Kubernetes Calico pod issue

  Kiến thức lập trình

I am setting up a Kubernetes cluster on Red Hat Enterprise Linux 8.9 (Ootpa) 4.18.0-513.18.1.el8_9.x86_64. I am using Kubernetes version 1.20.8 with docker (20.10.8) as container run time. I have to use this version of Kubernetes as the application I am going to deploy supports only this version. after OS is installed, i did setup cluster with calico and all worked fine. after restart the server calico controller is failing. below is the error message.

kubectl logs calico-kube-controllers-5bb7768754-z5mkn -n kube-system
2024-04-26 16:51:29.876 [INFO][1] main.go 107: Loaded configuration from environment config=&config.Config{LogLevel:”info”, WorkloadEndpointWorkers:1, ProfileWorkers:1, PolicyWorkers:1, NodeWorkers:1, Kubeconfig:””, DatastoreType:”kubernetes”}
W0426 16:51:29.877772 1 client_config.go:617] Neither –kubeconfig nor –master was specified. Using the inClusterConfig. This might not work.
2024-04-26 16:51:29.878 [INFO][1] main.go 131: Ensuring Calico datastore is initialized
2024-04-26 16:51:59.878 [ERROR][1] client.go 290: Error getting cluster information config ClusterInformation=”default” error=Get “https://10.96.0.1:443/apis/crd.projectcalico.org/v1/clusterinformations/default”: dial tcp 10.96.0.1:443: i/o timeout
2024-04-26 16:51:59.878 [INFO][1] main.go 138: Failed to initialize datastore error=Get “https://10.96.0.1:443/apis/crd.projectcalico.org/v1/clusterinformations/default”: dial tcp 10.96.0.1:443: i/o timeout

I also see below error message in journalctl log.

kubelet[81652]: E0425 18:31:17.802891 81652 kubelet_pods.go:1246] Failed killing the pod “calico-kube-controllers-6b8f6f78dc-5bf8w”: failed to “KillPodSandbox” for “b103483a-544e-467e-903d-76931bd12fac” with KillPodSandboxError: “rpc error: code = Unknown desc = networkPlugin cni failed to teardown pod “calico-kube-controllers-6b8f6f78dc-5bf8w_kube-system” network: error getting ClusterInformation: connection is unauthorized: clusterinformations.crd.projectcalico.org “default” is forbidden: User “system:serviceaccount:kube-system:calico-node” cannot get resource “clusterinformations” in API group “crd.projectcalico.org” at the cluster scope”

Please help me in resolving the issue. let me know if any further details are required.

Please note that i have to use mentioned kubernetes versions for my application.

  • docker
  • kubernetes
  • redhat
  • calico

LEAVE A COMMENT