Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

init container not running completely. #9

Open
faisalbasha19 opened this issue Nov 30, 2022 · 4 comments
Open

init container not running completely. #9

faisalbasha19 opened this issue Nov 30, 2022 · 4 comments

Comments

@faisalbasha19
Copy link

Details

What steps did you take and what happened:

I cloned the repo https://github.com/k8s-at-home/charts/tree/master/charts/stable/pod-gateway which is basically
the helm chart to deploy pod-gateway. This chart refers to the image created via this git source code. The pods seem
to be in a running state, so I don''t have a problem with the chart. But when I create a test pod under the namespace vpn the
gateway admission controller receives a request that invokes the webhook server present within this pod and injects an init container
which executes the client_init.sh script but this container gets shutdown or terminated halfway as it doesn't get the K8S_GW_IP.

Please see screenshots below:

vpninit01

vpnpodgateways

The logs of the testpod within the vpn namespace:

testpod-vpnns

What did you expect to happen:
Expected the testpod to run and route traffic via the pod gateway.

Anything else you would like to add:

Additional Information:
@angelnu
Copy link
Owner

angelnu commented Nov 30, 2022
edited
Loading

Please try the helm chart at https://github.com/angelnu/helm-charts as the charts at k8s-at-home are not longer maintained.

This problem might be solved by #2 So you need https://github.com/angelnu/pod-gateway/releases/tag/v1.8.1

@faisalbasha19
Copy link
Author

Hi,

I deployed the helm chart from https://github.com/angelnu/helm-charts, as well I took the https://github.com/angelnu/pod-gateway/releases/tag/v1.8.1 and deployed the pods. I created a pod in the vpn namespace the admission gateway controller successfully ran the client_init.sh scripts and others as well. I have enabled the vpn and also supplied the certs/conf within the pod-gateway. But I am still not able to ping 192.168.10.221 which is a destination that I need to reach via the openvpn.

Here is the screenshot of the config that I have supplied:

terminalappvpnnamespace-iproute

what am I doing wrong here ?

@angelnu
Copy link
Owner

angelnu commented Jan 22, 2023

@faisalbasha19 - this will need debugging step by step:

  • please post the logs from both the pod-gateway and and client pod with the latest helm chart and latest pod-gateway containers. As you have the vxlan device on in your last log then I assume the init error from before is gone.
  • can you ping 172.16.0.1 from the client pod (so the vxlan is working)

As the 192.168.0.0/16 range is routed through eth0 and not the vxlan then the problem is not the tunnel or the gateway but likely the network policy. Did you define a networkpolicy similar to https://github.com/angelnu/k8s-gitops/blob/main/core/vpn/networkPolicy.yaml ? In my case I do not allow any traffic to leave the namespace except that going to other cluster namespaces.

@dberardo-com
Copy link

can you ping 172.16.0.1 from the client pod (so the vxlan is working)

i am facing similar issue, the default route through the vxlan0 does not start up in the init container: #18

@faisalbasha19 have you checked this out ? might help: https://docs.k8s-at-home.com/guides/pod-gateway/#routed-pod-fails-to-init

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@angelnu @dberardo-com @faisalbasha19