Kind: Kind / Calico Integration Issues

Created on 24 Oct 2019  路  5Comments  路  Source: kubernetes-sigs/kind

What happened:
Have a KIND cluster deployed, I want to add a Calico deployment as well. I used the sample calico cluster and to the KIND cluster added: 

kind: Cluster
apiVersion: kind.sigs.k8s.io/v1alpha3
networking:
  disableDefaultCNI: true

When I deployed, the error for the calico pods shows: 

Events:
  Type     Reason     Age    From                   Message
  ----     ------     ----   ----                   -------
...
  Warning  Unhealthy  2m12s  kubelet, kind-worker2  Readiness probe failed: Threshold time for bird readiness check:  30s
calico/node is not ready: felix is not ready: readiness probe reporting 503
  Warning  Unhealthy  106s (x7 over 2m56s)  kubelet, kind-worker2  Liveness probe failed: Get http://localhost:9099/liveness: dial tcp 127.0.0.1:9099: connect: connection refused
  Warning  Unhealthy  102s (x9 over 3m12s)  kubelet, kind-worker2  Readiness probe failed: Threshold time for bird readiness check:  30s
calico/node is not ready: felix is not ready: Get http://localhost:9099/readiness: dial tcp 127.0.0.1:9099: connect: connection refused

What you expected to happen:
Successful calico cluster deployment

How to reproduce it (as minimally and precisely as possible):
Deploy KIND
Deploy calico deployment

Environment:
Docker running on 16GB of memory and 12 CPUs

  • kind version: (use kind version): v0.4.0
  • Kubernetes version: (use kubectl version): GitVersion:"v1.14.3"
  • Docker version: (use docker info):
    containerd version: 894b81a4b802e4eb2a91d1ce216b8817763c29fb
    runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
    init version: fec3683
  • OS (e.g. from /etc/os-release): darwin

Any ideas?

kinbug
Source
picture snalvi

Most helpful comment

@snalvi 0.5.0 will work too, but please check that you follow the instructions from #891

picture aojea on 24 Oct 2019
👍2

All 5 comments

this is #891

the latest images will work.

BenTheElder picture BenTheElder on 24 Oct 2019

v0.6.0 will contain an image with this fix by default. kind at HEAD does as well. v0.6.0 is pending some other fixes settling.

calico has some strict requirements around rp_filter, which we've accomadated for, that said calico is not an explicitly supported configuration, disableDefaultCNI is a power user feature :upside_down_face:

BenTheElder picture BenTheElder on 24 Oct 2019
👍1

@BenTheElder Will 0.5.0 work as well? You mentioned latest images will work and that 0.6.0 will fix this as well. Do I need to build from the kind repo?

snalvi picture snalvi on 24 Oct 2019

@snalvi 0.5.0 will work too, but please check that you follow the instructions from #891

aojea picture aojea on 24 Oct 2019
👍2

@aojea I followed the instructions from #891 and have a successfully deployed kind cluster with calico CNI. However, when I try to deploy any other pods, I am seeing the init container fail to come up with:

; <<>> DiG 9.11.3-1ubuntu1.8-Ubuntu <<>> -t A +tries=5 +retry=5 +time=1 amazon.com
;; global options: +cmd
;; connection timed out; no servers could be reached

I thought perhaps the network policies we were trying to enforce were too strict, but we are allowing everything for ingress and egress right now just to get it up and running: 

spec:
  egress:
  - to:
    - ipBlock:
        cidr: 0.0.0.0/0
  ingress:
  - from:
    - ipBlock:
        cidr: 0.0.0.0/0
  policyTypes:
  - Ingress
  - Egress

Is this an issue with the way the calico was deployed?

snalvi picture snalvi on 24 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rflorenc picture rflorenc  路  3Comments
Wenshiqi222 picture Wenshiqi222  路  4Comments
mithunvikram picture mithunvikram  路  3Comments
ivanayov picture ivanayov  路  4Comments
nielsvbrecht picture nielsvbrecht  路  3Comments