[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pod deployment error: couldn't get deployment: dial tcp 172.30.0.1:443: getsockopt: no route to host



Hey,

I'd try to disable all firewall rules and then see if the error message is still there.
For example:
iptables -F
iptables -t nat -F
systemctl restart origin-master origin-node docker openvswitch

Note that all iptables chains have to be set to policy "accept" for this to work.
"No route to host" can be caused by "--reject-with icmp-host-prohibited" so you can try looking for that in your firewall config too.

Regards,
v

Am 2016-04-19 um 07:38 schrieb Sebastian Wieseler:
Hi Clayton,
Thanks for your reply.

I opened now the firewall and have only the iptables rules from ansible in place.
4789 UDP is open for the OVS as I saw.

I ran ansible again and deployed the pod without any success.
Restarting the OVS daemon everywhere in the masters,nodes doesn’t help either.

What’s the procedure to get it fixed?
Thanks again in advance.

Greetings,
    Sebastian


On 19 Apr 2016, at 12:06 PM, Clayton Coleman <ccoleman redhat com> wrote:

This is very commonly a misconfiguration of the network firewall rules
and the Openshift SDN.  Pods attempt to connect over OVS bridges to
the masters, and the OVS traffic is carried over port 4789 (I think
that's the port, you may want to double check).

https://access.redhat.com/documentation/en/openshift-enterprise/3.1/cluster-administration/chapter-17-troubleshooting-openshift-sdn

Covers debugging network configuration issues

On Apr 18, 2016, at 11:28 PM, Sebastian Wieseler <sebastian myrepublic com sg> wrote:

Hi community,
We’re having difficulties to deploy pods.
Our setup includes three masters plus three nodes.

If we deploy a pod in the default project on a master, everything works fine.
But when we’re deploying it on a node, we’re getting STATUS Error for the pod and the log shows:
F0418 09:07:26.429738       1 deployer.go:70] couldn't get deployment project/pod-1: Get https:/172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1: dial tcp X.X.X.X:443: getsockopt: no route to host

172.30.0.1 is the default address for kubernetes.
If I execute curl https://172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1on the master or on the nodes, I’ll get a valid response.

How come the pod doesn’t have a route? I couldn’t find much in the logs.
First I thought it’s a firewall issue, but even with "allow any" it doesn’t work.

Our syslog is also full of these messages, on master and nodes:

Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.578086   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.947147   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948047   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948076   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:25 localhost atomic-openshift-master-api: I0419 03:15:25.576047   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:26 localhost atomic-openshift-master-api: I0419 03:15:26.207263   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:27 localhost origin-master-controllers: I0419 03:15:27.947460   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.580092   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.961733   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:30 localhost origin-master-controllers: I0419 03:15:30.577072   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:31 localhost origin-master-controllers: I0419 03:15:31.947765   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:32 localhost origin-master-controllers: I0419 03:15:32.579114   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:33 localhost origin-master-controllers: I0419 03:15:33.199725   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.199899   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.200178   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
Apr 19 03:15:34 localhost origin-node: I0419 03:15:34.577084   32236 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF

Don’t know if this is related?

Thanks a lot for your help!
Greetings,
  Sebastian




_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]