Cloud being used: bare-metal
Installation method: Hard Way
Host OS: CoreOS
CNI and version: Flannel 3.6.0, Calico 0.11.0
CRI and version:
Since the upgrade to the above version of Canal, ingress network policies fail to allow traffic when the destination POD is on a different node than the originator POD.
The policies were working fine before the upgrade. I.e. they were allowing traffic from specific pods.
Now they only allow the traffic if the source POD is on the same node as the destination POD.
I cannot see any error anywhere. Even the iptables on all nodes do not show any rejection.
Any idea where I can look?