Forum Discussion
Piotr_Bratkows2
Nimbostratus
Mar 29, 2018Kubernetes integration stopped working
Hello,
I'm doing Kubernetes intergation. I had a working solution, but it stopped working. I'm out of ideas, maybe someone can help how to debug it.
In restjavad-audit.0.log I see something like this:
[I][130][29 Mar 2018 10:55:10 UTC][ForwarderPassThroughWorker] {"user":"local/admin","method":"POST","uri":"http://localhost:8100/mgmt/shared/authn/login","status":200,"from":"192.168.100.94"}
I used to see a lot of other entries here plus I've seen entries about creationg of pools, nodes in audit log.
When I create an Igress I see that one of the nodes is trying to communicate to F5:
13:01:11.718375 IP 192.168.100.94.56322 > 192.168.2.109.https: Flags [R.], seq 1686613753, ack 3495393884, win 851, options [nop,nop,TS val 0 ecr 5336149], length 0
13:01:11.718408 IP 192.168.2.109.https > 192.168.100.94.56322: Flags [.], ack 0, win 365, options [nop,nop,TS val 5361881 ecr 5739246], length 0
13:01:11.718836 IP 192.168.100.94.56322 > 192.168.2.109.https: Flags [R], seq 1686613753, win 0, length 0
13:01:11.718904 IP 192.168.100.94.56330 > 192.168.2.109.https: Flags [S], seq 1179852131, win 26720, options [mss 1336,sackOK,TS val 5764938 ecr 0,nop,wscale 7], length 0
13:01:11.718929 IP 192.168.2.109.https > 192.168.100.94.56330: Flags [S.], seq 307718409, ack 1179852132, win 14480, options [mss 1460,sackOK,TS val 5361882 ecr 5764938,nop,wscale 7], length 0
I'm using version 1.4.2 and pod looks just fine:
[root@kuberm ~] kubectl describe pods k8s-bigip-ctlr-deployment-f4b469d69-z9f5m -n kube-system
Name: k8s-bigip-ctlr-deployment-f4b469d69-z9f5m
Namespace: kube-system
Node: kubern2/192.168.100.94
Start Time: Thu, 29 Mar 2018 12:55:08 +0200
Labels: app=k8s-bigip-ctlr
pod-template-hash=906025825
Annotations:
Status: Running
IP: 10.32.0.5
Controlled By: ReplicaSet/k8s-bigip-ctlr-deployment-f4b469d69
Containers:
k8s-bigip-ctlr:
Container ID: docker://f8d33b328d4a3703fb6ea4b5e0bf23342fd1f714022ac172fdd7bae4ccdab220
Image: f5networks/k8s-bigip-ctlr:1.4.2
Image ID: docker-pullable://docker.io/f5networks/k8s-bigip-ctlr@sha256:bd0d7cb4ae54a92d5d3eec9c2e705665a8452e69423eb5ff091e23e669ed072c
Port:
Host Port:
Command:
/app/bin/k8s-bigip-ctlr
Args:
--bigip-username=$(BIGIP_USERNAME)
--bigip-password=$(BIGIP_PASSWORD)
--bigip-url=192.168.2.109
--bigip-partition=kubernetes
--use-secrets=true
--resolve-ingress-names=LOOKUP
State: Running
Started: Thu, 29 Mar 2018 12:55:10 +0200
Ready: True
Restart Count: 0
Environment:
BIGIP_USERNAME: Optional: false
BIGIP_PASSWORD: Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from bigip-ctlr-serviceaccount-token-qtlqc (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
bigip-ctlr-serviceaccount-token-qtlqc:
Type: Secret (a volume populated by a Secret)
SecretName: bigip-ctlr-serviceaccount-token-qtlqc
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 8m default-scheduler Successfully assigned k8s-bigip-ctlr-deployment-f4b469d69-z9f5m to kubern2
Normal SuccessfulMountVolume 8m kubelet, kubern2 MountVolume.SetUp succeeded for volume "bigip-ctlr-serviceaccount-token-qtlqc"
Normal Pulled 8m kubelet, kubern2 Container image "f5networks/k8s-bigip-ctlr:1.4.2" already present on machine
Normal Created 8m kubelet, kubern2 Created container
Normal Started 8m kubelet, kubern2 Started container
My Ingress looks like this:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress
namespace: kube-system
annotations:
virtual-server.f5.com/ip: "192.168.220.242"
virtual-server.f5.com/partition: "kubernetes"
kubernetes.io/ingress.class: "f5"
spec:
backend:
serviceName: nginx
servicePort: 80
I've also tried it on other box 13.1 no success, my box is in 12.1.3.1.
Do you have any idea how to debug it futher?
Regards, Piotr
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects