Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kube-ovn-pinger这个组件无法启动 #5045

Open
wangdiwen opened this issue Feb 28, 2025 · 1 comment
Open

kube-ovn-pinger这个组件无法启动 #5045

wangdiwen opened this issue Feb 28, 2025 · 1 comment
Labels
bug Something isn't working

Comments

@wangdiwen
Copy link

使用install.sh脚本,在刚构建的k8s集群上安装,卡在第4步
[Step 4/6] Delete pod that not in host network mode
pod "coredns-695cb7b7f8-zvldg" deleted
pod "kube-ovn-pinger-5bmsc" deleted
pod "kube-ovn-pinger-962pw" deleted
Waiting for deployment "coredns" rollout to finish: 0 of 1 updated replicas are available...
deployment "coredns" successfully rolled out
Waiting for daemon set "kube-ovn-pinger" rollout to finish: 0 of 2 updated pods are available...
error: timed out waiting for the condition

kube-ovn-pinger pod里报错为:
│ Warning FailedCreatePodSandBox 2m13s (x563 over 12m) kubelet (combined from similar events): Failed to create pod sandbox: rpc error: code │
│ = Unknown desc = failed to set up sandbox container "faeb58353e121d02488b651ed7dbaab76194af82d86667d48319c10ce077eb8a" network for pod "kube-ovn-pinger-p │
│ nmrs": networkPlugin cni failed to set up pod "kube-ovn-pinger-pnmrs_kube-system" network: plugin type="kube-ovn" failed (add): RPC failed; request ip ret │
│ urn 500 configure nic eth0 for pod kube-ovn-pinger-pnmrs/kube-system failed: failed to open netns "/proc/385533/ns/net": failed to Statfs "/proc/385533/ns │
│ /net": permission denied

请教一下这个如何解决?
@dosubot dosubot bot added the bug Something isn't working label Feb 28, 2025
@dosubot DosuBot
Copy link

dosubot bot commented Feb 28, 2025

Hello, @wangdiwen! I'm here to help you with any bugs, questions, or contributions you have. Let's tackle this issue together!

I found a similar issue that was resolved. The solution involves ensuring compatibility between the Kubernetes and Kube-OVN versions and addressing the permissions issue by setting the necessary capabilities in your deployment. The kube-ovn-cni container requires specific permissions and capabilities to modify network interfaces. Ensure that the following capabilities are set:

securityContext:
  runAsUser: {{ include "kubeovn.runAsUser" . }}
  privileged: false
  capabilities:
    add:
      - NET_ADMIN
      - NET_BIND_SERVICE
      - NET_RAW
      - SYS_ADMIN
      - SYS_MODULE
      - SYS_NICE
      - SYS_PTRACE

Additionally, ensure that your Kubernetes nodes are labeled correctly with either node-role.kubernetes.io/control-plane or node-role.kubernetes.io/master. Upgrading to a newer version of Kube-OVN, such as v1.12.25, might also help resolve the issue [1].

To continue talking to Dosu, mention @dosu.

Help Dosu learn! Give it feedback: Great Response | Irrelevant Answer | Incorrect Sources | Too Verbose | Hallucination | Bug Report | Other

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wangdiwen