Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release 1.24] Bump new kube-router version to fix issue when a port name is used #7459

Closed
rbrtbnfgl opened this issue May 9, 2023 · 1 comment
Closed

[Release 1.24] Bump new kube-router version to fix issue when a port name is used #7459

rbrtbnfgl opened this issue May 9, 2023 · 1 comment
Assignees
@fmoral2
Milestone
v1.24.14+k3s1

Comments

@rbrtbnfgl
Copy link
Contributor

Backport for #7446 #7391
@rbrtbnfgl rbrtbnfgl added this to the v1.24.14+k3s1 milestone May 9, 2023
@rbrtbnfgl rbrtbnfgl moved this from New to Working in K3s Development May 9, 2023
@rbrtbnfgl rbrtbnfgl mentioned this issue May 9, 2023
Merged
@rbrtbnfgl rbrtbnfgl moved this from Working to To Test in K3s Development May 9, 2023
@fmoral2
Copy link
Contributor

fmoral2 commented May 10, 2023

Validated on Version:

- v1.24.13+k3s-280e058f (280e058f) -Issue related 
- v1.24.13+k3s-324ecfc3 (324ecfc3) (Target commit id version) Commit ID=324ecfc30da9465b13b4bf93ff90abe7adde1527

Environment Details

Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:
PRETTY_NAME="SUSE Linux Enterprise Server 15 SP4"

Cluster Configuration:
1 node

Config.yaml:

cat /etc/rancher/k3s/config,yaml
write-kubeconfig-mode: 644
token: test

Steps to reproduce the issue

  1. Install k3s in previous version
  2. Create a statefulset with 5 replicas
  3. Deploy alpine pod
  4. Create a service for nginx
  5. Test connection to it
  6. Create ingress policy allowing traffic to Port: http/TCP
  7. Test connection to it again
  8. Validate if is only reachable one address

Steps to validate the fix

  1. Install k3s in previous version
  2. Create a statefulset with 5 replicas
  3. Deploy alpine pod
  4. Create a service for nginx
  5. Test connection to it
  6. Create ingress policy allowing traffic to Port: http/TCP
  7. Test connection to it again
  8. Validate if is reachable any address of your replicas

Validation Results:

###########    Issue     ###########


v1.24.13+k3s-280e058f (280e058f)


~$ k3s --version

k3s version v1.24.13+k3s-280e058f (280e058f)


$ Kubectl apply -f statefulset.yaml

$ kubectl get pods -l app=nginx

NAME      READY   STATUS    RESTARTS   AGE
nginx-0   1/1     Running   0          66m
nginx-1   1/1     Running   0          66m
nginx-2   1/1     Running   0          29m
nginx-3   1/1     Running   0          29m
nginx-4   1/1     Running   0          29m

 
$ kubectl apply -f alpine.yaml
$ kubectl get pods

NAME                      READY   STATUS    RESTARTS   AGE
alpine-6769d5b78c-v2n29   1/1     Running   0          67m


$ kubectl apply -f nginx.yaml

$ kubectl get svc
NAME                TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes          ClusterIP   10.43.0.1    <none>        443/TCP   79m
nginx-service       ClusterIP   None         <none>        80/TCP    67m


$ kubectl exec -it deployment/alpine -- wget -O - nginx-4.nginx-service.default.svc.cluster.local

Connecting to nginx-4.nginx-service.default.svc.cluster.local (10.42.0.20:80)
writing to stdout
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
...
written to stdout

$ kubectl exec -it deployment/alpine -- wget -O - nginx-2.nginx-service.default.svc.cluster.local
Connecting to nginx-4.nginx-service.default.svc.cluster.local (10.42.0.20:80)
writing to stdout
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
...
written to stdout




$ kubectl apply -f policy.yaml
$ kubectl describe networkpolicy nginx-network-policy

Name:         nginx-network-policy
Namespace:    default
Created on:   2023-05-10 14:02:20 +0000 UTC
Labels:       <none>
Annotations:  <none>
Spec:
  PodSelector:     app=nginx
  Allowing ingress traffic:
    To Port: http/TCP
    From:
      PodSelector: app=alpine
  Not affecting egress traffic
  Policy Types: Ingress



$ kubectl exec -it deployment/alpine -- wget -O - nginx-0.nginx-service.default.svc.cluster.local

Connecting to nginx-0.nginx-service.default.svc.cluster.local (10.42.0.12:80)
wget: can't connect to remote host (10.42.0.12): Connection refused
command terminated with exit code 1

$ kubectl exec -it deployment/alpine -- wget -O - nginx-1.nginx-service.default.svc.cluster.local

Connecting to nginx-0.nginx-service.default.svc.cluster.local (10.42.0.12:80)
wget: can't connect to remote host (10.42.0.12): Connection refused
command terminated with exit code 1

$ kubectl exec -it deployment/alpine -- wget -O - nginx-2.nginx-service.default.svc.cluster.local

Connecting to nginx-0.nginx-service.default.svc.cluster.local (10.42.0.12:80)
wget: can't connect to remote host (10.42.0.12): Connection refused
command terminated with exit code 1

$ kubectl exec -it deployment/alpine -- wget -O - nginx-3.nginx-service.default.svc.cluster.local

Connecting to nginx-0.nginx-service.default.svc.cluster.local (10.42.0.12:80)
wget: can't connect to remote host (10.42.0.12): Connection refused
command terminated with exit code 1



$ kubectl exec -it deployment/alpine -- wget -O - nginx-4.nginx-service.default.svc.cluster.local

Connecting to nginx-4.nginx-service.default.svc.cluster.local (10.42.0.20:80)
writing to stdout
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
...
written to stdout



========================================================================================================================   



###########    FIX     ###########

v1.24.13+k3s-324ecfc3 (324ecfc3) (Target commit id version) Commit ID=324ecfc30da9465b13b4bf93ff90abe7adde1527 

~$ k3s --version

k3s version v1.24.13+k3s-324ecfc3 (324ecfc3)


$ Kubectl apply -f statefulset.yaml

$ kubectl get pods -l app=nginx

NAME      READY   STATUS    RESTARTS   AGE
nginx-0   1/1     Running   0          80m
nginx-1   1/1     Running   0          80m
nginx-2   1/1     Running   0          39m
nginx-3   1/1     Running   0          39m
nginx-4   1/1     Running   0          38m

 
$ kubectl apply -f alpine.yaml
$ kubectl get pods

NAME                      READY   STATUS    RESTARTS   AGE
alpine-6769d5b78c-v2n29   1/1     Running   0          67m


$ kubectl apply -f nginx.yaml

$ kubectl get svc
NAME                TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes          ClusterIP   10.43.0.1    <none>        443/TCP   79m
nginx-service       ClusterIP   None         <none>        80/TCP    67m




$ kubectl exec -it deployment/alpine -- wget -O - nginx-0.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-1.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-2.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-3.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-4.nginx-service.default.svc.cluster.local

Connecting to nginx-4.nginx-service.default.svc.cluster.local (10.42.0.20:80)
writing to stdout
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
...
written to stdout



$ kubectl exec -it deployment/alpine -- wget -O - nginx-5.nginx-service.default.svc.cluster.local

wget: bad address 'nginx-5.nginx-service.default.svc.cluster.local'
command terminated with exit code 1





$ kubectl apply -f policy.yaml
kubectl describe networkpolicy nginx-network-policy
Name:         nginx-network-policy
Namespace:    default
Created on:   2023-05-10 13:57:24 +0000 UTC
Labels:       <none>
Annotations:  <none>
Spec:
  PodSelector:     app=nginx
  Allowing ingress traffic:
    To Port: http/TCP
    From:
      PodSelector: app=alpine
  Not affecting egress traffic
  Policy Types: Ingress
  
  
  
$ kubectl exec -it deployment/alpine -- wget -O - nginx-0.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-1.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-2.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-3.nginx-service.default.svc.cluster.local
$ kubectl exec -it deployment/alpine -- wget -O - nginx-4.nginx-service.default.svc.cluster.local

Connecting to nginx-4.nginx-service.default.svc.cluster.local (10.42.0.20:80)
writing to stdout
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
...
written to stdout



$ kubectl exec -it deployment/alpine -- wget -O - nginx-5.nginx-service.default.svc.cluster.local

wget: bad address 'nginx-5.nginx-service.default.svc.cluster.local'
command terminated with exit code 1

@fmoral2 fmoral2 closed this as completed May 10, 2023
@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development May 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fmoral2 fmoral2

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.24.14+k3s1
Development

No branches or pull requests
2 participants
@rbrtbnfgl @fmoral2