kubevirt: cannot ssh to vm when in masquerade mode
Is this a BUG REPORT or FEATURE REQUEST?:
Uncomment only one, leave it on its own line:
/kind bug
What happened: Can not ssh to vm when the vm in masquerade mode. And the VM cannot access the Internet and cannot connect to the node. What you expected to happen:
How to reproduce it (as minimally and precisely as possible):
spec:
domain:
devices:
disks:
- disk:
bus: virtio
name: rootfs
- disk: {}
name: cloudinitdisk
interfaces:
- masquerade: {}
name: default
ports:
- port: 22
machine:
type: q35
resources:
limits:
cpu: '1'
memory: 2Gi
requests:
cpu: '1'
memory: 2Gi
networks:
- name: default
pod: {}
But I got the result is:
ssh root@192.168.80.4
ssh: connect to host 192.168.80.4 port 22: Connection refused
Anything else we need to know?: This problem exists with both the kube-ovn and calico network CNI plugin.
On the same network CNI plugin, when I dropped the kubevirt version down to 0.36.0, it worked and the above problem disappeared
Environment:
- KubeVirt version (use
virtctl version): v0.44.1+ - Kubernetes version (use
kubectl version): v1.21.4 - VM or VMI specifications: as above
- Cloud provider or hardware configuration:
- OS (e.g. from /etc/os-release): centos7
- Kernel (e.g.
uname -a):3.10.0 - Install tools:
- Others:
The same problem exists in version
kubevirt v0.48.x
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 26 (11 by maintainers)
may be node’s kernel version too low(❤️.15), which leads to nftables not working
Hello @zhhray, this does seem to be the same issue as described here: https://github.com/kubevirt/kubevirt/issues/6620
Could you please provides us with the virt-handler logs (collected from the virt-handler pod that runs on the same node as your VM is scheduled on) and NAT table as described in this comment? https://github.com/kubevirt/kubevirt/issues/6620#issuecomment-1008942320