K
Q

Kubernetes pod can't communicate with other pods in the same node

11/19/2021

We are using Kubernetes 1.21.7 , Istio 1.11.4 , Flannel 0.14.0 .

kubectl get nodes
NAME     STATUS   ROLES                  AGE    VERSION
k8s-d0   Ready    control-plane,master   204d   v1.21.7
k8s-d1   Ready    <none>                 204d   v1.21.7
k8s-d2   Ready    <none>                 204d   v1.21.7

If pod-a and pod-b are in the same node, for example k8s-d1, they can't communicate (using curl for example). But if I force pods to be in different nodes, they communicate just fine. This issue only occurs in "istio-system" namespace, but it seems it is not an Istio bug (I already tried opening an issue here , but unsuccessful)

-- brgsousa
istio
kubernetes

Similar Questions

Can't access services on master node via public IP (but I can SSH?)
Is there any less hacky way of passing an Ordinal Index to StatefulSet environment variable?
how to get container host machine ip address and container name in EKS
How to reduce docker pull time during CI build?
Kubectl get svc command throws Access Denied error

1 Answer

11/22/2021

I figured out what was missing: 

modprobe br_netfilter
echo "br_netfilter" >> /etc/modules-load.d/modules.conf

At same point, I restarted those nodes and br_netfilter didn't load up automatically. Now that it is written in /etc/modules-load.d/modules.conf , it does apply on boot.

Thank you for your support.

-- brgsousa
Source: StackOverflow