[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pod deployment error: couldn't get deployment: dial tcp 172.30.0.1:443: getsockopt: no route to host



Hey v,
Hey Clayton,

Thanks for your help.
I didn’t flush the iptables in the end, but ALLOW’ed all communication and watched netstat -atn closely.

Figured out, that you need port 8443 for communication between nodes and masters as well.
Previously I thought that nodes would establish the communication to the general master API address, instead of directly
to the masters.
So you actually need to allow port tcp,8443 for node -> master communication as well.

Thanks again.
Greetings,
   Sebastian




> On 19 Apr 2016, at 2:21 PM, v <vekt0r7 gmx net> wrote:
> 
> Hey,
> 
> I'd try to disable all firewall rules and then see if the error message is still there.
> For example:
> iptables -F
> iptables -t nat -F
> systemctl restart origin-master origin-node docker openvswitch
> 
> Note that all iptables chains have to be set to policy "accept" for this to work.
> "No route to host" can be caused by "--reject-with icmp-host-prohibited" so you can try looking for that in your firewall config too.
> 
> Regards,
> v
> 
> Am 2016-04-19 um 07:38 schrieb Sebastian Wieseler:
>> Hi Clayton,
>> Thanks for your reply.
>> 
>> I opened now the firewall and have only the iptables rules from ansible in place.
>> 4789 UDP is open for the OVS as I saw.
>> 
>> I ran ansible again and deployed the pod without any success.
>> Restarting the OVS daemon everywhere in the masters,nodes doesn’t help either.
>> 
>> What’s the procedure to get it fixed?
>> Thanks again in advance.
>> 
>> Greetings,
>>    Sebastian
>> 
>> 
>>> On 19 Apr 2016, at 12:06 PM, Clayton Coleman <ccoleman redhat com> wrote:
>>> 
>>> This is very commonly a misconfiguration of the network firewall rules
>>> and the Openshift SDN.  Pods attempt to connect over OVS bridges to
>>> the masters, and the OVS traffic is carried over port 4789 (I think
>>> that's the port, you may want to double check).
>>> 
>>> https://access.redhat.com/documentation/en/openshift-enterprise/3.1/cluster-administration/chapter-17-troubleshooting-openshift-sdn
>>> 
>>> Covers debugging network configuration issues
>>> 
>>>> On Apr 18, 2016, at 11:28 PM, Sebastian Wieseler <sebastian myrepublic com sg> wrote:
>>>> 
>>>> Hi community,
>>>> We’re having difficulties to deploy pods.
>>>> Our setup includes three masters plus three nodes.
>>>> 
>>>> If we deploy a pod in the default project on a master, everything works fine.
>>>> But when we’re deploying it on a node, we’re getting STATUS Error for the pod and the log shows:
>>>> F0418 09:07:26.429738       1 deployer.go:70] couldn't get deployment project/pod-1: Get https:/172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1: dial tcp X.X.X.X:443: getsockopt: no route to host
>>>> 
>>>> 172.30.0.1 is the default address for kubernetes.
>>>> If I execute curl https://172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1on the master or on the nodes, I’ll get a valid response.
>>>> 
>>>> How come the pod doesn’t have a route? I couldn’t find much in the logs.
>>>> First I thought it’s a firewall issue, but even with "allow any" it doesn’t work.
>>>> 
>>>> Our syslog is also full of these messages, on master and nodes:
>>>> 
>>>> Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.578086   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.947147   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948047   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948076   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:25 localhost atomic-openshift-master-api: I0419 03:15:25.576047   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:26 localhost atomic-openshift-master-api: I0419 03:15:26.207263   32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:27 localhost origin-master-controllers: I0419 03:15:27.947460   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.580092   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.961733   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:30 localhost origin-master-controllers: I0419 03:15:30.577072   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:31 localhost origin-master-controllers: I0419 03:15:31.947765   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:32 localhost origin-master-controllers: I0419 03:15:32.579114   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:33 localhost origin-master-controllers: I0419 03:15:33.199725   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.199899   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.200178   51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> Apr 19 03:15:34 localhost origin-node: I0419 03:15:34.577084   32236 iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected EOF
>>>> 
>>>> Don’t know if this is related?
>>>> 
>>>> Thanks a lot for your help!
>>>> Greetings,
>>>>  Sebastian
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> users mailing list
>>>> users lists openshift redhat com
>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>> 
>> _______________________________________________
>> users mailing list
>> users lists openshift redhat com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]