Submariner not working on premise K8s-clusters #2658
Labels
Comments
|
@engrzain looks like both the attachments are empty. |
|
Please have a look again. submariner-20230824104601.tar.gz |
|
The issue was that ESP traffic was not allowed between the cluster Gateway nodes. Hence, connections could not be established. It was confirmed that after moving to VxLAN cable-driver the connections are all good. This was discussed on slack - https://kubernetes.slack.com/archives/C010RJV694M/p1692948447566799?thread_ts=1692705479.341019&cid=C010RJV694M |
|
Thanks @sridhargaddam for your assistance. |
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Aug 28, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Aug 28, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Aug 28, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Aug 28, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
skitt
pushed a commit
to submariner-io/subctl
that referenced
this issue
Aug 28, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Sep 11, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
sridhargaddam
added a commit
to sridhargaddam/subctl
that referenced
this issue
Sep 11, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
skitt
pushed a commit
to submariner-io/subctl
that referenced
this issue
Sep 12, 2023
When there is no NAT between the Gateway nodes and Libreswan cable-driver is used, IPsec protocol uses UDP/4500 port for exchanging the keys and ESP for data transfer. As part of subctl diagnose command, this PR now validates if there is a potential issue with ESP and returns appropriate error message. Related to: submariner-io/submariner#2658 Signed-off-by: Sridhar Gaddam <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, I have installed submariner on two k8-cluster on premises cni flannel.
On both the sides when i checked status using subctl show all it gives error status.
I am attaching subctl gather from the both cluster. Can someone please point out whats the issue. I have checked two version 0.14.6 and 0.15.2 and error on both version are same. These logs are from 0.14.6
submariner-20230824104601.tar.gz
submariner-20230824104725.tar.gz
The text was updated successfully, but these errors were encountered: