I would like to replace legacy iptables by nft on all nodes in my cluster, as described on https://wiki.debian.org/nftables. Would it be possible to support a migration path?
Current Behavior
After stopping Docker on all nodes, replacing the legacy tools by nft and rebooting all nodes coredns cannot connect to an external DNS.
Context
Sticking with legacy tools puts future updates of other components in my cluster and on the nodes at risk, e.g. docker. I have to upgrade or delete my cluster to setup a new one.
Your Environment
5 nodes with Debian Bullseye (3 control panel, 5 worker nodes), Kubernetes 1.21.8, setup and managed via Rancher.
harridu
commented
2 years ago
Expected Behavior
I would like to replace legacy iptables by nft on all nodes in my cluster, as described on https://wiki.debian.org/nftables. Would it be possible to support a migration path?
Current Behavior
After stopping Docker on all nodes, replacing the legacy tools by nft and rebooting all nodes coredns cannot connect to an external DNS.
Context
Sticking with legacy tools puts future updates of other components in my cluster and on the nodes at risk, e.g. docker. I have to upgrade or delete my cluster to setup a new one.
Your Environment
5 nodes with Debian Bullseye (3 control panel, 5 worker nodes), Kubernetes 1.21.8, setup and managed via Rancher.