diff --git a/_topic_maps/_topic_map_ms.yml b/_topic_maps/_topic_map_ms.yml index 38e7cc8dc7..9b33f02e60 100644 --- a/_topic_maps/_topic_map_ms.yml +++ b/_topic_maps/_topic_map_ms.yml @@ -149,7 +149,7 @@ Topics: # File: TBD --- Name: Troubleshooting -Dir: microshift_support +Dir: microshift_troubleshooting Distros: microshift Topics: - Name: MicroShift Troubleshooting diff --git a/microshift_support/_attributes b/microshift_troubleshooting/_attributes similarity index 100% rename from microshift_support/_attributes rename to microshift_troubleshooting/_attributes diff --git a/microshift_support/images b/microshift_troubleshooting/images similarity index 100% rename from microshift_support/images rename to microshift_troubleshooting/images diff --git a/microshift_support/microshift-troubleshooting.adoc b/microshift_troubleshooting/microshift-troubleshooting.adoc similarity index 56% rename from microshift_support/microshift-troubleshooting.adoc rename to microshift_troubleshooting/microshift-troubleshooting.adoc index d151f39d1c..bc674b1ac0 100644 --- a/microshift_support/microshift-troubleshooting.adoc +++ b/microshift_troubleshooting/microshift-troubleshooting.adoc @@ -1,12 +1,15 @@ :_content-type: ASSEMBLY [id="microshift-troubleshooting"] -= MicroShift Troubleshooting += Check your version and known issues include::_attributes/attributes-microshift.adoc[] :context: microshift-troubleshooting toc::[] -Determine which version of {product-title} you have, find out about known issues, and troubleshoot common problems. +Determine which version of {product-title} you have, find out about known issues, and troubleshoot problems. include::modules/microshift-version-cli.adoc[leveloffset=+1] -include::modules/microshift-version-api.adoc[leveloffset=+1] \ No newline at end of file +include::modules/microshift-version-api.adoc[leveloffset=+1] + +include::modules/microshift-ki-cni-iptables-deleted.adoc[leveloffset=+1] + diff --git a/microshift_support/modules b/microshift_troubleshooting/modules similarity index 100% rename from microshift_support/modules rename to microshift_troubleshooting/modules diff --git a/microshift_support/snippets b/microshift_troubleshooting/snippets similarity index 100% rename from microshift_support/snippets rename to microshift_troubleshooting/snippets diff --git a/modules/microshift-k8s-apis.adoc b/modules/microshift-k8s-apis.adoc index 03ca5b75d1..17d4d8e8cb 100644 --- a/modules/microshift-k8s-apis.adoc +++ b/modules/microshift-k8s-apis.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift_support/microshift-version.adoc +// * microshift_troubleshooting/microshift-version.adoc :_content-type: CONCEPT [id="microshift-k8s-apis_{context}"] -= MicroShift Kubernetes APIs += {product-title} Kubernetes APIs - {product-title} supports the following standard Kubernetes APIs: +{product-title} supports the following standard Kubernetes APIs: NOTE: TABLE IS FOR PLACEMENT ONLY (FPO) diff --git a/modules/microshift-ki-cni-iptables-deleted.adoc b/modules/microshift-ki-cni-iptables-deleted.adoc new file mode 100644 index 0000000000..1f06655706 --- /dev/null +++ b/modules/microshift-ki-cni-iptables-deleted.adoc @@ -0,0 +1,80 @@ +// Module included in the following assemblies: +// +// * microshift_support/microshift-version.adoc + +[id="microshift-ki-cni-iptables-deleted_{context}"] += Reloading the firewall deletes iptable rules + +OVN-Kubernetes handles incoming NodePort traffic by using iptable rules. When you reload firewall rules with the `firewall-cmd --reload` command, the iptable rules are deleted. This stops the NodePort service traffic and any other host traffic that uses iptable rules. + +[id="microshift-ki-cni-iptables-deleted-workaround_{context}"] +== Restarting the daemon set pod as a workaround +To troubleshoot this issue, delete the ovnkube-master pod to restart the ovnkube daemon set pod. Restarting the ovnkube daemon set pod will trigger a reconciliation of the iptable rules. + +.Prerequisites + +* The OpenShift CLI (`oc`) is installed. +* Access to the cluster as a user with the `cluster-admin` role. +* A cluster installed on infrastructure configured with the OVN-Kubernetes CNI cluster network provider. +* The KUBECONFIG environment variable is set. + +.Procedure + +Run the commands listed in each step that follows to restore the iptable rules. + +. Stop the ovn-master application: ++ +[source, terminal] +---- +$ pod=$(oc get pods -n openshift-ovn-kubernetes | grep ovnkube-master | awk -F " " '{print $1}') +---- + +. Delete the ovnkube-master pod: ++ +[source, terminal] +---- +$ oc -n openshift-ovn-kubernetes delete pod $pod +---- ++ +This command causes the daemon set pod to be automatically restarted, causing a reconciliation of the iptable rules. + +. Confirm that the iptables have reconciled by running the following command: ++ +[source, terminal] +---- +$ sudo iptables-save | grep NODEPORT +:OVN-KUBE-NODEPORT - [0:0] +-A PREROUTING -j OVN-KUBE-NODEPORT +-A OUTPUT -j OVN-KUBE-NODEPORT +-A OVN-KUBE-NODEPORT -p tcp -m addrtype --dst-type LOCAL -m tcp --dport 30768 -j DNAT --to-destination 10.43.17.173:443 +-A OVN-KUBE-NODEPORT -p tcp -m addrtype --dst-type LOCAL -m tcp --dport 32122 -j DNAT --to-destination 10.43.17.173:80 +---- + +You can also confirm that a new ovnkube-master pod has been started by running the following command: + +[source, terminal] +---- +$ oc get pods -n openshift-ovn-kubernetes +---- +The listing of the running pods shows a new ovnkube-master pod name and age. For example: + +[cols="5",options="header"] +|=== +|NAME +|READY +|STATUS +|RESTARTS +|AGE + +|ovnkube-master-kg7ms +|4/4 +|Running +|0 +|11s + +|ovnkube-node-84gxn +|1/1 +|Running +|0 +|4d22h +|=== diff --git a/modules/microshift-version-api.adoc b/modules/microshift-version-api.adoc index a697954a05..4d51dca57c 100644 --- a/modules/microshift-version-api.adoc +++ b/modules/microshift-version-api.adoc @@ -5,12 +5,12 @@ :_content-type: CONCEPT [id="microshift-version-api_{context}"] -= Checking the {product-title} Version via the API += Checking the {product-title} version using the API .Procedure * To get the version number using the OpenShift CLI (`oc`), view the `kube-public/microshift-version` config map by running the following command: - ++ [source,terminal] ---- $ oc get configmap -n kube-public microshift-version -o yaml diff --git a/modules/microshift-version-cli.adoc b/modules/microshift-version-cli.adoc index 727cdcb349..bf91bb2510 100644 --- a/modules/microshift-version-cli.adoc +++ b/modules/microshift-version-cli.adoc @@ -3,12 +3,12 @@ // * microshift_support/microshift-version.adoc [id="microshift-version-cli_{context}"] -= Checking the {product-title} Version from the command-line += Checking the {product-title} version using the command-line interface .Procedure * Run the following command to check the version information: - ++ [source,terminal] ---- $ microshift version