What Kubernetes service/pod is supposed to be listening on port 6784?

9/7/2018

I'm getting repeated

NetworkPlugin cni failed to set up pod \"POD_NAME\" network: unable to allocate IP address: Post http://127.0.0.1:6784/ip/LONG_HEX_ID: dial tcp 127.0.0.1:6784: connect: connection refused"

errors in the kubelet log.

Lot's of questions on the internet with this error message, but I haven't found one where anyone actually says what is supposed to be accepting connections on that port. Which is frustrating because if I had that basic piece of info maybe I could figure out what to start/restart to get things working.

Using Kubernetes 1.10 with weave-net.

-- Brent212
kubernetes
weave

2 Answers

9/7/2018

Is this a brand new cluster? How did you install it? kubeadm?

Have you tried from the docs:

Set /proc/sys/net/bridge/bridge-nf-call-iptables to 1 by running sysctl net.bridge.bridge-nf-call-iptables=1 to pass bridged IPv4 traffic to iptables’ chains. This is a requirement for some CNI plugins to work, for more information please see here

As per the docs

-- Rico
Source: StackOverflow

9/7/2018

as https://www.weave.works/docs/net/latest/faq/ states

Q: Which ports does Weave Net use (e.g. if I am configuring a firewall) ?

You must permit traffic to flow through TCP 6783 and UDP 6783/6784, which are Weave’s control and data ports.

The daemon also uses TCP 6781/6782 for metrics, but you would only need to open up this port if you wish to collect metrics from another host.

The Weave Net daemon listens on localhost (127.0.0.1) TCP port 6784 for commands from other Weave Net components. This port should not be opened to other hosts.

When using encrypted fast datapath, make sure that underlying network does not block ESP traffic (IP protocol 50). For instance on Google Cloud Platform a firewall rule for allowing ESP traffic has to be installed.

so you need to start with debugging your weave-net daemonset.

-- Radek 'Goblin' Pieczonka
Source: StackOverflow