Hey everyone,
I have a kubernetes cluster running on vcenter with one master and 2 worker nodes.
The cni is managed by calico with a default deployment.
Now I am trying to add a new worker node to the cluster, but this host is a physical server.
I run the worker join command and it finishes successfully (I can see the node in a ready state using kubectl).
Then the first pod that is trying to be deployed on the new worker is calico which is getting crashloopbackoff error and not starting.
(
miniconda) yonatan.g@yonatan-playground:~/iso$ kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
calico-kube-controllers-658d97c59c-l2trj 1/1 Running 0 33m 172.16.188.181 kube-worker-01 <none> <none>
calico-node-cwpg7 1/1 Running 0 35m 192.168.0.23 kube-master-01 <none> <none>
calico-node-kjmxk 0/1 CrashLoopBackOff 13 (74s ago) 35m 192.168.0.25 kube-worker-02 <none> <none>
calico-node-kxkvb 1/1 Running 0 35m 192.168.0.24 kube-worker-01 <none> <none>
calico-node-ptkjn 1/1 Running 0 35m 192.168.0.26 kube-worker-03 <none> <none>
coredns-57d549ffcf-hxfnj 1/1 Running 0 35m 172.16.188.161 kube-worker-01 <none> <none>
coredns-57d549ffcf-sqn9t 1/1 Running 0 35m 172.16.84.168 kube-worker-03 <none> <none>
etcd-kube-master-01 1/1 Running 67 (29h ago) 35m 192.168.0.23 kube-master-01 <none> <none>
kube-apiserver-kube-master-01 1/1 Running 90 (29h ago) 35m 192.168.0.23 kube-master-01 <none> <none>
kube-controller-manager-kube-master-01 1/1 Running 609 (29h ago) 35m 192.168.0.23 kube-master-01 <none> <none>
kube-proxy-6pdjc 1/1 Running 0 35m 192.168.0.24 kube-worker-01 <none> <none>
kube-proxy-fq6l2 1/1 Running 0 35m 192.168.0.23 kube-master-01 <none> <none>
kube-proxy-ppxgm 1/1 Running 9 (3m4s ago) 35m 192.168.0.25 kube-worker-02 <none> <none>
kube-proxy-z7jpt 1/1 Running 0 35m 192.168.0.26 kube-worker-03 <none> <none>
kube-scheduler-kube-master-01 1/1 Running 672 (29h ago) 35m 192.168.0.23 kube-master-01 <none> <no
ne>
(miniconda) yonatan.g@yonatan-playground:~/iso$ kubectl logs calico-node-kjmxk -n kube-system
Defaulted container "calico-node" out of: calico-node, upgrade-ipam (init), install-cni (init), mount-bpffs (init)
2024-08-28 14:52:17.195 [INFO][9] startup/startup.go 427: Early log level set to info
2024-08-28 14:52:17.195 [INFO][9] startup/utils.go 127: Using NODENAME environment for node name kube-worker-02
2024-08-28 14:52:17.195 [INFO][9] startup/utils.go 139: Determined node name: kube-worker-02
2024-08-28 14:52:17.195 [INFO][9] startup/startup.go 94: Starting node kube-worker-02 with version v3.25.0
2024-08-28 14:52:17.195 [INFO][9] startup/startup.go 432: Checking datastore connection
2024-08-28 14:52:17.214 [INFO][9] startup/startup.go 456: Datastore connection verified
2024-08-28 14:52:17.214 [INFO][9] startup/startup.go 104: Datastore is ready
2024-08-28 14:52:17.231 [INFO][9] startup/autodetection_methods.go 117: Using autodetected IPv4 address 192.168.0.25/24 on matching interface ens160
2024-08-28 14:52:17.231 [INFO][9] startup/startup.go 701: No AS number configured on node resource, using global value
2024-08-28 14:52:17.242 [INFO][9] startup/startup.go 746: found v4= in the kubeadm config map
2024-08-28 14:52:17.242 [INFO][9] startup/startup.go 750: found v6= in the kubeadm config map
2024-08-28 14:52:17.245 [INFO][9] startup/startup.go 818: Selected default IP pool is '172.17.0.0/16'
2024-08-28 14:52:17.245 [INFO][9] startup/startup.go 676: FELIX_IPV6SUPPORT is false through environment variable
2024-08-28 14:52:17.252 [INFO][9] startup/startup.go 218: Using node name: kube-worker-02
2024-08-28 14:52:17.252 [INFO][9] startup/utils.go 191: Setting NetworkUnavailable to false
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "wireguardmtu"="1440"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "vxlanmtu"="1440"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthenabled"="true"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "defaultendpointtohostaction"="ACCEPT"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipinipmtu"="1440"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipv6support"="false"
2024-08-28 14:52:17.324 [INFO][50] tunnel-ip-allocator/config_params.go 480: Merging in config from environment variable: map[defaultendpointtohostaction:ACCEPT healthenabled:true ipinipmtu:1440 ipv6support:false vxlanmtu:1440 wireguardmtu:1440]
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for WireguardMTU: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for WireguardMTU: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for VXLANMTU: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for VXLANMTU: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for HealthEnabled: true (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for HealthEnabled: true (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for IpInIpMtu: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for IpInIpMtu: 1440 (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 611: Parsing value for Ipv6Support: false (from environment variable)
2024-08-28 14:52:17.325 [INFO][50] tunnel-ip-allocator/config_params.go 647: Parsed value for Ipv6Support: false (from environment variable)
2024-08-28 14:52:17.386 [INFO][50] tunnel-ip-allocator/allocateip.go 340: Current address is still valid, do nothing currentAddr="172.16.255.192" type="ipipTunnelAddress"
Calico node started successfully
bird: Unable to open configuration file /etc/calico/confd/config/bird6.cfg: No such file or directory
bird: Unable to open configuration file /etc/calico/confd/config/bird.cfg: No such file or directory
2024-08-28 14:52:18.236 [INFO][100] confd/config.go 82: Skipping confd config file.
2024-08-28 14:52:18.236 [INFO][100] confd/run.go 18: Starting calico-confd
W0828 14:52:18.240555 104 client_config.go:617] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
2024-08-28 14:52:18.240 [INFO][98] status-reporter/startup.go 427: Early log level set to info
2024-08-28 14:52:18.241 [INFO][98] status-reporter/watchersyncer.go 89: Start called
2024-08-28 14:52:18.241 [INFO][98] status-reporter/watchersyncer.go 130: Sending status update Status=wait-for-ready
2024-08-28 14:52:18.241 [INFO][98] status-reporter/watchersyncer.go 149: Starting main event processing loop
2024-08-28 14:52:18.241 [INFO][98] status-reporter/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/caliconodestatuses"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "wireguardmtu"="1440"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "vxlanmtu"="1440"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthenabled"="true"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "defaultendpointtohostaction"="ACCEPT"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipinipmtu"="1440"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipv6support"="false"
2024-08-28 14:52:18.244 [INFO][102] tunnel-ip-allocator/config_params.go 480: Merging in config from environment variable: map[defaultendpointtohostaction:ACCEPT healthenabled:true ipinipmtu:1440 ipv6support:false vxlanmtu:1440 wireguardmtu:1440]
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for IpInIpMtu: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for IpInIpMtu: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for Ipv6Support: false (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for Ipv6Support: false (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for WireguardMTU: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for WireguardMTU: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for VXLANMTU: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for VXLANMTU: 1440 (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for HealthEnabled: true (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for HealthEnabled: true (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 611: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-08-28 14:52:18.245 [INFO][102] tunnel-ip-allocator/config_params.go 647: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-08-28 14:52:18.246 [INFO][102] tunnel-ip-allocator/watchersyncer.go 89: Start called
2024-08-28 14:52:18.246 [INFO][102] tunnel-ip-allocator/watchersyncer.go 130: Sending status update Status=wait-for-ready
2024-08-28 14:52:18.246 [INFO][102] tunnel-ip-allocator/watchersyncer.go 149: Starting main event processing loop
2024-08-28 14:52:18.246 [INFO][102] tunnel-ip-allocator/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/nodes/kube-worker-02"
2024-08-28 14:52:18.246 [INFO][102] tunnel-ip-allocator/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/ippools"
W0828 14:52:18.252728 100 client_config.go:617] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1475: Advertise global service ranges from this node
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1406: Updated with new cluster IP CIDRs: []
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1475: Advertise global service ranges from this node
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1397: Updated with new external IP CIDRs: []
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1475: Advertise global service ranges from this node
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 1430: Updated with new Loadbalancer IP CIDRs: []
2024-08-28 14:52:18.253 [INFO][100] confd/watchersyncer.go 89: Start called
2024-08-28 14:52:18.253 [INFO][98] status-reporter/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/caliconodestatuses"
2024-08-28 14:52:18.253 [INFO][100] confd/client.go 422: Source SourceRouteGenerator readiness changed, ready=true
2024-08-28 14:52:18.254 [INFO][98] status-reporter/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.254 [INFO][100] confd/watchersyncer.go 130: Sending status update Status=wait-for-ready
2024-08-28 14:52:18.254 [INFO][98] status-reporter/watchersyncer.go 130: Sending status update Status=resync
2024-08-28 14:52:18.254 [INFO][98] status-reporter/watchersyncer.go 221: All watchers have sync'd data - sending data and final sync
2024-08-28 14:52:18.254 [INFO][98] status-reporter/watchersyncer.go 130: Sending status update Status=in-sync
2024-08-28 14:52:18.254 [INFO][100] confd/watchersyncer.go 149: Starting main event processing loop
2024-08-28 14:52:18.254 [INFO][100] confd/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/ippools"
2024-08-28 14:52:18.254 [INFO][100] confd/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/bgppeers"
2024-08-28 14:52:18.254 [INFO][100] confd/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/nodes"
2024-08-28 14:52:18.254 [INFO][100] confd/watchercache.go 181: Full resync is required ListRoot="/calico/ipam/v2/host/kube-worker-02"
2024-08-28 14:52:18.254 [INFO][100] confd/watchercache.go 181: Full resync is required ListRoot="/calico/resources/v3/projectcalico.org/bgpconfigurations"
2024-08-28 14:52:18.256 [INFO][105] monitor-addresses/startup.go 427: Early log level set to info
2024-08-28 14:52:18.257 [INFO][102] tunnel-ip-allocator/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/nodes/kube-worker-02"
2024-08-28 14:52:18.257 [INFO][102] tunnel-ip-allocator/watchersyncer.go 130: Sending status update Status=resync
2024-08-28 14:52:18.257 [INFO][102] tunnel-ip-allocator/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.257 [INFO][105] monitor-addresses/utils.go 127: Using NODENAME environment for node name kube-worker-02
2024-08-28 14:52:18.257 [INFO][105] monitor-addresses/utils.go 139: Determined node name: kube-worker-02
2024-08-28 14:52:18.257 [INFO][100] confd/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/nodes"
2024-08-28 14:52:18.257 [INFO][104] cni-config-monitor/token_watch.go 225: Update of CNI kubeconfig triggered based on elapsed time.
2024-08-28 14:52:18.257 [INFO][100] confd/watchersyncer.go 130: Sending status update Status=resync
2024-08-28 14:52:18.257 [INFO][100] confd/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.257 [INFO][104] cni-config-monitor/token_watch.go 279: Wrote updated CNI kubeconfig file. path="/host/etc/cni/net.d/calico-kubeconfig"
2024-08-28 14:52:18.258 [INFO][102] tunnel-ip-allocator/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/ippools"
2024-08-28 14:52:18.258 [INFO][102] tunnel-ip-allocator/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.258 [INFO][102] tunnel-ip-allocator/watchersyncer.go 221: All watchers have sync'd data - sending data and final sync
2024-08-28 14:52:18.258 [INFO][102] tunnel-ip-allocator/watchersyncer.go 130: Sending status update Status=in-sync
2024-08-28 14:52:18.258 [INFO][100] confd/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/bgppeers"
2024-08-28 14:52:18.259 [INFO][100] confd/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/bgpconfigurations"
2024-08-28 14:52:18.259 [INFO][100] confd/watchercache.go 294: Sending synced update ListRoot="/calico/ipam/v2/host/kube-worker-02"
2024-08-28 14:52:18.259 [INFO][100] confd/watchercache.go 294: Sending synced update ListRoot="/calico/resources/v3/projectcalico.org/ippools"
2024-08-28 14:52:18.259 [INFO][100] confd/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.260 [INFO][100] confd/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.260 [INFO][100] confd/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.260 [INFO][100] confd/client.go 1027: Recompute BGP peerings: HostBGPConfig(node=kube-master-01; name=ip_addr_v4) updated; HostBGPConfig(node=kube-master-01; name=ip_addr_v6) updated; HostBGPConfig(node=kube-master-01; name=network_v4) updated; HostBGPConfig(node=kube-master-01; name=rr_cluster_id) updated; kube-master-01 updated; HostBGPConfig(node=kube-worker-01; name=ip_addr_v4) updated; HostBGPConfig(node=kube-worker-01; name=ip_addr_v6) updated; HostBGPConfig(node=kube-worker-01; name=network_v4) updated; HostBGPConfig(node=kube-worker-01; name=rr_cluster_id) updated; kube-worker-01 updated; HostBGPConfig(node=kube-worker-02; name=ip_addr_v4) updated; HostBGPConfig(node=kube-worker-02; name=ip_addr_v6) updated; HostBGPConfig(node=kube-worker-02; name=network_v4) updated; HostBGPConfig(node=kube-worker-02; name=rr_cluster_id) updated; kube-worker-02 updated; HostBGPConfig(node=kube-worker-03; name=ip_addr_v4) updated; HostBGPConfig(node=kube-worker-03; name=ip_addr_v6) updated; HostBGPConfig(node=kube-worker-03; name=network_v4) updated; HostBGPConfig(node=kube-worker-03; name=rr_cluster_id) updated; kube-worker-03 updated
2024-08-28 14:52:18.260 [INFO][100] confd/watchersyncer.go 209: Received InSync event from one of the watcher caches
2024-08-28 14:52:18.260 [INFO][100] confd/watchersyncer.go 221: All watchers have sync'd data - sending data and final sync
2024-08-28 14:52:18.260 [INFO][100] confd/watchersyncer.go 130: Sending status update Status=in-sync
2024-08-28 14:52:18.261 [INFO][100] confd/client.go 422: Source SourceSyncer readiness changed, ready=true
2024-08-28 14:52:18.261 [INFO][100] confd/client.go 442: Data is now syncd, can start rendering templates
2024-08-28 14:52:18.264 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird_ipam.cfg has been updated
2024-08-28 14:52:18.264 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird_aggr.cfg has been updated
2024-08-28 14:52:18.264 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird6_ipam.cfg has been updated
2024-08-28 14:52:18.265 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird6_aggr.cfg has been updated
2024-08-28 14:52:18.267 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird6.cfg has been updated
2024-08-28 14:52:18.267 [INFO][100] confd/resource.go 278: Target config /etc/calico/confd/config/bird.cfg has been updated
2024-08-28 14:52:18.277 [INFO][101] felix/daemon.go 378: Successfully loaded configuration. GOMAXPROCS=16 builddate="2023-01-12T22:13:18+0000" config=&config.Config{UseInternalDataplaneDriver:true, DataplaneDriver:"calico-iptables-plugin", DataplaneWatchdogTimeout:90000000000, WireguardEnabled:false, WireguardEnabledV6:false, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardRoutingRulePriority:99, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardMTU:1440, WireguardMTUV6:0, WireguardHostEncryptionEnabled:false, WireguardPersistentKeepAlive:0, BPFEnabled:false, BPFDisableUnprivileged:true, BPFLogLevel:"off", BPFDataIfacePattern:(*regexp.Regexp)(0xc0004ef0e0), BPFL3IfacePattern:(*regexp.Regexp)(nil), BPFConnectTimeLoadBalancingEnabled:true, BPFExternalServiceMode:"tunnel", BPFKubeProxyIptablesCleanupEnabled:true, BPFKubeProxyMinSyncPeriod:1000000000, BPFKubeProxyEndpointSlicesEnabled:true, BPFExtToServiceConnmark:0, BPFPSNATPorts:numorstring.Port{MinPort:0x4e20, MaxPort:0x752f, PortName:""}, BPFMapSizeNATFrontend:65536, BPFMapSizeNATBackend:262144, BPFMapSizeNATAffinity:65536, BPFMapSizeRoute:262144, BPFMapSizeConntrack:512000, BPFMapSizeIPSets:1048576, BPFMapSizeIfState:1000, BPFHostConntrackBypass:true, BPFEnforceRPF:"Strict", BPFPolicyDebugEnabled:true, DebugBPFCgroupV2:"", DebugBPFMapRepinEnabled:false, DatastoreType:"kubernetes", FelixHostname:"kube-worker-02", EtcdAddr:"127.0.0.1:2379", EtcdScheme:"http", EtcdKeyFile:"", EtcdCertFile:"", EtcdCaFile:"", EtcdEndpoints:[]string(nil), TyphaAddr:"", TyphaK8sServiceName:"", TyphaK8sNamespace:"kube-system", TyphaReadTimeout:30000000000, TyphaWriteTimeout:10000000000, TyphaKeyFile:"", TyphaCertFile:"", TyphaCAFile:"", TyphaCN:"", TyphaURISAN:"", Ipv6Support:false, BpfIpv6Support:false, IptablesBackend:"auto", RouteRefreshInterval:90000000000, InterfaceRefreshInterval:90000000000, DeviceRouteSourceAddress:net.IP(nil), DeviceRouteSourceAddressIPv6:net.IP(nil), DeviceRouteProtocol:3, RemoveExternalRoutes:true, IptablesRefreshInterval:90000000000, IptablesPostWriteCheckIntervalSecs:1000000000, IptablesLockFilePath:"/run/xtables.lock", IptablesLockTimeoutSecs:0, IptablesLockProbeIntervalMillis:50000000, FeatureDetectOverride:map[string]string(nil), FeatureGates:map[string]string(nil), IpsetsRefreshInterval:10000000000, MaxIpsetSize:1048576, XDPRefreshInterval:90000000000, PolicySyncPathPrefix:"", NetlinkTimeoutSecs:10000000000, MetadataAddr:"", MetadataPort:8775, OpenstackRegion:"", InterfacePrefix:"cali", InterfaceExclude:[]*regexp.Regexp{(*regexp.Regexp)(0xc0004ee0a0)}, ChainInsertMode:"insert", DefaultEndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", LogPrefix:"calico-packet", LogFilePath:"", LogSeverityFile:"", LogSeverityScreen:"INFO", LogSeveritySys:"", LogDebugFilenameRegex:(*regexp.Regexp)(nil), VXLANEnabled:(*bool)(nil), VXLANPort:4789, VXLANVNI:4096, VXLANMTU:1440, VXLANMTUV6:0, IPv4VXLANTunnelAddr:net.IP(nil), IPv6VXLANTunnelAddr:net.IP(nil), VXLANTunnelMACAddr:"", VXLANTunnelMACAddrV6:"", IpInIpEnabled:(*bool)(nil), IpInIpMtu:1440, IpInIpTunnelAddr:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xac, 0x10, 0xff, 0xc0}, FloatingIPs:"Disabled", AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, AWSSrcDstCheck:"DoNothing", ServiceLoopPrevention:"Drop", WorkloadSourceSpoofing:"Disabled", ReportingIntervalSecs:0, ReportingTTLSecs:90000000000, EndpointReportingEnabled:false, EndpointReportingDelaySecs:1000000000, IptablesMarkMask:0xffff0000, DisableConntrackInvalidCheck:false, HealthEnabled:true, HealthPort:9099, HealthHost:"localhost", HealthTimeoutOverrides:map[string]time.Duration(nil), PrometheusMetricsEnabled:false, PrometheusMetricsHost:"", PrometheusMetricsPort:9091, PrometheusGoMetricsEnabled:true, PrometheusProcessMetricsEnabled:true, PrometheusWireGuardMetricsEnabled:true, FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, NATOutgoingAddress:net.IP(nil), UsageReportingEnabled:true, UsageReportingInitialDelaySecs:300000000000, UsageReportingIntervalSecs:86400000000000, ClusterGUID:"0e06325754a0460aa995b2dff12cfe2d", ClusterType:"k8s,bgp,kubeadm,kdd", CalicoVersion:"v3.25.0", ExternalNodesCIDRList:[]string(nil), DebugMemoryProfilePath:"", DebugCPUProfilePath:"/tmp/felix-cpu-<timestamp>.pprof", DebugDisableLogDropping:false, DebugSimulateCalcGraphHangAfter:0, DebugSimulateDataplaneHangAfter:0, DebugPanicAfter:0, DebugSimulateDataRace:false, RouteSource:"CalicoIPAM", RouteTableRange:idalloc.IndexRange{Min:0, Max:0}, RouteTableRanges:[]idalloc.IndexRange(nil), RouteSyncDisabled:false, IptablesNATOutgoingInterfaceFilter:"", SidecarAccelerationEnabled:false, XDPEnabled:true, GenericXDPEnabled:false, Variant:"Calico", MTUIfacePattern:(*regexp.Regexp)(0xc0004ee320), Encapsulation:config.Encapsulation{IPIPEnabled:true, VXLANEnabled:false, VXLANEnabledV6:false}, internalOverrides:map[string]string{}, sourceToRawConfig:map[config.Source]map[string]string{0x1:map[string]string{"CalicoVersion":"v3.25.0", "ClusterGUID":"0e06325754a0460aa995b2dff12cfe2d", "ClusterType":"k8s,bgp,kubeadm,kdd", "FloatingIPs":"Disabled", "LogSeverityScreen":"Info", "ReportingIntervalSecs":"0"}, 0x2:map[string]string{"IpInIpTunnelAddr":"172.16.255.192"}, 0x3:map[string]string{"LogFilePath":"None", "LogSeverityFile":"None", "LogSeveritySys":"None", "MetadataAddr":"None"}, 0x4:map[string]string{"datastoretype":"kubernetes", "defaultendpointtohostaction":"ACCEPT", "felixhostname":"kube-worker-02", "healthenabled":"true", "ipinipmtu":"1440", "ipv6support":"false", "vxlanmtu":"1440", "wireguardmtu":"1440"}}, rawValues:map[string]string{"CalicoVersion":"v3.25.0", "ClusterGUID":"0e06325754a0460aa995b2dff12cfe2d", "ClusterType":"k8s,bgp,kubeadm,kdd", "DatastoreType":"kubernetes", "DefaultEndpointToHostAction":"ACCEPT", "FelixHostname":"kube-worker-02", "FloatingIPs":"Disabled", "HealthEnabled":"true", "IpInIpMtu":"1440", "IpInIpTunnelAddr":"172.16.255.192", "Ipv6Support":"false", "LogFilePath":"None", "LogSeverityFile":"None", "LogSeverityScreen":"Info", "LogSeveritySys":"None", "MetadataAddr":"None", "ReportingIntervalSecs":"0", "VXLANMTU":"1440", "WireguardMTU":"1440"}, Err:error(nil), loadClientConfigFromEnvironment:(func() (*apiconfig.CalicoAPIConfig, error))(0x14562e0), useNodeResourceUpdates:false} gitcommit="3f7fe4d290541bbdd73c97bdc89a29a29855a48a" version="v3.25.0"
2024-08-28 14:52:18.278 [INFO][101] felix/bootstrap.go 209: Wireguard is not enabled - ensure no wireguard config iface="wireguard.cali" ipVersion=0x4 nodeName="kube-worker-02"
2024-08-28 14:52:18.281 [INFO][101] felix/bootstrap.go 624: Wireguard public key not set in datastore ipVersion=0x4 nodeName="kube-worker-02"
2024-08-28 14:52:18.281 [INFO][101] felix/bootstrap.go 209: Wireguard is not enabled - ensure no wireguard config iface="wg-v6.cali" ipVersion=0x6 nodeName="kube-worker-02"
2024-08-28 14:52:18.283 [INFO][101] felix/bootstrap.go 624: Wireguard public key not set in datastore ipVersion=0x6 nodeName="kube-worker-02"
2024-08-28 14:52:18.283 [INFO][101] felix/driver.go 72: Using internal (linux) dataplane driver.
2024-08-28 14:52:18.283 [INFO][101] felix/driver.go 157: Calculated iptables mark bits acceptMark=0x10000 endpointMark=0xfff00000 endpointMarkNonCali=0x0 passMark=0x20000 scratch0Mark=0x40000 scratch1Mark=0x80000
2024-08-28 14:52:18.283 [INFO][101] felix/int_dataplane.go 338: Creating internal dataplane driver. config=intdataplane.Config{Hostname:"kube-worker-02", IPv6Enabled:false, RuleRendererOverride:rules.RuleRenderer(nil), IPIPMTU:1440, VXLANMTU:1440, VXLANMTUV6:0, VXLANPort:4789, MaxIPSetSize:1048576, RouteSyncDisabled:false, IptablesBackend:"auto", IPSetsRefreshInterval:10000000000, RouteRefreshInterval:90000000000, DeviceRouteSourceAddress:net.IP(nil), DeviceRouteSourceAddressIPv6:net.IP(nil), DeviceRouteProtocol:3, RemoveExternalRoutes:true, IptablesRefreshInterval:90000000000, IptablesPostWriteCheckInterval:1000000000, IptablesInsertMode:"insert", IptablesLockFilePath:"/run/xtables.lock", IptablesLockTimeout:0, IptablesLockProbeInterval:50000000, XDPRefreshInterval:90000000000, FloatingIPsEnabled:false, Wireguard:wireguard.Config{Enabled:false, EnabledV6:false, ListeningPort:51820, ListeningPortV6:51821, FirewallMark:0, RoutingRulePriority:99, RoutingTableIndex:1, RoutingTableIndexV6:2, InterfaceName:"wireguard.cali", InterfaceNameV6:"wg-v6.cali", MTU:1440, MTUV6:0, RouteSource:"CalicoIPAM", EncryptHostTraffic:false, PersistentKeepAlive:0, RouteSyncDisabled:false}, NetlinkTimeout:10000000000, RulesConfig:rules.Config{IPSetConfigV4:(*ipsets.IPVersionConfig)(0xc0008fc050), IPSetConfigV6:(*ipsets.IPVersionConfig)(0xc0008fc140), WorkloadIfacePrefixes:[]string{"cali"}, IptablesMarkAccept:0x10000, IptablesMarkPass:0x20000, IptablesMarkScratch0:0x40000, IptablesMarkScratch1:0x80000, IptablesMarkEndpoint:0xfff00000, IptablesMarkNonCaliEndpoint:0x0, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, KubeIPVSSupportEnabled:false, OpenStackMetadataIP:net.IP(nil), OpenStackMetadataPort:0x2247, OpenStackSpecialCasesEnabled:false, VXLANEnabled:false, VXLANEnabledV6:false, VXLANPort:4789, VXLANVNI:4096, IPIPEnabled:true, FelixConfigIPIPEnabled:(*bool)(nil), IPIPTunnelAddress:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xac, 0x10, 0xff, 0xc0}, VXLANTunnelAddress:net.IP(nil), VXLANTunnelAddressV6:net.IP(nil), AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, WireguardEnabled:false, WireguardEnabledV6:false, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardIptablesMark:0x0, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardEncryptHostTraffic:false, RouteSource:"CalicoIPAM", IptablesLogPrefix:"calico-packet", EndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, DisableConntrackInvalid:false, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, IptablesNATOutgoingInterfaceFilter:"", NATOutgoingAddress:net.IP(nil), BPFEnabled:false, ServiceLoopPrevention:"Drop"}, IfaceMonitorConfig:ifacemonitor.Config{InterfaceExcludes:[]*regexp.Regexp{(*regexp.Regexp)(0xc0004ee0a0)}, ResyncInterval:90000000000}, StatusReportingInterval:0, ConfigChangedRestartCallback:(func())(0x25bf5a0), FatalErrorRestartCallback:(func(error))(0x25bf480), PostInSyncCallback:(func())(0x25ad120), HealthAggregator:(*health.HealthAggregator)(0xc000790840), WatchdogTimeout:90000000000, RouteTableManager:(*idalloc.IndexAllocator)(0xc0002fd0a0), DebugSimulateDataplaneHangAfter:0, ExternalNodesCidrs:[]string(nil), BPFEnabled:false, BPFPolicyDebugEnabled:true, BPFDisableUnprivileged:true, BPFKubeProxyIptablesCleanupEnabled:true, BPFLogLevel:"off", BPFExtToServiceConnmark:0, BPFDataIfacePattern:(*regexp.Regexp)(0xc0004ef0e0), BPFL3IfacePattern:(*regexp.Regexp)(nil), XDPEnabled:true, XDPAllowGeneric:false, BPFConntrackTimeouts:conntrack.Timeouts{CreationGracePeriod:10000000000, TCPPreEstablished:20000000000, TCPEstablished:3600000000000, TCPFinsSeen:30000000000, TCPResetSeen:40000000000, UDPLastSeen:60000000000, GenericIPLastSeen:600000000000, ICMPLastSeen:5000000000}, BPFCgroupV2:"", BPFConnTimeLBEnabled:true, BPFMapRepin:false, BPFNodePortDSREnabled:false, BPFPSNATPorts:numorstring.Port{MinPort:0x4e20, MaxPort:0x752f, PortName:""}, BPFMapSizeRoute:262144, BPFMapSizeConntrack:512000, BPFMapSizeNATFrontend:65536, BPFMapSizeNATBackend:262144, BPFMapSizeNATAffinity:65536, BPFMapSizeIPSets:1048576, BPFMapSizeIfState:1000, BPFIpv6Enabled:false, BPFHostConntrackBypass:true, BPFEnforceRPF:"Strict", KubeProxyMinSyncPeriod:1000000000, SidecarAccelerationEnabled:false, LookPathOverride:(func(string) (string, error))(nil), KubeClientSet:(*kubernetes.Clientset)(0xc00017b380), FeatureDetectOverrides:map[string]string(nil), FeatureGates:map[string]string(nil), hostMTU:0, MTUIfacePattern:(*regexp.Regexp)(0xc0004ee320), RouteSource:"CalicoIPAM", KubernetesProvider:0x0}
2024-08-28 14:52:18.283 [INFO][101] felix/rule_defs.go 373: Creating rule renderer. config=rules.Config{IPSetConfigV4:(*ipsets.IPVersionConfig)(0xc0008fc050), IPSetConfigV6:(*ipsets.IPVersionConfig)(0xc0008fc140), WorkloadIfacePrefixes:[]string{"cali"}, IptablesMarkAccept:0x10000, IptablesMarkPass:0x20000, IptablesMarkScratch0:0x40000, IptablesMarkScratch1:0x80000, IptablesMarkEndpoint:0xfff00000, IptablesMarkNonCaliEndpoint:0x0, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, KubeIPVSSupportEnabled:false, OpenStackMetadataIP:net.IP(nil), OpenStackMetadataPort:0x2247, OpenStackSpecialCasesEnabled:false, VXLANEnabled:false, VXLANEnabledV6:false, VXLANPort:4789, VXLANVNI:4096, IPIPEnabled:true, FelixConfigIPIPEnabled:(*bool)(nil), IPIPTunnelAddress:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xac, 0x10, 0xff, 0xc0}, VXLANTunnelAddress:net.IP(nil), VXLANTunnelAddressV6:net.IP(nil), AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, WireguardEnabled:false, WireguardEnabledV6:false, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardIptablesMark:0x0, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardEncryptHostTraffic:false, RouteSource:"CalicoIPAM", IptablesLogPrefix:"calico-packet", EndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, DisableConntrackInvalid:false, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, IptablesNATOutgoingInterfaceFilter:"", NATOutgoingAddress:net.IP(nil), BPFEnabled:false, ServiceLoopPrevention:"Drop"}
2024-08-28 14:52:18.284 [INFO][101] felix/rule_defs.go 383: Workload to host packets will be accepted.
2024-08-28 14:52:18.284 [INFO][101] felix/rule_defs.go 397: filter table allowed packets will be accepted immediately.
2024-08-28 14:52:18.284 [INFO][101] felix/rule_defs.go 405: mangle table allowed packets will be accepted immediately.
2024-08-28 14:52:18.284 [INFO][101] felix/rule_defs.go 413: Packets to unknown service IPs will be dropped
2024-08-28 14:52:18.284 [INFO][101] felix/int_dataplane.go 1029: Determined pod MTU mtu=1440
2024-08-28 14:52:18.284 [INFO][101] felix/iface_monitor.go 84: configured to periodically rescan interfaces. interval=1m30s
2024-08-28 14:52:18.284 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="legacy" candidates=[]string{"ip6tables-legacy-save", "ip6tables-save"} command="ip6tables-legacy-save" ipVersion=0x6 saveOrRestore="save"
2024-08-28 14:52:18.285 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="legacy" candidates=[]string{"iptables-legacy-save", "iptables-save"} command="iptables-legacy-save" ipVersion=0x4 saveOrRestore="save"
2024-08-28 14:52:18.286 [INFO][102] tunnel-ip-allocator/allocateip.go 340: Current address is still valid, do nothing currentAddr="172.16.255.192" type="ipipTunnelAddress"
2024-08-28 14:52:18.289 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"ip6tables-nft-save", "ip6tables-save"} command="ip6tables-nft-save" ipVersion=0x6 saveOrRestore="save"
2024-08-28 14:52:18.289 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-08-28 14:52:18.308 [INFO][101] felix/feature_detect.go 161: Updating detected iptables features features=environment.Features{SNATFullyRandom:true, MASQFullyRandom:true, RestoreSupportsLock:true, ChecksumOffloadBroken:true, IPIPDeviceIsL3:true} iptablesVersion=1.8.4 kernelVersion=5.15.0-119
2024-08-28 14:52:18.308 [INFO][101] felix/table.go 336: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-08-28 14:52:18.308 [INFO][101] felix/table.go 449: Enabling iptables-in-nftables-mode workarounds.
2024-08-28 14:52:18.309 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-08-28 14:52:18.309 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-08-28 14:52:18.309 [INFO][101] felix/table.go 336: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-|-A POSTROUTING .* felix-masq-ipam-pools .*|-A POSTROUTING -o tunl0 -m addrtype ! --src-type LOCAL --limit-iface-out -m addrtype --src-type LOCAL -j MASQUERADE"
2024-08-28 14:52:18.309 [INFO][101] felix/table.go 449: Enabling iptables-in-nftables-mode workarounds.
2024-08-28 14:52:18.310 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-08-28 14:52:18.310 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-08-28 14:52:18.310 [INFO][101] felix/table.go 336: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-08-28 14:52:18.310 [INFO][101] felix/table.go 449: Enabling iptables-in-nftables-mode workarounds.
2024-08-28 14:52:18.310 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-08-28 14:52:18.311 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-08-28 14:52:18.311 [INFO][101] felix/table.go 336: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-08-28 14:52:18.311 [INFO][101] felix/table.go 449: Enabling iptables-in-nftables-mode workarounds.
2024-08-28 14:52:18.311 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-08-28 14:52:18.312 [INFO][101] felix/feature_detect.go 352: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRe
mportant to mention that the nic name is different then the nics on the vm's (tried to specify in the calico ds to search for both nic names and it didn't help.sAny ideas where my problem is coming from ?
Or myabe where should I focus on ?to
re=“save”
I