adamant-kite-4373411/03/2022, 3:22 PM
bland-account-9979011/03/2022, 5:44 PM
This is something I have never experienced. Maybe it rings a bell to you @creamy-pencil-82913?
Another Problem is that randomly some nodes rapidly consume a lot of RAM and freeze. Only a reboot can fix that. Happens with with master and worker nodes. Could that be a side effect of forwarding traffic inside the cluster? Is that a known issue and is there a solution to fix that?
creamy-pencil-8291311/03/2022, 5:54 PM
able-traffic-8598611/03/2022, 6:17 PM
yes, there is an application running in a pod and there is a related service what is exposed via traefik ingress to make the application public available. The application should able to see the real client IP and not one of the internal cluster IPs.
If I understand correctly, you have an app running inside a pod. The app's service is being exposed using a kubernetes service and you are trying to access that service from a client sitting outside of the cluster.. You would like the IP of the client to be preserved, i.e. have the original source IP in the packets that end up in the pod, right?
the service of the pod is exposed via ingress and the ingress controller is traefik, the load balancer is klipperLB (everything is k3s default except the datastore)
1 - Are you connecting to the service directly or via ingress? If ingress, are you using traefik?
traefik is using the external IPs with type LoadBalancer
2 - Are you using the external-ip to connect to the ingress service or the app's service?
No, swap is disabled.,
I'm not sure because the node was freezed but i could see that the oom killer cleaned a lot of mandatory services. Since I installed some tools like atop for more details it didn't freeze again but i will let you now when I have more specifics about that
what is consuming a bunch of ram - which process specifically? Why does it freeze when the RAM is consumed, are you running with swap enabled? While that is possible, it is not recommended and my first suggestion would be to turn that off.
creamy-pencil-8291311/03/2022, 6:26 PM
yes, there is an application running in a pod and there is a related service what is exposed via traefik ingress to make the application public available. The application should able to see the real client IP and not one of the internal cluster IPs.That’s not going to happen for a multitude of reasons. You should read https://kubernetes.io/docs/tutorials/services/source-ip/ and decide what approach you are going to take to solve the problem.