3

I am running Calico CNI v3.19.1 on Kubernetes version v1.19.13. using CentOS Steam 8 and RHEL 8 OS for this cluster with 3 master and 3 nodes.

when calico-kube-controller starts on the worker node. Its failing with [FATAL][1] main.go 118: Failed to initialize Calico data store error message.

I used below setting while deploying calico

    # Auto-detect the BGP IP address.
    - name: IP
      value: "autodetect"
    - name: IP_AUTODETECTION_METHOD
      value: "interface=en.*"
    - name: FELIX_IPTABLESBACKEND
      value: "NFT"

Error message during pod startup:

 klf calico-kube-controllers-5978c5f6b5-bxbmw
2021-07-26 15:24:21.353 [INFO][1] main.go 92: Loaded configuration from environment config=&config.Config{LogLevel:"info", WorkloadEndpointWorkers:1, ProfileWorkers:1, PolicyWorkers:1, NodeWorkers:1, Kubeconfig:"", DatastoreType:"kubernetes"}
W0726 15:24:21.356093       1 client_config.go:615] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
2021-07-26 15:24:21.357 [INFO][1] main.go 113: Ensuring Calico datastore is initialized
2021-07-26 15:24:31.357 [ERROR][1] client.go 261: Error getting cluster information config ClusterInformation="default" error=Get "https://10.96.0.1:443/apis/crd.projectcalico.org/v1/clusterinformations/default": context deadline exceeded
2021-07-26 15:24:31.357 [FATAL][1] main.go 118: Failed to initialize Calico datastore error=Get "https://10.96.0.1:443/apis/crd.projectcalico.org/v1/clusterinformations/default": context deadline exceeded

Any tips to resolve this error message?

Thanks SR

Nestor Daniel Ortega Perez
  • 1,046
  • 3
  • 10
sfgroups
  • 18,151
  • 28
  • 132
  • 204
  • I can see you've posted this in [calico github issue](https://github.com/projectcalico/calico/issues/2818#issuecomment-886818400). Also similar error was observer in [this post on serverfault](https://serverfault.com/questions/976233/context-deadline-exceeded-preventing-pods-from-being-created-in-aks). – moonkotte Jul 27 '21 at 13:52
  • Also is your cluster set up using `kubeadm`? Is it in cloud or bare metal? What cloud/hypervisor is used? – moonkotte Jul 27 '21 at 14:23
  • @moonkotte Its on-prem, Vmware Vms. I have two other cluster running find with similar setup. yes setup with `kubeadm` command – sfgroups Jul 27 '21 at 14:29
  • Thank you. I assume you have seen everything related to this issue. [Potentially v1.20 can fixed it](https://github.com/projectcalico/calico/issues/2818#issuecomment-729247122) OR [firewalld related](https://github.com/projectcalico/calico/issues/2818#issuecomment-768800213). Otherwise it's a bug which should be fixed by `calico`. – moonkotte Jul 29 '21 at 09:13
  • I had to make sure the controller was deployed on the controller to fix this issue – Orion Nov 01 '21 at 09:20

1 Answers1

1

Try this on you master node, this is work for me.

  $ sudo iptables -P INPUT ACCEPT
  $ sudo iptables -P FORWARD ACCEPT
  $ sudo iptables -P FORWARD ACCEPT
  $ sudo iptables -F
Sagar Patil
  • 21
  • 3
  • Yep, firewall issue in Ubuntu for me. Just a lab, so I killed the FW on all my K8s VMs: `systemctl disable ufw && systemctl stop ufw` – SamAndrew81 Mar 08 '23 at 19:18