Thanks a lot, I successfully solve this problem with your method, when 
using kubernetes service to connect namenode and datanode.
1. Update docker version:  ( from 1.9.1 to 1.12.1)
sudo curl -sSL https://get.docker.com/ | sh

2. Stop docker service, and use --ip-masq=false:
sudo service docker stop
/usr/bin/dockerd --ip-masq=false

Then it works. Sorry for my poor English.


在 2015年1月17日星期六 UTC+8上午1:49:57,prateek arora写道:
>
> Hi
>
> I am also facing the same issue with HDFS setup with kubernetes and flannel
> I have used --ip-masq=false when starting the Docker daemon and start 
> flannel with --ip-masq=true..
> so right now my Datanode's is connecting to namenode using kubernet api . 
> but when i tried with kubernet service namenode registers the datanode 
> with the IP of the flannel interface. 
>
>
> you suggested second solution :
>
> ---- Use flannel with --ip-masq=false, and apply IP masquerading for only 
> the traffic leaving the network (to the Internet) using iptables.
>
> can you please tell me the iptables command to apply this solution.
>
>
>
>
>
>
> On Friday, January 2, 2015 at 11:21:48 AM UTC-8, Eugene Yakubovich wrote:
>>
>> After looking at the logs and thinking some more, I think my previous 
>> story was not correct. It should be more like this: 
>>
>> - connection is made from a container (pod) to a 10.1.x.x service IP 
>> from a flannel IP (10.244.x.x). 
>> - it first hits KUBE-PROXY PREROUTING rule which redirects it to the 
>> service proxy. 
>> - service proxy makes a connection to namenode which has 10.244.x.x 
>> (flannel) IP. Since the route for such IPs is via flannel0, the source 
>> IP will be that of flannel0 (10.244.x.0). 
>> - FLANNEL:MASQUERADE is NOT applied but the src IP is nevertheless 
>> that of flannel0. 
>>
>> This is actually consistent with the iptables logs as there's no trace 
>> showing FLANNEL:rule:3 (masquerade) being applied. I'm not sure what 
>> causes FLANNEL:MASQUERADE pkts to increment (it maybe some other 
>> comms). 
>>
>> Regarding how to best solve this. You proposed: 
>>
>> > 1. Inside a Datanode container, use Kubernetes API to get the actual IP 
>> of Namenode and use that to connect the namenode. 
>> > 2. Use flannel with --ip-masq=false, and apply IP masquerading for only 
>> the traffic leaving the network (to the Internet) using iptables. 
>>
>> Option 2 is not workable as it doesn't seem to be the cause. So that 
>> leaves option 1. 
>>
>> -Eugene 
>>
>> On Fri, Jan 2, 2015 at 6:06 AM, Luqman <lgs...@gmail.com> wrote: 
>> > Eugene, do you know what's going on here? 
>> > 
>> > -- 
>> > You received this message because you are subscribed to a topic in the 
>> > Google Groups "Containers at Google" group. 
>> > To unsubscribe from this topic, visit 
>> > 
>> https://groups.google.com/d/topic/google-containers/P4uh7y383oo/unsubscribe. 
>>
>> > To unsubscribe from this group and all its topics, send an email to 
>> > google-contain...@googlegroups.com. 
>> > To post to this group, send email to google-c...@googlegroups.com. 
>> > Visit this group at http://groups.google.com/group/google-containers. 
>> > For more options, visit https://groups.google.com/d/optout. 
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Reply via email to