I'm transitioning a Docker Compose setup to a K3s Kubernetes cluster, but I'm running into several network issues. My main services include Apache, a discovery service with Hazelcast, and about ten microservices. Currently, K3s seems to have a malfunctioning kube-proxy and CNI, with iptables showing a default DROP policy. I'm wondering if something is missing from my setup or if there's an issue with my K3s installation. I'm running one master node (via Rancher's GUI) and two worker nodes, and I've experienced multiple restarts on these machines while testing deployments on a bare metal cluster. After troubleshooting, a suggestion I've received is either to uninstall and reinstall K3s or switch to the full Kubeadm version. I'd really appreciate any insights or suggestions on how to proceed!
3 Answers
If kube-proxy and CNI are misbehaving, it sounds more like a networking issue or a conflict with firewall/iptables settings on your nodes. I'd recommend checking your host's firewall rules, kernel modules, and ensuring nothing like firewalld or ufw is interfering with K3s. If everything looks okay, a fresh install of K3s might actually be quicker than troubleshooting the existing setup.
What host are you using? Some platforms like OCI can have quirks that don't sit well with K3s, which might complicate things.
First off, you should figure out why your machines are rebooting so often. K3s can struggle in certain environments due to its use of etcd for key-value storage. How did you install K3s? I recommend using the Ansible automation tool since it could help you avoid missing installation steps. If you’re having iptables issues, the Ansible setup can automate those. Have you considered trying k0s? It's worth checking out!
If you're just using one control plane, then etcd shouldn't come into play; it would be SQLite via Kine.
Yeah, I basically installed it in a straightforward way: `curl -sfL https://get.k3s.io | sh`, and generated a token for the worker nodes. It's just a test cluster for an upcoming production setup, so the team needs hands-on experience with Kubernetes.
I checked everything, and unfortunately, I’m not having any luck.