【Calico bgp连接失败问题】calico-node pod处于0/1ready状态
吴俊晤
Calico bgp配置
问题描述
- calico-node处于0/1 redy状态,通过describe可查看详情,BGP无法建立连接
kubectl describe pods calico-node-gth75 -n kube-system
输出:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 36m default-scheduler Successfully assigned kube-system/calico-node-gth75 to worker1
Normal Pulled 36m kubelet Container image "calico/node:v3.20.0" already present on machine
Normal Created 36m kubelet Created container calico-node
Normal Started 36m kubelet Started container calico-node
Warning Unhealthy 36m kubelet Readiness probe failed: calico/node is not ready: BIRD is not ready: Error querying BIRD: unable to connect to BIRDv4 socket: dial unix /var/run/calico/bird.ctl: connect: connection refused
Warning Unhealthy 40s kubelet Readiness probe failed: 2022-06-15 08:31:26.232 [INFO][16834] confd/health.go 180: Number of node(s) with BGP peering established = 0
calico/node is not ready: BIRD is not ready: BGP not established with 99.0.83.130
- 查看calico node status,可以看到无到工作节点的bgp route
[root@controller ~]# calicoctl node status
Calico process is running.
IPv4 BGP status
+--------------+---------------+-------+----------+--------------------------------+
| PEER ADDRESS | PEER TYPE | STATE | SINCE | INFO |
+--------------+---------------+-------+----------+--------------------------------+
| 99.0.83.131 | node specific | start | 08:31:21 | Connect Socket: No route to |
| | | | | host |
+--------------+---------------+-------+----------+--------------------------------+
IPv6 BGP status
No IPv6 peers found.
解决步骤
- 在所有节点开放179端口
[root@controller ~]# firewall-cmd --permanent --add-port=179/tcp
success
[root@controller ~]# firewall-cmd --reload
success
[root@controller ~]# firewall-cmd --list-ports
179/tcp
- 若179端口仍未建立tcp 连接,可以查看calico-node 的daemonSet配置,spec若未指定interface,默认是eth.+,若环境device不同,需要修改
- name: IP_AUTODETECTION_METHOD
value: interface=en.+
- 注意环境中的firewalld.service是停用的,在启用状态,pod会无法ready,不知是否有其他设置
类似资料: