** Description changed: IMO this is not related to Kubernetes so I filed the bug here. **What happened**: Processes in container can't connect to `kubernetes.default` service. **What you expected to happen**: It should be able to connect. **How to reproduce it (as minimally and precisely as possible)**: ```bash host# tc qdisc add dev eth0 root fq host# nsenter -n -t $(pidof some-process-in-container) container-net-ns# nc -vv 10.97.0.1 443 # Could not connect ``` **Anything else we need to know?**: ```bash host# tc qdisc add dev eth0 root noqueue # this works host# tc qdisc add dev eth0 root fq_codel # this works too ``` - - kube-proxy works in IPVS mode + - When the bug condition is met, packets won't be sent on wire. + - kube-proxy works in IPVS mode. - The reason to tinker with qdisc is to enable TCP BBR, which requires fq qdisc. - fq qdisc works in `Linux node1 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu 18.04)` **Environment**: - Cloud provider or hardware configuration: `NIC: Intel X520-DA1 (82599)` - OS (e.g: `cat /etc/os-release`): `Ubuntu 20.04.1 LTS \n \l` - Kernel (e.g. `uname -a`): `Linux Proton 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux` - Install tools: - Network plugin and version (if this is a network-related bug): `Calico v3.14.1 with IPIP & NAT-Outgoing` - Others:
** Description changed: IMO this is not related to Kubernetes so I filed the bug here. **What happened**: Processes in container can't connect to `kubernetes.default` service. **What you expected to happen**: It should be able to connect. **How to reproduce it (as minimally and precisely as possible)**: ```bash host# tc qdisc add dev eth0 root fq host# nsenter -n -t $(pidof some-process-in-container) container-net-ns# nc -vv 10.97.0.1 443 # Could not connect ``` **Anything else we need to know?**: ```bash host# tc qdisc add dev eth0 root noqueue # this works host# tc qdisc add dev eth0 root fq_codel # this works too ``` + - `host` is where the workload container is, not Kubernetes master. - When the bug condition is met, packets won't be sent on wire. - kube-proxy works in IPVS mode. - The reason to tinker with qdisc is to enable TCP BBR, which requires fq qdisc. - fq qdisc works in `Linux node1 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu 18.04)` **Environment**: - Cloud provider or hardware configuration: `NIC: Intel X520-DA1 (82599)` - OS (e.g: `cat /etc/os-release`): `Ubuntu 20.04.1 LTS \n \l` - Kernel (e.g. `uname -a`): `Linux Proton 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux` - Install tools: - Network plugin and version (if this is a network-related bug): `Calico v3.14.1 with IPIP & NAT-Outgoing` - Others: -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1902358 Title: Kubernetes service connectivity issue Ubuntu 20.04 + fq queue discipline Status in linux package in Ubuntu: Incomplete Bug description: IMO this is not related to Kubernetes so I filed the bug here. **What happened**: Processes in container can't connect to `kubernetes.default` service. **What you expected to happen**: It should be able to connect. **How to reproduce it (as minimally and precisely as possible)**: ```bash host# tc qdisc add dev eth0 root fq host# nsenter -n -t $(pidof some-process-in-container) container-net-ns# nc -vv 10.97.0.1 443 # Could not connect ``` **Anything else we need to know?**: ```bash host# tc qdisc add dev eth0 root noqueue # this works host# tc qdisc add dev eth0 root fq_codel # this works too ``` - `host` is where the workload container is, not Kubernetes master. - When the bug condition is met, packets won't be sent on wire. - kube-proxy works in IPVS mode. - The reason to tinker with qdisc is to enable TCP BBR, which requires fq qdisc. - fq qdisc works in `Linux node1 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu 18.04)` **Environment**: - Cloud provider or hardware configuration: `NIC: Intel X520-DA1 (82599)` - OS (e.g: `cat /etc/os-release`): `Ubuntu 20.04.1 LTS \n \l` - Kernel (e.g. `uname -a`): `Linux Proton 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux` - Install tools: - Network plugin and version (if this is a network-related bug): `Calico v3.14.1 with IPIP & NAT-Outgoing` - Others: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1902358/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
