This repository has been archived by the owner on Oct 16, 2020. It is now read-only.
Docker v1.13 possibly causes outbound kubernetes container traffic to stop working #1842
Milestone
Comments
|
@aaronlevy we specifically held back 1.13 from the beta channel this time due to these concerns (see #1829). Regardless of whether it explicitly breaks K8s in some configurations, the upstream soak tests and validation haven't been performed against 1.13 yet so it's not "supported" by the Kubelet, whatever "supported" means. |
crawford
added
area/usability
component/docker
kind/bug
priority/P0
team/os
kind/regression
and removed
kind/bug
labels
|
Sounds like this broke it. |
|
I tested this out with Tectonic and didn't see any problems (tested the connection to the load-balanced address as well as the pod address). I'm going to go ahead and close this out. |
|
We tested that together. Didn't notice anything wrong. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Issue Report
Bug
Docker v1.13 changed the default iptables forwarding policy to DROP - which has the possibility of causing outbound kubernetes container traffic to stop working.
See: kubernetes/kubernetes#40182
I'm unsure if / how this directly affects CoreOS installations, as various network plugins could be in use (on-host flannel, or CNI flannel, calico, weave, etc.)
Mostly opening issue as a place to track testing / potential issues.
/cc @Quentin-M as he has done some initial testing with flannel-cni based installation.
Container Linux Version
At time of writing, only release which contains docker v1.13: CoreOS Alpha 1339.0.0
The text was updated successfully, but these errors were encountered: