k8s cluster ping 10.96.0.1 no route

ping不通svc地址，但是地址可以解析，ping 10.96.0.1果然也不通，ping其他pod地址是正常通的，可能是路由规则的问题也就是iptables规则或ipvs规则的问题

检查后发现没有指定ipvs模块,默认是iptables规则，但是kube-proxy执行iptables失败导致的解决如下

#kubectl edit cm kube-proxy -n kube-system
...
    kind: KubeProxyConfiguration
    metricsBindAddress: ""
    mode: "ipvs"
...

#重启kube-proxy
kubectl get pod -n kube-system | grep kube-proxy |awk '{system("kubectl delete pod "$1" -n kube-system")}'

#kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        56d
nginx        ClusterIP   10.102.219.108   <none>        80/TCP         19d
nginx-web    NodePort    10.96.15.41      <none>        80:30990/TCP   55d
svc-hpa      NodePort    10.104.2.4       <none>        80:31983/TCP   19d

#ping 10.96.15.41
PING 10.96.15.41 (10.96.15.41) 56(84) bytes of data.
64 bytes from 10.96.15.41: icmp_seq=1 ttl=64 time=0.061 ms
^C
--- 10.96.15.41 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.061/0.061/0.061/0.000 ms
[root@master1 ~]#ping 10.96.0.1
PING 10.96.0.1 (10.96.0.1) 56(84) bytes of data.
64 bytes from 10.96.0.1: icmp_seq=1 ttl=64 time=0.080 ms
64 bytes from 10.96.0.1: icmp_seq=2 ttl=64 time=0.079 ms

posted @ 2022-10-02 10:31 九尾cat 阅读(670) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

九尾cat

Linux zealots

k8s cluster ping 10.96.0.1 no route

k8s cluster ping 10.96.0.1 no route

公告