Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable portmap for the default cni bridge #10782

Merged
merged 1 commit into from
Mar 11, 2021
Merged

Enable portmap for the default cni bridge #10782

merged 1 commit into from
Mar 11, 2021

Conversation

afbjorklund
Copy link
Collaborator

Otherwise the registry addon will not work, since it uses
hostPort 5000 (which in turn requires port mapping enabled)

Closes #10778

@afbjorklund
Enable portmap for the default cni bridge
71145bc 
Otherwise the registry addon will not work, since it uses
hostPort 5000 (which in turn requires port mapping enabled)
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Mar 10, 2021
@medyagh
Copy link
Member

medyagh commented Mar 10, 2021

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Mar 10, 2021
@minikube-pr-bot
Copy link

kvm2 Driver
error collecting results for kvm2 driver: timing run 0 with Minikube (PR 10782): timing cmd: [/home/performance-monitor/.minikube/minikube-binaries/10782/minikube start --driver=kvm2]: starting cmd: fork/exec /home/performance-monitor/.minikube/minikube-binaries/10782/minikube: exec format error
docker Driver
error collecting results for docker driver: timing run 0 with Minikube (PR 10782): timing cmd: [/home/performance-monitor/.minikube/minikube-binaries/10782/minikube start --driver=docker]: starting cmd: fork/exec /home/performance-monitor/.minikube/minikube-binaries/10782/minikube: exec format error

@medyagh
Copy link
Member

medyagh commented Mar 11, 2021

registry test still failing @afbjorklund
https://storage.googleapis.com/minikube-builds/logs/10782/71145bc/Docker_Linux_containerd.html#fail_TestAddons%2fparallel%2fRegistry

@medyagh
Copy link
Member

medyagh commented Mar 11, 2021

@afbjorklund dont we need to add portmap for kindnet cni ?

@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 11, 2021
edited
Loading

@afbjorklund dont we need to add portmap for kindnet cni ?

As far as I can tell, it already had it enabled since before:

/etc/cni/net.d/10-kindnet.conflist


{
	"cniVersion": "0.3.1",
	"name": "kindnet",
	"plugins": [
	{
		"type": "ptp",
		"ipMasq": false,
		"ipam": {
			"type": "host-local",
			"dataDir": "/run/cni-ipam-state",
			"routes": [
				{
					"dst": "0.0.0.0/0"
				}
			],
			"ranges": [
			[
				{
					"subnet": "10.244.0.0/24"
				}
			]
		]
		}
		,
		"mtu": 1500
		
	},
	{
		"type": "portmap",
		"capabilities": {
			"portMappings": true
		}
	}
	]
}

https://github.com/kubernetes-sigs/kind/blob/9785fe7b74fdc6980e4402c38c2eebef30ac62e3/images/kindnetd/cmd/kindnetd/cni.go#L102

@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 11, 2021
edited
Loading

But for some reason I also had a CRI-O CNI, without it.

docker@docker:~$ more /etc/cni/net.d/
10-kindnet.conflist        100-crio-bridge.conf       200-loopback.conf          87-podman-bridge.conflist

As far as i can tell, kube-proxy was started before kindnetd.

/etc/cni/net.d/100-crio-bridge.conf

{
    "cniVersion": "0.3.1",
    "name": "crio",
    "type": "bridge",
    "bridge": "cni0",
    "isGateway": true,
    "ipMasq": true,
    "hairpinMode": true,
    "ipam": {
        "type": "host-local",
        "routes": [
            { "dst": "0.0.0.0/0" },
            { "dst": "1100:200::1/24" }
        ],
        "ranges": [
            [{ "subnet": "10.85.0.0/16" }],
            [{ "subnet": "1100:200::/24" }]
        ]
    }
}

EDIT: It is included in the cri-o package:

/etc/cni/net.d/100-crio-bridge.conf
/etc/cni/net.d/200-loopback.conf
/etc/crictl.yaml
/etc/crio/crio.conf
/etc/crio/crio.conf.d/01-crio-runc.conf
/etc/default/crio

Removing cri-o makes containerd work again.

@medyagh medyagh merged commit bf204d1 into kubernetes:master Mar 11, 2021
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: afbjorklund, medyagh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [afbjorklund,medyagh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@medyagh medyagh mentioned this pull request Mar 11, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@medyagh medyagh medyagh approved these changes

@blueelvis blueelvis Awaiting requested review from blueelvis

@prezha prezha Awaiting requested review from prezha

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix registry addon for containerd runtime.
4 participants
@afbjorklund @medyagh @minikube-pr-bot @k8s-ci-robot