Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
m
microscopic-memory-76904
04/26/2023, 2:32 AMHi All! I'm running into an issue with servicelb. The pods are not coming up and when I look at the logs, I'm getting the following error:
2023-04-25T19:12:18.599777283-07:00 + grep -Eq :
2023-04-25T19:12:18.601544851-07:00 + iptables -t filter -I FORWARD -s 0.0.0.0/0 -p TCP --dport 8686 -j ACCEPT
iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
2023-04-25T19:12:18.614809084-07:00 Perhaps iptables or your kernel needs to be upgraded.c
creamy-pencil-82913
04/26/2023, 3:09 AMcan you post the full pod log? Also, confirm that you have appropriate iptables or nftables modules loaded…
r
rough-farmer-49135
04/26/2023, 2:06 PMI recall something similar where I needed a package install and another where it wouldn't load by default when it should've but an explicit
modprobe iptable_filterI checked, on a RHEL 8 the module I was missing was
iptable_natm
microscopic-memory-76904
04/27/2023, 3:53 PMSorry I've taken a bit to get back. One thing I have discovered is when I force Klippper-lb 0.4.3, it works. I noticed in the release notes of 0.4.3 that it supports legacy. This gives me a different problem though, when I modify the daemonset configuration yaml and change the image from Klipper-lb 0.4.0 to 0.4.3, the config reverts back to 0.4.0 in seconds. Is this something Rancher is enforcing?
c
creamy-pencil-82913
04/27/2023, 4:51 PMYes, the daemonset is managed by the ServiceLB controller. Can you post the pod logs? It appears to be misdetecting nftables and I'm curious why.
m
microscopic-memory-76904
04/27/2023, 5:49 PM@creamy-pencil-82913 I'm sorry I didn't get those for you. What I posted was all the log information I was getting from the pod in the UI of Rancher. This morning, I ended up needing to reboot my cluster, I'm running 5 raspbery pi 4s. One dedicate for rancher and the other 4 running k3s. After rebooting, Klipper-lb 0.4.0 came up fine. Maybe the upgrade didn't fully take till rebooting?
c
creamy-pencil-82913
04/27/2023, 6:01 PMah yeah, it guess is possible that the controller was scheduling newer svclb pods onto nodes that hadn’t been upgraded yet?
m
microscopic-memory-76904
04/27/2023, 6:10 PMYes, I would agree that was what had happned. Because there were even still remaining klipper-lp nodes that were 0.3.5 that hadn't died off yet at the time.