-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The firewall affects pods from accessing other node services #1834
Comments
Did you configure the firewall properly to work with flannel? flannel/Documentation/troubleshooting.md Line 62 in 223db64
|
I turned off the firewall and just started flannel working normally. |
A change in the firewall state causes the iptables rule to change, but Flannel doesn't do anything about it |
flannel only creates or deletes iptables rules on specific events like the creation/deletion of a pod or when a node is added to the cluster. |
Thanks, if I want to rewrite the iptables rule when I restart the firewall, any suggestions? or does flannel provide a refresh interface? |
the only solution I see is that you add your own rules in way that does not interfere with flannel's. |
Steps to Reproduce (for bugs)
1.turned off the firewall.
2.then deployed kubernetes and flannel.
3.start the firewall and then turn it off.
4.Pods cannot access other nodes' networks
Expected Behavior
Pods can access pods of other nodes,When the firewall changes
Current Behavior
Pods cannot access other nodes' networks, When the firewall changes
I'm guessing that iptables changed after the firewall was turned off, but flannel didn't refresh the iptables rule
flannel version is 0.13.1-rc2
The text was updated successfully, but these errors were encountered: