2023-01-28T13:10:28Z"
  generation: 2
  labels:
    app: netmaker
    app.kubernetes.io/managed-by: Helm
  name: netmaker
  namespace: vpn
  resourceVersion: "24882968"
  uid: 23a10bfd-0f07-47f1-9da8-ad1d69b04588
spec:
  podManagementPolicy: OrderedReady
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: netmaker
  serviceName: netmaker-headless
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: netmaker
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - netmaker
            topologyKey: kubernetes.io/hostname
      containers:
      - env:
        - name: SERVER_NAME
          value: broker.shared.huru.co
        - name: SERVER_API_CONN_STRING
          value: api.shared.huru.co:443
        - name: SERVER_HTTP_HOST
          value: api.shared.huru.co
        - name: API_PORT
          value: "8081"
        - name: WG_QUICK_USERSPACE_IMPLEMENTATION
          value: wireguard-go
        - name: DNS_MODE
          value: "off"
        - name: CLIENT_MODE
          value: "on"
        - name: MASTER_KEY
          value: 9tOQC7qI8m8m
        - name: CORS_ALLOWED_ORIGIN
          value: '*'
        - name: NODE_ID
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: SQL_HOST
          value: netmaker.c4utn0lsgq.me-central-1.rds.amazonaws.com
        - name: SQL_PORT
          value: "5432"
        - name: SQL_DB
          value: netmaker
        - name: SQL_USER
          value: netmaker
        - name: SQL_PASS
          value: XXXXXXXXX
        - name: DATABASE
          value: postgres
        - name: DISPLAY_KEYS
          value: "on"
        - name: MQ_HOST
          value: netmaker-mqtt
        - name: MQ_PORT
          value: "443"
        - name: MQ_SERVER_PORT
          value: "1883"
        - name: MQ_ADMIN_PASSWORD
          value: XXXXXXXXX
        - name: PLATFORM
          value: Kubernetes
        - name: VERBOSITY
          value: "3"
        image: gravitl/netmaker:v0.17.1
        imagePullPolicy: Always
        name: netmaker
        ports:
        - containerPort: 8081
          protocol: TCP
        - containerPort: 31821
          protocol: UDP
        - containerPort: 31822
          protocol: UDP
        - containerPort: 31823
          protocol: UDP
        - containerPort: 31824
          protocol: UDP
        - containerPort: 31825
          protocol: UDP
        - containerPort: 31826
          protocol: UDP
        - containerPort: 31827
          protocol: UDP
        - containerPort: 31828
          protocol: UDP
        - containerPort: 31829
          protocol: UDP
        - containerPort: 31830
          protocol: UDP
        resources: {}
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
            - NET_RAW
            - SYS_MODULE
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /etc/netmaker/
          name: shared-data
      dnsPolicy: ClusterFirstWithHostNet
      initContainers:
      - args:
        - sysctl -w net.ipv4.ip_forward=1 && sysctl -w net.ipv4.conf.all.src_valid_mark=1
          && sysctl -w net.ipv6.conf.all.disable_ipv6=0 && sysctl -w net.ipv6.conf.all.forwarding=1
        command:
        - /bin/sh
        - -c
        image: busybox
        imagePullPolicy: IfNotPresent
        name: init-sysctl
        resources: {}
        securityContext:
          privileged: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - name: shared-data
        persistentVolumeClaim:
          claimName: netmaker-shared-data-pvc
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
status:
  availableReplicas: 1
  collisionCount: 0
  currentReplicas: 1
  currentRevision: netmaker-7b7fd7fd87
  observedGeneration: 2
  readyReplicas: 1
  replicas: 1
  updateRevision: netmaker-7b7fd7fd87
  updatedReplicas: 1

Version

v0.17.1

What OS are you using?

Linux

Relevant log output

[netmaker] 2023-01-28 17:37:18 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:25 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:33 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:40 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:41 admin fetched networks. 
[netmaker] 2023-01-28 17:37:41 adding a server instance on network netty 
[netmaker] 2023-01-28 17:37:41 Set client port to 31821 for network netty 
[netmaker] 2023-01-28 17:37:43 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:43 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:43 waiting for interface... 
[netmaker] 2023-01-28 17:37:43 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:43 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:44 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:44 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:45 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:45 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:46 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:46 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:47 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:47 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:48 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:48 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:48 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:49 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:49 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:50 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:50 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:51 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:51 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:52 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:52 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:53 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:53 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:54 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:54 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:55 admin fetched all nodes they have access to 
[netmaker] 2023-01-28 17:37:55 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:55 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:56 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:56 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:57 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:57 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
[netmaker] 2023-01-28 17:37:58 error running command: wg-quick up /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:58 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
[#] ip link add nm-netty type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev nm-netty
Cannot find device "nm-netty" 
file does not exist
[netmaker] 2023-01-28 17:37:59 attempted to remove node ACL for node netmaker-1 d5cb6c96-3c02-48eb-b189-040639a57e64 
[netmaker] 2023-01-28 17:37:59 error running command: wg-quick down /etc/netclient/config/nm-netty.conf 
[netmaker] 2023-01-28 17:37:59 Warning: `/etc/netclient/config/nm-netty.conf' is world accessible
wg-quick: `nm-netty' is not a WireGuard interface 
[netmaker] 2023-01-28 17:37:59 could not removed server netmaker-1 before deleting network netty 
[netmaker] 2023-01-28 17:37:59 admin failed to create network:  could not reliably create interface

Contributing guidelines

dmitry-mightydevops commented 1 year ago

Is it working in AWS EKS 1.27 with AWS VPC CNI and kernel 5.10? Or does it require another CNI first to be installed?

jeenadeepak commented 1 year ago

@dmitry-mightydevops ,

Thanks for update, at that time aws was using lower kernel version, now they have updated it, and it is working now, Thanks