search

pacoxu / kubernetes

Production-Grade Container Scheduling and Management
https://kubernetes.io
Apache License 2.0
2 stars 4 forks source link

双栈 Service: ipFamily 为 ipv6,但是 pod 只有 ipv4 时 #1756

Open pacoxu opened 3 years ago

pacoxu commented 3 years ago

controller-manager 

E1216 10:35:13.637735       1 controller_utils.go:257] Error while processing Node Add/Delete: failed to allocate cidr from cluster cidr at idx:0: CIDR allocation failed; there are no remaining CIDRs left to allocate in the accepted range
I1216 10:33:24.376350       1 endpoints_controller.go:429] failed to find endpoint for service:dao-2048-ipv6 with ClusterIP:fdff:ffff:ffff:ffff:1::f1d3 on pod:dao-2048-dao-2048-manual with error:failed to find a matching endpoint for service dao-2048-ipv6

Dec 16 19:37:07 dce-10-6-158-161 kubelet[12189]: E1216 19:37:07.505603 12189 pod_workers.go:191] Error syncing pod 480fe9cc-9fb3-47e0-8aa5-d07ddebb6203 ("dao-2048-dao-2048-manual_default(480fe9cc-9fb3-47e0-8aa5-d07ddebb6203)"), skipping: failed to "StartContainer" for "dao-2048-dao-2048" with CrashLoopBackOff: "back-off 5m0s restarting failed container=dao-2048-dao-2048 pod=dao-2048-dao-2048-manual_default(480fe9cc-9fb3-47e0-8aa5-d07ddebb6203)"

apiVersion: v1
kind: Pod
metadata:
  labels:
    dce.daocloud.io/app: dao-2048
    dce.daocloud.io/component: dao-2048-dao-2048
  name: dao-2048-dao-2048-manual
  namespace: default
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: kubernetes.io/os
            operator: In
            values:
            - linux
  hostNetwork: true
  containers:
  - image: 10.6.158.146/daocloud/dao-2048:latest
    imagePullPolicy: Always
    name: dao-2048-dao-2048
    resources:
      limits:
        cpu: 128m
        memory: "268435456"
      requests:
        cpu: 64m
        memory: "268435456"
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-pp5bh
      readOnly: true
  dnsConfig:
    options:
    - name: single-request-reopen
      value: ""
    - name: ndots
      value: "2"
  dnsPolicy: Default
  enableServiceLinks: true
  imagePullSecrets:
  - name: dao-2048-dao-2048-10.6.158.146
  nodeName: dce-10-6-158-161
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: default-token-pp5bh
    secret:
      defaultMode: 420
      secretName: default-token-pp5bh

复现方法:双栈环境

  1. 创建一个 deployment
  2. 创建 2个service 一个 ipv4 一个 ipv6
  3. 创建一个 hostNetwork 的 Port 使用同一个 label 检查 controller manager 日志