- Octavia load balancer is working normally
-
network for services : 10.2.0.0/16
-
network for pods : 10.1.0.0/16
-
Octavia amphora VM for service kubernetes is created
-
Haproxy is created in amphora VM
[centos@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 ~]$ ps aux | grep haproxy
root 3975 0.0 0.3 77712 3588 ? Ss 06:50 0:00 /usr/sbin/haproxy -Ws -f /var/lib/octavia/c2378cc2-c6db-45fa-9947-84fd793c951a/haproxy.cfg -f /var/lib/octavia/haproxy-default-user-group.conf -p /var/lib/octavia/c2378cc2-c6db-45fa-9947-84fd793c951a/c2378cc2-c6db-45fa-9947-84fd793c951a.pid -L SMqcf_H3oyJJCkQxmu9ZY6X4Du8 -sf 4029
- Haproxy is configure with kubernetes pod IP address
[centos@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 ~]$ sudo cat /var/lib/octavia/c2378cc2-c6db-45fa-9947-84fd793c951a/haproxy.cfg
.
frontend c2378cc2-c6db-45fa-9947-84fd793c951a
option tcplog
maxconn 1000000
bind 10.2.122.127:80
mode tcp
default_backend 1659bee8-d59d-430a-992f-b04d8dcf0186
timeout client 50000
backend 1659bee8-d59d-430a-992f-b04d8dcf0186
mode tcp
balance roundrobin
fullconn 1000000
option allbackups
timeout connect 5000
timeout server 50000
server 8e921cef-8e47-47c4-8560-cf5dde1261ba 10.1.3.215:80 weight 1
root@zu-kuryr-kubernetes-master:~# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-78f5d695bd-p4zwz 1/1 Running 0 2h 10.1.3.215 zu-kuryr-kubernetes-worker1 <none>
root@zu-kuryr-kubernetes-master:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx ClusterIP 10.2.122.127 <none> 80/TCP 2h
- Amphora VM is able to ping router
[centos@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 ~]$ ip netns
amphora-haproxy (id: 0)
[centos@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 ~]$ sudo ip netns exec amphora-haproxy bash
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# ping 10.1.255.254
PING 10.1.255.254 (10.1.255.254) 56(84) bytes of data.
64 bytes from 10.1.255.254: icmp_seq=1 ttl=64 time=1.18 ms
64 bytes from 10.1.255.254: icmp_seq=2 ttl=64 time=0.525 ms
^C
--- 10.1.255.254 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.525/0.856/1.187/0.331 ms
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# ping 10.2.255.254
PING 10.2.255.254 (10.2.255.254) 56(84) bytes of data.
64 bytes from 10.2.255.254: icmp_seq=1 ttl=64 time=0.481 ms
64 bytes from 10.2.255.254: icmp_seq=2 ttl=64 time=0.556 ms
^C
--- 10.2.255.254 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.481/0.518/0.556/0.043 ms
8 AMphora VM is able to ping internet
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=55 time=5.88 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=55 time=5.96 ms
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 5.884/5.925/5.967/0.087 ms
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]#
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# ip route
default via 10.2.255.254 dev eth1
10.2.0.0/16 dev eth1 proto kernel scope link src 10.2.128.22
169.254.0.0/16 dev eth1 scope link metric 1003
- Amphora VM is not able to ping or curl pod IP (only can ping IP router in pod network, see below)
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# ping -c 2 10.1.3.215
PING 10.1.3.215 (10.1.3.215) 56(84) bytes of data.
--- 10.1.3.215 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms
[root@amphora-057b9b2d-a19e-4c20-9eb7-a1ac418e5275 centos]# curl 10.1.3.215 -vvvv
* About to connect() to 10.1.3.215 port 80 (#0)
* Trying 10.1.3.215...
^C
