Hey,
I'd try to disable all firewall rules and then see if the error message is
still there.
For example:
iptables -F
iptables -t nat -F
systemctl restart origin-master origin-node docker openvswitch
Note that all iptables chains have to be set to policy "accept" for this to
work.
"No route to host" can be caused by "--reject-with icmp-host-prohibited" so you
can try looking for that in your firewall config too.
Regards,
v
Am 2016-04-19 um 07:38 schrieb Sebastian Wieseler:
Hi Clayton,
Thanks for your reply.
I opened now the firewall and have only the iptables rules from ansible in
place.
4789 UDP is open for the OVS as I saw.
I ran ansible again and deployed the pod without any success.
Restarting the OVS daemon everywhere in the masters,nodes doesn’t help either.
What’s the procedure to get it fixed?
Thanks again in advance.
Greetings,
Sebastian
On 19 Apr 2016, at 12:06 PM, Clayton Coleman <[email protected]> wrote:
This is very commonly a misconfiguration of the network firewall rules
and the Openshift SDN. Pods attempt to connect over OVS bridges to
the masters, and the OVS traffic is carried over port 4789 (I think
that's the port, you may want to double check).
https://access.redhat.com/documentation/en/openshift-enterprise/3.1/cluster-administration/chapter-17-troubleshooting-openshift-sdn
Covers debugging network configuration issues
On Apr 18, 2016, at 11:28 PM, Sebastian Wieseler <[email protected]>
wrote:
Hi community,
We’re having difficulties to deploy pods.
Our setup includes three masters plus three nodes.
If we deploy a pod in the default project on a master, everything works fine.
But when we’re deploying it on a node, we’re getting STATUS Error for the pod
and the log shows:
F0418 09:07:26.429738 1 deployer.go:70] couldn't get deployment
project/pod-1: Get
https:/172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1:
dial tcp X.X.X.X:443: getsockopt: no route to host
172.30.0.1 is the default address for kubernetes.
If I execute curl
https://172.30.0.1:443/api/v1/namespaces/project/replicationcontrollers/pod-1on
the master or on the nodes, I’ll get a valid response.
How come the pod doesn’t have a route? I couldn’t find much in the logs.
First I thought it’s a firewall issue, but even with "allow any" it doesn’t
work.
Our syslog is also full of these messages, on master and nodes:
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.578086
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.947147
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948047
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:24 localhost atomic-openshift-master-api: I0419 03:15:24.948076
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:25 localhost atomic-openshift-master-api: I0419 03:15:25.576047
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:26 localhost atomic-openshift-master-api: I0419 03:15:26.207263
32022 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:27 localhost origin-master-controllers: I0419 03:15:27.947460
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.580092
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:28 localhost origin-master-controllers: I0419 03:15:28.961733
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:30 localhost origin-master-controllers: I0419 03:15:30.577072
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:31 localhost origin-master-controllers: I0419 03:15:31.947765
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:32 localhost origin-master-controllers: I0419 03:15:32.579114
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:33 localhost origin-master-controllers: I0419 03:15:33.199725
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.199899
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:34 localhost origin-master-controllers: I0419 03:15:34.200178
51283 iowatcher.go:103] Unexpected EOF during watch stream event decoding:
unexpected EOF
Apr 19 03:15:34 localhost origin-node: I0419 03:15:34.577084 32236
iowatcher.go:103] Unexpected EOF during watch stream event decoding: unexpected
EOF
Don’t know if this is related?
Thanks a lot for your help!
Greetings,
Sebastian
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
