Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubeasz 3.6.5 IPVS:rr:udp 10.68.0.2:53 - no destination available Ubuntu 24.04.1 LTS #1445

Open
21ki opened this issue Feb 14, 2025 · 0 comments
Open

kubeasz 3.6.5 IPVS:rr:udp 10.68.0.2:53 - no destination available Ubuntu 24.04.1 LTS #1445

21ki opened this issue Feb 14, 2025 · 0 comments

Comments

@21ki
Copy link

21ki commented Feb 14, 2025
edited
Loading

What happened? 发生了什么问题?

刚开始发现10.68.0.2:53问题 排查发现ping 10.68.0.2不通 网络都是caliico kube用的ipvs
现在环境
master-01 Ready,SchedulingDisabled master 20h v1.31.2 192.168.1.223 Ubuntu 24.04.1 LTS 6.8.0-51-generic containerd://1.7.23
找了之前的集群
192.168.1.111 Ready node 183d v1.20.5 192.168.1.111 CentOS Linux 7 (Core) 4.19.319-300.el7_9.x86_64 docker://20.10.5
是通的
查找到
kubernetes/kubernetes#86762
https://github.com/easzlab/kubeasz/pull/453/files
执行

source /etc/profile; iptables -P INPUT ACCEPT \
            && iptables -P FORWARD ACCEPT \
            && iptables -P OUTPUT ACCEPT \
            && iptables -F && iptables -X

然后就通了,过一会貌似k8s又个覆盖了又不通了,请问一下这个是否正常

What did you expect to happen? 期望的结果是什么?

这个是否是bug

How can we reproduce it (as minimally and precisely as possible)? 尽可能最小化、精确地描述如何复现问题

间接性ping 10.68.0.2
PING 10.68.0.2 (10.68.0.2) 56(84) bytes of data.
From 10.68.0.2 icmp_seq=1 Destination Port Unreachable
From 10.68.0.2 icmp_seq=2 Destination Port Unreachable

Anything else we need to know? 其他需要说明的情况

iptables -t filter -nvL KUBE-IPVS-FILTER
Chain KUBE-IPVS-FILTER (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            match-set KUBE-LOAD-BALANCER dst,dst
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            match-set KUBE-CLUSTER-IP dst,dst
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            match-set KUBE-EXTERNAL-IP dst,dst
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            match-set KUBE-EXTERNAL-IP-LOCAL dst,dst
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            match-set KUBE-HEALTH-CHECK-NODE-PORT dst
    0     0 REJECT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW match-set KUBE-IPVS-IPS dst reject-with icmp-port-unreachable

查看是最后一条规则问题自动会创建

Kubernetes version k8s 版本

master-01 Ready,SchedulingDisabled master 20h v1.31.2 192.168.1.223 Ubuntu 24.04.1 LTS 6.8.0-51-generic containerd://1.7.23

Kubeasz version

3.6.5

OS version 操作系统版本

master-01   Ready,SchedulingDisabled   master   20h   v1.31.2   192.168.1.223   <none>        Ubuntu 24.04.1 LTS   6.8.0-51-generic   containerd://1.7.23

Related plugins (CNI, CSI, ...) and versions (if applicable) 其他网络插件等需要说明的情况

calico
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@21ki