search

kubernetes-retired / kpng

[EOL] Reworking kube-proxy's architecture
Apache License 2.0
246 stars 91 forks source link

error when deploying kpng with nft mode in kind cluster #514

Closed shawnh2 closed 1 year ago

shawnh2 commented 1 year ago

What kind of issue is this?

/kind bug

Expected behaviour

when deploying kpng with nft mode in kind cluster, everything in kube-system shoud be ready.

Actual behaviour

the coredns cannot be ready,

k get po -n kube-system

NAME                                               READY   STATUS    RESTARTS   AGE
coredns-5d78c9869d-c5r8j                           0/1     Running   0          33m
coredns-5d78c9869d-jr8sk                           0/1     Running   0          33m

it keeps logging:

plugin/kubernetes: Kubernetes API connection failure: Get "[https://10.96.0.1:443/version](https://10.96.0.1/version)": dial tcp 10.96.0.1:443: i/o timeout
[INFO] plugin/ready: Still waiting on: "kubernetes"

seems the coredns has trouble communicating with apiserver through svc/kubernetes:

k get svc -n default

NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   39m

turns out in kpng, the nft rules somehow got an error:

k logs -n kube-system kpng-2zvvw -c kpng-nft

// ...
/dev/stdin:11:3-21: Error: Could not process rule: No such file or directory
  numgen random mod 1 vmap {
  ^^^^^^^^^^^^^^^^^^^
/dev/stdin:59:3-16: Error: Could not process rule: No such file or directory
  fib daddr type != local \
  ^^^^^^^^^^^^^^

Steps to reproduce the problem

Export BACKEND=nft ./hack/kpng-local-up.sh
mcluseau commented 1 year ago

you need the following kernel modules: nft_fib, nft_numgen. They're usually auto-loaded so maybe they're missing on the system.

jayunit100 commented 1 year ago

Found the same error on my MacBook m1 ! I guess the vm that containers run in docker , on in Macs, doesn't have these if u make VMs via docker. Let's try Colima or build linux VM for m1 Mac development @shawnh2 

/dev/stdin:11:3-21: Error: Could not process rule: No such file or directory
  numgen random mod 1 vmap {
  ^^^^^^^^^^^^^^^^^^^
/dev/stdin:59:3-16: Error: Could not process rule: No such file or directory
  fib daddr type != local \
  ^^^^^^^^^^^^^^
aleksandar-kinanov commented 1 year ago

Works with Colima on Mac M1, but ONLY with IPv4, IPv6 is not working.

shawnh2 commented 1 year ago

problem solved, working fine on ubuntu VM.