Kubernetes API server is not accessible on Nested deployment

Bug #1792488 reported by Maysa de Macedo Souza on 2018-09-14
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kuryr-kubernetes
Undecided
Maysa de Macedo Souza

Bug Description

In the DevStack installation, no rules were created to allow traffic to reach the LBaaS, resulting in the following error:

/opt/stack/kuryr-kubernetes/devstack/plugin.sh:run_kuryr_kubernetes:723 : wait_for 'Kubernetes API Server' https://10.0.0.129:443 /opt/stack/data/hyperkube/kuryr-ca.crt 1200
/opt/stack/kuryr-kubernetes/devstack/plugin.sh:wait_for:548 : die 'Timed out waiting for Kubernetes API Server'

description: updated
Changed in kuryr-kubernetes:
assignee: nobody → Maysa de Macedo Souza (maysa)
description: updated

Fix proposed to branch: master
Review: https://review.openstack.org/609904

Changed in kuryr-kubernetes:
status: New → In Progress

Reviewed: https://review.openstack.org/609904
Committed: https://git.openstack.org/cgit/openstack/kuryr-kubernetes/commit/?id=593e5a06b3293759e105441162aa9e4a4ac6b25a
Submitter: Zuul
Branch: master

commit 593e5a06b3293759e105441162aa9e4a4ac6b25a
Author: maysa macedo <email address hidden>
Date: Thu Oct 11 23:21:32 2018 -0300

    Fix k8s API server access on Nested deployment

    The current LBaaS is not reachable at port 443 and the k8s API server
    is not reachable at port 6443 by the VIP of the LBaaS.

    This commit fixes the issue by creating a security group rule to allow
    tcp traffic to reach the LBaaS and adding a security group allowing
    tcp traffic from the service subnet to the port used by the overcloud VM.

    Change-Id: I7ec087ad86f4491ed1678cdba13e3c19edb1568c
    Closes-Bug: #1792488

Changed in kuryr-kubernetes:
status: In Progress → Fix Released

This issue was fixed in the openstack/kuryr-kubernetes 0.6.0 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers