Bug 1308701 - Kubelet proxy must be able to run in userspace and iptables mode
Kubelet proxy must be able to run in userspace and iptables mode
Status: CLOSED ERRATA
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking (Show other bugs)
3.1.0
Unspecified Unspecified
high Severity high
: ---
: ---
Assigned To: Dan Winship
Meng Bo
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-15 14:27 EST by Jordan Liggitt
Modified: 2016-05-31 04:57 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-23 15:32:05 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jordan Liggitt 2016-02-15 14:27:27 EST
Description of problem:
The kubelet proxy changed from userspace mode to iptables mode. There must be a way to opt back into userspace-mode proxy.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:



The node starts in iptables mode by default, or can be explicitly set in the node-config.yaml with:
...
proxyArguments:
  proxy-mode:
  - "iptables"


To start in userspace proxy mode, set this in node-config.yaml:
...
proxyArguments:
  proxy-mode:
  - "userspace"



We need to verify that the SDN works as expected, and that the node indicates in the start up logs that userspace or iptables mode is being used according to the proxy config


Fixed in origin in https://github.com/openshift/origin/pull/7088
Fixed in OSE in https://github.com/openshift/ose/pull/138
Comment 5 Meng Bo 2016-02-17 01:18:03 EST
Verified with OSE 3.1 Errata build 2016-02-16.1

The kube-proxy can be configured to work as userspace or iptables now by editing the node-config.yaml.

And the SDN related features keep working fine.




But I have a question, when I set the loglevel > 4, eg, --loglevel=5, the new added logs will not be found in the node log.
Like:
glog.V(0).Info("Using iptables Proxier.")
glog.Infof("Started Kubernetes Proxy on %s", c.ProxyConfig.BindAddress.String())

If I set the loglevel =< 4, then it would be ok.

@Jordan Do you know why some of the logs are missing when there is a higher loglevel?
Comment 6 Jordan Liggitt 2016-02-17 13:17:23 EST
no idea on the --loglevel issue
Comment 8 errata-xmlrpc 2016-02-23 15:32:05 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0293

Note You need to log in before you can comment on or make changes to this bug.