project-calico

问题 How can I confirm whether or not some of the pods in this Kubernetes cluster are running inside the Calico overlay network? Pod Names: Specifically, when I run kubectl get pods --all-namespaces , only two of the nodes in the resulting list have the word calico in their names. The other pods, like etcd and kube-controller-manager , and others do NOT have the word calico in their names. From what I read online, the other pods should have the word calico in their names. $ kubectl get pods --all

问题 I have kubernetes v1.6.0 setup by kubeadm v1.6.1 calico setup by offical yaml iptables v1.6.0 nodes are provided by AliCloud Problem: The cni network is not working. Any deployment can only be visited from the node where it is running. I doubt it is related with route table conflict/missing, because I have another cluster on Vultr Cloud working fine, with the same setup steps. Cluster Info: root@iZ2ze8ctk2q17u029a8wcoZ:~# kubectl get pods --all-namespaces -o wide NAMESPACE NAME READY STATUS

问题 Init container with kubectl get pod command is used to get ready status of other pod. After Egress NetworkPolicy was turned on init container can't access Kubernetes API: Unable to connect to the server: dial tcp 10.96.0.1:443: i/o timeout . CNI is Calico. Several rules were tried but none of them are working (service and master host IPs, different CIDR masks): ... egress: - to: - ipBlock: cidr: 10.96.0.1/32 ports: - protocol: TCP port: 443 ... or using namespace (default and kube-system