search

kubernetes-sigs / kubespray

Deploy a Production Ready Kubernetes Cluster
Apache License 2.0
16.2k stars 6.48k forks source link

kube-vip controller node crash #11648

Closed KubeKyrie closed 1 month ago

KubeKyrie commented 1 month ago

What happened?

deploy cluster with kube-vip enables, and kube-vip-controller-node-1/2/3 crash.

The error logs shows: time="2024-10-17T08:10:30Z" level=fatal msg="Error ensuring net.ipv4.vs.conntrack enabled [failed to open file: open /proc/sys/net/ipv4/vs/conntrack: read-only file system]"

image

What did you expect to happen?

kube-vip-controller-node run successfully.

How can we reproduce it (as minimally and precisely as possible)?

just deploy cluster by setting

    kube_vip_enabled: true
    kube_vip_lb_enable: true
    kube_vip_lb_fwdmethod: masquerade

OS

irrelevant

Version of Ansible

irrelevant

Version of Python

irrelevant

Version of Kubespray (commit)

master

Network plugin used

calico

Full inventory with variables

    kube_vip_enabled: true
    kube_vip_lb_enable: true
    kube_vip_lb_fwdmethod: masquerade

Command used to invoke ansible

irrelevant

Output of ansible run

irrelevant

Anything else we need to know

No response

KubeKyrie commented 1 month ago

After adding securityContext for kube-vip-controller-node-1, it works well.

image