k8s cluster ping 10.96.0.1 no route
ping不通svc地址,但是地址可以解析,ping 10.96.0.1果然也不通,ping其他pod地址是正常通的,可能是路由规则的问题也就是iptables规则或ipvs规则的问题
检查后发现没有指定ipvs模块,默认是iptables规则,但是kube-proxy执行iptables失败导致的解决如下
#kubectl edit cm kube-proxy -n kube-system
...
kind: KubeProxyConfiguration
metricsBindAddress: ""
mode: "ipvs"
...
#重启kube-proxy
kubectl get pod -n kube-system | grep kube-proxy |awk '{system("kubectl delete pod "$1" -n kube-system")}'
#kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 56d
nginx ClusterIP 10.102.219.108 <none> 80/TCP 19d
nginx-web NodePort 10.96.15.41 <none> 80:30990/TCP 55d
svc-hpa NodePort 10.104.2.4 <none> 80:31983/TCP 19d
#ping 10.96.15.41
PING 10.96.15.41 (10.96.15.41) 56(84) bytes of data.
64 bytes from 10.96.15.41: icmp_seq=1 ttl=64 time=0.061 ms
^C
--- 10.96.15.41 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.061/0.061/0.061/0.000 ms
[root@master1 ~]#ping 10.96.0.1
PING 10.96.0.1 (10.96.0.1) 56(84) bytes of data.
64 bytes from 10.96.0.1: icmp_seq=1 ttl=64 time=0.080 ms
64 bytes from 10.96.0.1: icmp_seq=2 ttl=64 time=0.079 ms
