[BUG] /usr/share/openvswitch/scripts/ovs-ctl --protocol=udp --dport=6081 enable-protocol * cannot list iptables rules, not adding a rule for udp to port 6081 #5082
Labels
bug
Something isn't working
Comments
zbb88888
changed the title
|
details nobody@debian:/kube-ovn$ bash -x /usr/share/openvswitch/scripts/ovs-ctl --protocol=udp --dport=6081 enable-protocol
+ case $0 in
++ echo /usr/share/openvswitch/scripts/ovs-ctl
++ sed 's,/[^/]*$,,'
+ dir0=/usr/share/openvswitch/scripts
+ . /usr/share/openvswitch/scripts/ovs-lib
++ logdir=/var/log/openvswitch
++ rundir=/var/run/openvswitch
++ sysconfdir=/etc
++ etcdir=/etc/openvswitch
++ datadir=/usr/share/openvswitch
++ bindir=/usr/bin
++ sbindir=/usr/sbin
++ test X '!=' X
++ test X '!=' X
++ dbdir=/etc/openvswitch
++ VERSION=3.3.4
++ DAEMON_CWD=/
++ LC_ALL=C
++ export LC_ALL
++ test -e /etc/init.d/functions
++ test -e /etc/rc.d/init.d/functions
++ test -e /lib/lsb/init-functions
++ . /lib/lsb/init-functions
++++ run-parts --lsbsysinit --list /lib/lsb/init-functions.d
+++ for hook in $(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2> /dev/null)
+++ '[' -r /lib/lsb/init-functions.d/00-verbose ']'
+++ . /lib/lsb/init-functions.d/00-verbose
+++ for hook in $(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2> /dev/null)
+++ '[' -r /lib/lsb/init-functions.d/40-systemd ']'
+++ . /lib/lsb/init-functions.d/40-systemd
++++ _use_systemctl=0
++++ '[' -d /run/systemd/system ']'
++++ '[' 0 = 1 ']'
+++ for hook in $(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2> /dev/null)
+++ '[' -r /lib/lsb/init-functions.d/50-ubuntu-logging ']'
+++ . /lib/lsb/init-functions.d/50-ubuntu-logging
++++ LOG_DAEMON_MSG=
+++ FANCYTTY=
+++ '[' -e /etc/lsb-base-logging.sh ']'
+++ true
++ type log_success_msg
++ :
++ type log_failure_msg
++ :
++ type log_warning_msg
++ :
++ type action
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin
+ case :$PATH: in
+ set_defaults
+ SYSTEM_ID=
+ FULL_HOSTNAME=yes
+ RECORD_HOSTNAME=yes
+ DELETE_BRIDGES=no
+ DELETE_TRANSIENT_PORTS=no
+ DAEMON_CWD=/
+ FORCE_COREFILES=yes
+ DUMP_HUGEPAGES=no
+ MLOCKALL=yes
+ SELF_CONFINEMENT=yes
+ MONITOR=yes
+ OVS_USER=
+ OVSDB_SERVER=yes
+ OVS_VSWITCHD=yes
+ OVSDB_SERVER_PRIORITY=-10
+ OVS_VSWITCHD_PRIORITY=-10
+ OVSDB_SERVER_WRAPPER=
+ OVS_VSWITCHD_WRAPPER=
+ OVSDB_SERVER_OPTIONS=
+ OVS_VSWITCHD_OPTIONS=
+ OVSDB_SERVER_UMASK=
+ OVS_VSWITCHD_UMASK=
+ DB_FILE=/etc/openvswitch/conf.db
+ DB_SOCK=/var/run/openvswitch/db.sock
+ DB_SCHEMA=/usr/share/openvswitch/vswitch.ovsschema
+ EXTRA_DBS=
+ PROTOCOL=gre
+ DPORT=
+ SPORT=
+ IKE_DAEMON=
+ RESTART_IKE_DAEMON=yes
+ type_file=/etc/openvswitch/system-type.conf
+ version_file=/etc/openvswitch/system-version.conf
+ test -e /etc/openvswitch/system-type.conf
+ test -e /etc/os-release
++ . /etc/os-release
+++ PRETTY_NAME='Ubuntu 24.04.1 LTS'
+++ NAME=Ubuntu
+++ VERSION_ID=24.04
+++ VERSION='24.04.1 LTS (Noble Numbat)'
+++ VERSION_CODENAME=noble
+++ ID=ubuntu
+++ ID_LIKE=debian
+++ HOME_URL=https://www.ubuntu.com/
+++ SUPPORT_URL=https://help.ubuntu.com/
+++ BUG_REPORT_URL=https://bugs.launchpad.net/ubuntu/
+++ PRIVACY_POLICY_URL=https://www.ubuntu.com/legal/terms-and-policies/privacy-policy
+++ UBUNTU_CODENAME=noble
+++ LOGO=ubuntu-logo
++ echo ubuntu
+ SYSTEM_TYPE=ubuntu
++ . /etc/os-release
+++ PRETTY_NAME='Ubuntu 24.04.1 LTS'
+++ NAME=Ubuntu
+++ VERSION_ID=24.04
+++ VERSION='24.04.1 LTS (Noble Numbat)'
+++ VERSION_CODENAME=noble
+++ ID=ubuntu
+++ ID_LIKE=debian
+++ HOME_URL=https://www.ubuntu.com/
+++ SUPPORT_URL=https://help.ubuntu.com/
+++ BUG_REPORT_URL=https://bugs.launchpad.net/ubuntu/
+++ PRIVACY_POLICY_URL=https://www.ubuntu.com/legal/terms-and-policies/privacy-policy
+++ UBUNTU_CODENAME=noble
+++ LOGO=ubuntu-logo
++ echo 24.04
+ SYSTEM_VERSION=24.04
+ extra_ids=
+ command=
+ for arg in "$@"
+ case $arg in
++ expr X--protocol=udp : 'X--\([^=]*\)'
+ option=protocol
++ expr X--protocol=udp : 'X[^=]*=\(.*\)'
+ value=udp
+ type=string
+ set_option
++ echo protocol
++ tr abcdefghijklmnopqrstuvwxyz- ABCDEFGHIJKLMNOPQRSTUVWXYZ_
+ var=PROTOCOL
+ eval 'set=${PROTOCOL+yes}'
++ set=yes
+ eval 'old_value=$PROTOCOL'
++ old_value=gre
+ test Xyes = X
+ test string = bool
+ eval 'PROTOCOL=$value'
++ PROTOCOL=udp
+ for arg in "$@"
+ case $arg in
++ expr X--dport=6081 : 'X--\([^=]*\)'
+ option=dport
++ expr X--dport=6081 : 'X[^=]*=\(.*\)'
+ value=6081
+ type=string
+ set_option
++ echo dport
++ tr abcdefghijklmnopqrstuvwxyz- ABCDEFGHIJKLMNOPQRSTUVWXYZ_
+ var=DPORT
+ eval 'set=${DPORT+yes}'
++ set=yes
+ eval 'old_value=$DPORT'
++ old_value=
+ test Xyes = X
+ test string = bool
+ eval 'DPORT=$value'
++ DPORT=6081
+ for arg in "$@"
+ case $arg in
+ test X = X
+ command=enable-protocol
+ case $command in
+ enable_protocol
++ grep '^udp[ ]' /etc/protocols
++ awk '{print $2}'
+ protonum=17
+ expr X17 : 'X[0-9]\{1,\}$'
+ :
+ name=udp
+ match='($2 == "udp" || $2 == 17)'
+ insert='iptables -I INPUT -p udp'
+ test X6081 '!=' X
+ name='udp to port 6081'
+ match='($2 == "udp" || $2 == 17) && /dpt:6081/'
+ insert='iptables -I INPUT -p udp --dport 6081'
+ test X '!=' X
+ insert='iptables -I INPUT -p udp --dport 6081 -j ACCEPT'
+ action 'cannot list iptables rules, not adding a rule for udp to port 6081'
+ STRING='cannot list iptables rules, not adding a rule for udp to port 6081'
+ shift
+ rc=0
+ test 0 = 0
+ log_success_msg 'cannot list iptables rules, not adding a rule for udp to port 6081'
+ echo ' * cannot list iptables rules, not adding a rule for udp to port 6081'
* cannot list iptables rules, not adding a rule for udp to port 6081
+ return 0
nobody@debian:/kube-ovn$
|
|
默认部署也ping不通默认子网网关,不知道是不是什么兼容性问题 root@debian:~
▶ kgp
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-77c864cb57-cqlw9 0/1 ContainerCreating 0 3m1s <none> debian <none> <none>
kube-system coredns-77c864cb57-qhxpp 0/1 ContainerCreating 0 3m1s <none> debian <none> <none>
kube-system kube-apiserver-debian 1/1 Running 0 3m16s 192.168.0.105 debian <none> <none>
kube-system kube-controller-manager-debian 1/1 Running 0 3m16s 192.168.0.105 debian <none> <none>
kube-system kube-ovn-cni-spg8w 0/1 Running 3 (6s ago) 2m33s 192.168.0.105 debian <none> <none>
kube-system kube-ovn-controller-849978f465-rjftz 0/1 Running 0 2m33s 192.168.0.105 debian <none> <none>
kube-system kube-ovn-monitor-55b9fc7d44-j542w 0/1 Running 3 (6s ago) 2m33s 192.168.0.105 debian <none> <none>
kube-system kube-ovn-pinger-vwphh 0/1 Init:0/1 0 2m30s <none> debian <none> <none>
kube-system kube-proxy-xk749 1/1 Running 0 3m2s 192.168.0.105 debian <none> <none>
kube-system kube-scheduler-debian 1/1 Running 0 3m17s 192.168.0.105 debian <none> <none>
kube-system nodelocaldns-44xhv 1/1 Running 0 3m2s 192.168.0.105 debian <none> <none>
kube-system ovn-central-85cb445c7c-62xtq 1/1 Running 0 2m49s 192.168.0.105 debian <none> <none>
kube-system ovs-ovn-pjrpg 1/1 Running 0 2m48s 192.168.0.105 debian <none> <none>
(v.v)
root@debian:~
▶ cd kube-ovn
(v.v)
root@debian:~/kube-ovn master ✔ 3h45m
▶ git diff
(v.v)
root@debian:~/kube-ovn master ✔ 3h45m
▶ git status
On branch master
Your branch is up to date with 'origin/master'.
nothing to commit, working tree clean
(v.v)
root@debian:~/kube-ovn master ✔ 3h45m
▶ git remote -v
origin [email protected]:kubeovn/kube-ovn.git (fetch)
origin [email protected]:kubeovn/kube-ovn.git (push)
(v.v)
root@debian:~/kube-ovn master ✔ 3h45m
▶ k logs -f -n kube-system kube-ovn-cni-spg8w
Defaulted container "cni-server" out of: cni-server, hostpath-init (init), install-cni (init)
ovsdb-server is running with pid 8978
ovs-vswitchd is running with pid 9040
iptables v1.8.10 (legacy)
I0315 11:48:45.153030 34844 cniserver.go:33]
-------------------------------------------------------------------------------
Kube-OVN:
Version: v1.14.0
Build: 2025-01-17_09:27:58
Commit: git-6b9c900
Go Version: go1.23.5
Arch: amd64
-------------------------------------------------------------------------------
I0315 11:48:45.153171 34844 init.go:17] current capabilities: cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_admin,cap_net_raw,cap_sys_chroot,cap_sys_ptrace,cap_sys_admin,cap_sys_nice,cap_mknod,cap_audit_write,cap_setfcap=ep
I0315 11:48:45.155491 34844 config.go:185] node name not specified in command line parameters, fall back to the environment variable
I0315 11:48:45.155498 34844 config.go:364] no --kubeconfig, use in-cluster kubernetes config
I0315 11:48:45.157238 34844 k8s.go:48] succeeded to dial host "https://10.96.0.1:443"
I0315 11:48:45.165977 34844 config.go:205] daemon config: &{false /etc/cni/net.d /kube-ovn/01-kube-ovn.conflist 01-kube-ovn.conflist wlo1 br-phy 1400 1360 false mirror0 /run/openvswitch/kube-ovn-daemon.sock /run/openvswitch/db.sock 0xc000504e00 0xc00031c7c0 debian 10.96.0.0/12 ovn-cluster join true false false 10665 false geneve provider kube-system external true false true /var/lib/kubelet false 8100 8101 false 100 false}
I0315 11:48:45.168695 34844 ovs.go:138] nic mirror0 exist, configure it
I0315 11:48:45.175328 34844 cniserver.go:63] init node gw
I0315 11:48:45.181327 34844 ovs_linux.go:674] wait ovn0 gw ready
W0315 11:48:48.181878 34844 ovs.go:35] 100.64.0.2 network not ready after 3 ping to gateway 100.64.0.1
W0315 11:48:51.182310 34844 ovs.go:35] 100.64.0.2 network not ready after 6 ping to gateway 100.64.0.1
W0315 11:48:54.182363 34844 ovs.go:35] 100.64.0.2 network not ready after 9 ping to gateway 100.64.0.1
W0315 11:48:57.182559 34844 ovs.go:35] 100.64.0.2 network not ready after 12 ping to gateway 100.64.0.1
W0315 11:49:00.181976 34844 ovs.go:35] 100.64.0.2 network not ready after 15 ping to gateway 100.64.0.1
W0315 11:49:03.181669 34844 ovs.go:35] 100.64.0.2 network not ready after 18 ping to gateway 100.64.0.1
W0315 11:49:06.182079 34844 ovs.go:35] 100.64.0.2 network not ready after 21 ping to gateway 100.64.0.1
W0315 11:49:09.182753 34844 ovs.go:35] 100.64.0.2 network not ready after 24 ping to gateway 100.64.0.1
W0315 11:49:12.182292 34844 ovs.go:35] 100.64.0.2 network not ready after 27 ping to gateway 100.64.0.1
W0315 11:49:15.182113 34844 ovs.go:35] 100.64.0.2 network not ready after 30 ping to gateway 100.64.0.1
W0315 11:49:18.182633 34844 ovs.go:35] 100.64.0.2 network not ready after 33 ping to gateway 100.64.0.1
W0315 11:49:21.182269 34844 ovs.go:35] 100.64.0.2 network not ready after 36 ping to gateway 100.64.0.1
W0315 11:49:24.182050 34844 ovs.go:35] 100.64.0.2 network not ready after 39 ping to gateway 100.64.0.1
W0315 11:49:27.182487 34844 ovs.go:35] 100.64.0.2 network not ready after 42 ping to gateway 100.64.0.1
^C
(v.v)
root@debian:~/kube-ovn master ✔ 3h45m ⍉
▶ k logs -f -n kube-system ovs-ovn-pjrpg
Defaulted container "openvswitch" out of: openvswitch, hostpath-init (init)
OVN_REMOTE_PROBE_INTERVAL is set to 10000
OVN_REMOTE_OPENFLOW_INTERVAL is set to 180
iptables v1.8.10 (legacy)
* ovsdb-server is not running
* Starting ovsdb-server
* Configuring Open vSwitch system IDs
* Enabling remote OVSDB managers
* ovs-vswitchd is not running
* Starting ovs-vswitchd
* Enabling remote OVSDB managers
* cannot list iptables rules, not adding a rule for udp to port 6081
* ovn-controller is not running
* Starting ovn-controller
2025-03-15T03:39:00.514Z|00001|statctrl(ovn_statctrl2)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting to switch
2025-03-15T03:39:00.514Z|00002|rconn(ovn_statctrl2)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting...
2025-03-15T03:39:00.514Z|00003|rconn(ovn_statctrl2)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:39:00.514Z|00003|rconn(ovn_pinctrl0)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:39:10.528Z|00022|memory|INFO|14676 kB peak resident set size after 10.1 seconds
2025-03-15T03:39:10.528Z|00023|memory|INFO|idl-cells-OVN_Southbound:3709 idl-cells-Open_vSwitch:396 lflow-cache-entries-cache-expr:56 lflow-cache-entries-cache-matches:216 lflow-cache-size-KB:207 local_datapath_usage-KB:1 ofctrl_desired_flow_usage-KB:137 ofctrl_installed_flow_usage-KB:101 ofctrl_sb_flow_ref_usage-KB:58
2025-03-15T03:46:04.004Z|00001|vlog|INFO|opened log file /var/log/ovn/ovn-controller.log
2025-03-15T03:46:04.007Z|00002|main|INFO|kernel version is 6.1.0-31-amd64
2025-03-15T03:46:04.007Z|00003|main|INFO|lflow_kube_ovn_skip_ct is supported
2025-03-15T03:46:04.007Z|00002|vlog(monitor)|INFO|closing log file
2025-03-15T03:46:04.014Z|00004|reconnect|INFO|unix:/var/run/openvswitch/db.sock: connecting...
2025-03-15T03:46:04.014Z|00005|reconnect|INFO|unix:/var/run/openvswitch/db.sock: connected
2025-03-15T03:46:04.018Z|00006|main|INFO|OVN internal version is : [24.03.5-20.33.0-75.6]
2025-03-15T03:46:04.018Z|00007|main|INFO|OVS IDL reconnected, force recompute.
2025-03-15T03:46:04.018Z|00008|reconnect|INFO|tcp:[192.168.0.105]:6642: connecting...
2025-03-15T03:46:04.018Z|00009|main|INFO|OVNSB IDL reconnected, force recompute.
2025-03-15T03:46:04.018Z|00010|reconnect|INFO|tcp:[192.168.0.105]:6642: connected
2025-03-15T03:46:04.020Z|00011|features|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting to switch
2025-03-15T03:46:04.020Z|00012|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting...
2025-03-15T03:46:04.021Z|00013|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:46:04.021Z|00014|features|INFO|OVS Feature: ct_zero_snat, state: supported
2025-03-15T03:46:04.021Z|00015|features|INFO|OVS Feature: ct_flush, state: supported
2025-03-15T03:46:04.021Z|00016|main|INFO|OVS feature set changed, force recompute.
2025-03-15T03:46:04.021Z|00017|ofctrl|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting to switch
2025-03-15T03:46:04.021Z|00018|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting...
2025-03-15T03:46:04.023Z|00019|main|INFO|OVS feature set changed, force recompute.
2025-03-15T03:46:04.061Z|00020|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:46:04.061Z|00021|main|INFO|OVS OpenFlow connection reconnected,force recompute.
2025-03-15T03:46:04.061Z|00001|pinctrl(ovn_pinctrl1)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting to switch
2025-03-15T03:46:04.061Z|00002|rconn(ovn_pinctrl1)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting...
2025-03-15T03:46:04.061Z|00001|statctrl(ovn_statctrl0)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting to switch
2025-03-15T03:46:04.061Z|00002|rconn(ovn_statctrl0)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connecting...
2025-03-15T03:46:04.062Z|00003|rconn(ovn_pinctrl1)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:46:04.062Z|00003|rconn(ovn_statctrl0)|INFO|unix:/var/run/openvswitch/br-int.mgmt: connected
2025-03-15T03:46:14.073Z|00022|memory|INFO|14564 kB peak resident set size after 10.1 seconds
2025-03-15T03:46:14.073Z|00023|memory|INFO|idl-cells-OVN_Southbound:3709 idl-cells-Open_vSwitch:396 lflow-cache-entries-cache-expr:56 lflow-cache-entries-cache-matches:216 lflow-cache-size-KB:207 local_datapath_usage-KB:1 ofctrl_desired_flow_usage-KB:137 ofctrl_installed_flow_usage-KB:101 ofctrl_sb_flow_ref_usage-KB:58
2025-03-15T03:46:53.529Z|00024|memory_trim|INFO|Detected inactivity (last active 30008 ms ago): trimming memory
^C
(v.v)
root@debian:~/kube-ovn master ✔
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kube-OVN Version
master
Kubernetes Version
Operation-system/Kernel Version
▶ uname -a
Linux debian 6.1.0-31-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.128-1 (2025-02-07) x86_64 GNU/Linux
Description
Steps To Reproduce
Current Behavior
tunnel not setup
Expected Behavior
tunnel should setup
The text was updated successfully, but these errors were encountered: