Piotr_Bratkows2
Nimbostratus
NimbostratusKubernetes integration stopped working
Hello,
I'm doing Kubernetes intergation. I had a working solution, but it stopped working. I'm out of ideas, maybe someone can help how to debug it.
In restjavad-audit.0.log I see something like this:
[I][130][29 Mar 2018 10:55:10 UTC][ForwarderPassThroughWorker] {"user":"local/admin","method":"POST","uri":"http://localhost:8100/mgmt/shared/authn/login","status":200,"from":"192.168.100.94"}
I used to see a lot of other entries here plus I've seen entries about creationg of pools, nodes in audit log.
When I create an Igress I see that one of the nodes is trying to communicate to F5:
13:01:11.718375 IP 192.168.100.94.56322 > 192.168.2.109.https: Flags [R.], seq 1686613753, ack 3495393884, win 851, options [nop,nop,TS val 0 ecr 5336149], length 0
13:01:11.718408 IP 192.168.2.109.https > 192.168.100.94.56322: Flags [.], ack 0, win 365, options [nop,nop,TS val 5361881 ecr 5739246], length 0
13:01:11.718836 IP 192.168.100.94.56322 > 192.168.2.109.https: Flags [R], seq 1686613753, win 0, length 0
13:01:11.718904 IP 192.168.100.94.56330 > 192.168.2.109.https: Flags [S], seq 1179852131, win 26720, options [mss 1336,sackOK,TS val 5764938 ecr 0,nop,wscale 7], length 0
13:01:11.718929 IP 192.168.2.109.https > 192.168.100.94.56330: Flags [S.], seq 307718409, ack 1179852132, win 14480, options [mss 1460,sackOK,TS val 5361882 ecr 5764938,nop,wscale 7], length 0
I'm using version 1.4.2 and pod looks just fine:
[root@kuberm ~] kubectl describe pods k8s-bigip-ctlr-deployment-f4b469d69-z9f5m -n kube-system
Name: k8s-bigip-ctlr-deployment-f4b469d69-z9f5m
Namespace: kube-system
Node: kubern2/192.168.100.94
Start Time: Thu, 29 Mar 2018 12:55:08 +0200
Labels: app=k8s-bigip-ctlr
pod-template-hash=906025825
Annotations:
Status: Running
IP: 10.32.0.5
Controlled By: ReplicaSet/k8s-bigip-ctlr-deployment-f4b469d69
Containers:
k8s-bigip-ctlr:
Container ID: docker://f8d33b328d4a3703fb6ea4b5e0bf23342fd1f714022ac172fdd7bae4ccdab220
Image: f5networks/k8s-bigip-ctlr:1.4.2
Image ID: docker-pullable://docker.io/f5networks/k8s-bigip-ctlr@sha256:bd0d7cb4ae54a92d5d3eec9c2e705665a8452e69423eb5ff091e23e669ed072c
Port:
Host Port:
Command:
/app/bin/k8s-bigip-ctlr
Args:
--bigip-username=$(BIGIP_USERNAME)
--bigip-password=$(BIGIP_PASSWORD)
--bigip-url=192.168.2.109
--bigip-partition=kubernetes
--use-secrets=true
--resolve-ingress-names=LOOKUP
State: Running
Started: Thu, 29 Mar 2018 12:55:10 +0200
Ready: True
Restart Count: 0
Environment:
BIGIP_USERNAME: Optional: false
BIGIP_PASSWORD: Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from bigip-ctlr-serviceaccount-token-qtlqc (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
bigip-ctlr-serviceaccount-token-qtlqc:
Type: Secret (a volume populated by a Secret)
SecretName: bigip-ctlr-serviceaccount-token-qtlqc
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 8m default-scheduler Successfully assigned k8s-bigip-ctlr-deployment-f4b469d69-z9f5m to kubern2
Normal SuccessfulMountVolume 8m kubelet, kubern2 MountVolume.SetUp succeeded for volume "bigip-ctlr-serviceaccount-token-qtlqc"
Normal Pulled 8m kubelet, kubern2 Container image "f5networks/k8s-bigip-ctlr:1.4.2" already present on machine
Normal Created 8m kubelet, kubern2 Created container
Normal Started 8m kubelet, kubern2 Started container
My Ingress looks like this:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress
namespace: kube-system
annotations:
virtual-server.f5.com/ip: "192.168.220.242"
virtual-server.f5.com/partition: "kubernetes"
kubernetes.io/ingress.class: "f5"
spec:
backend:
serviceName: nginx
servicePort: 80
I've also tried it on other box 13.1 no success, my box is in 12.1.3.1.
Do you have any idea how to debug it futher?Regards, Piotr