KPR with DSR and Geneve dispatch, but can not work with native routing mode #30845
Description
Is there an existing issue for this?
- I have searched the existing issues
What happened?
level=fatal msg="failed to start: daemon creation failed: unable to initialize kube-proxy replacement options: Node Port "dsr" mode with geneve dispatch requires geneve tunnel protocol.\nfailed to stop: unable to find controller ipcache-inject-labels" subsys=daemon
The Helm example configuration in a kube-proxy-free environment with DSR and Geneve dispatch enabled would look as follows:
# 1.0: Direct Server Return (DSR) with Geneve[--set loadBalancer.mode=dsr --set loadBalancer.dsrDispatch=geneve]
# https://docs.cilium.io/en/v1.15/network/kubernetes/kubeproxy-free/#direct-server-return-dsr
helm install cilium cilium/cilium --set k8sServiceHost=$controller_node_ip --set k8sServicePort=6443 --version 1.15.0-rc.1 --namespace kube-system --set image.pullPolicy=IfNotPresent --set debug.enabled=true --set debug.verbose="datapath flow kvstore envoy policy" --set bpf.monitorAggregation=none --set monitor.enabled=true --set ipam.mode=cluster-pool --set cluster.name=cilium-lb-dsr-dispatch --set kubeProxyReplacement=true --set routingMode=native --set autoDirectNodeRoutes=true --set ipv4NativeRoutingCIDR="10.0.0.0/8" --set loadBalancer.mode=dsr --set loadBalancer.dsrDispatch=geneve
Cilium Version
cilium image (running): 1.15.0-rc.1
Kernel Version
[root@wluo cilium-lb-dsr-dsrDispatch]$ uname -r
6.5.0-18-generic
Kubernetes Version
[root@wluo cilium-lb-dsr-dsrDispatch]$ dip
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
cilium-lb-dsr-dispatch-control-plane Ready control-plane 6m49s v1.27.3 172.18.0.4 <none> Debian GNU/Linux 11 (bullseye) 6.5.0-18-generic containerd://1.7.1
cilium-lb-dsr-dispatch-worker Ready <none> 6m25s v1.27.3 172.18.0.2 <none> Debian GNU/Linux 11 (bullseye) 6.5.0-18-generic containerd://1.7.1
cilium-lb-dsr-dispatch-worker2 Ready <none> 6m27s v1.27.3 172.18.0.3 <none> Debian GNU/Linux 11 (bullseye) 6.5.0-18-generic containerd://1.7.1
[root@wluo cilium-lb-dsr-dsrDispatch]$
Sysdump
cilium-sysdump-20240219-201537.zip
Relevant log output
level=info msg="Stop hook executed" duration="193.613µs" function="gops.registerGopsHooks.func2 (pkg/gops/cell.go:51)" subsys=hive
level=fatal msg="failed to start: daemon creation failed: unable to initialize kube-proxy replacement options: Node Port \"dsr\" mode with geneve dispatch requires geneve tunnel protocol.\nfailed to stop: unable to find controller ipcache-inject-labels" subsys=daemon
[root@wluo cilium-lb-dsr-dsrDispatch]$
if with geneve tunnel mode, it can be worked as expected.Anything else?
No response
Cilium Users Document
- Are you a user of Cilium? Please add yourself to the Users doc
Code of Conduct
- I agree to follow this project's Code of Conduct
Metadata
Metadata
Assignees
Labels
Impacts bpf/ or low-level forwarding details, including map management and monitor messages.Anything related to our kube-proxy replacement.Impacts load-balancing and Kubernetes service implementationsThis is a bug in the Cilium logic.This was reported by a user in the Cilium community, eg via Slack.More information is required to further debug or fix the issue.