k3d
k3d copied to clipboard
k3d-io
[BUG] Issue port-forwarding into cluster from macOS
What did you do
-
How was the cluster created?
k3d cluster create --config .tools/k3d-cluster.yaml
# https://k3d.io/v5.4.7/usage/configfile/
apiVersion: k3d.io/v1alpha5
kind: Simple
metadata:
name: simple
ports:
- port: 80:80
nodeFilters:
- loadbalancer
- port: 443:443
nodeFilters:
- loadbalancer
# pg
# https://github.com/k3d-io/k3d/issues/312#issuecomment-899484483
# https://k3d.io/v5.0.1/usage/exposing_services/#2-via-nodeport
- port: 30007:30007
servers: 1
agents: 3
kubeAPI:
host: "api.simple.test" # important for the `server` setting in the kubeconfig
hostIP: "127.0.0.1" # where the Kubernetes API will be listening on
hostPort: "6443"
options:
k3s: # options passed on to K3s itself
extraArgs: # additional arguments passed to the `k3s server|agent` command; same as `--k3s-arg`
- arg: --disable=traefik
nodeFilters:
- server:*
# https://k3d.io/v5.4.7/usage/registries/
registries:
create:
name: docker-io # name of the registry container
proxy:
remoteURL: https://registry-1.docker.io # proxy DockerHub
volumes:
- ${HOME}/dev/docker-io-registry:/var/lib/registry # persist data locally in ~/dev/docker-io-registry
config: | # tell K3s to use this registry when pulling from DockerHub
mirrors:
"docker.io":
endpoint:
- http://docker-io:5000
- What did you do afterwards?
- k3d commands?
- docker commands?
- OS operations (e.g. shutdown/reboot)?
Installed Istio, cert-manager and CrunchyData operator and 10 other services.
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
name: control
namespace: istio-system
spec:
profile: default
namespace: istio-system
tag: 1.18.2
Now I'm trying to do a port-forward:
$ kubectl --context k3d-causiq -n db port-forward $(kubectl --context k3d-causiq -n db get pod --selector postgres-operator.crunchydata.com/cluster=analytics,postgres-operator.crunchydata.com/data=postgres,postgres-operator.crunchydata.com/role=master -o jsonpath='{.items[0].metadata.name}') 30007:5432
Forwarding from 127.0.0.1:30007 -> 5432
Forwarding from [::1]:30007 -> 5432
then I make a connection via pgAdmin:
Handling connection for 30007
Handling connection for 30007
Handling connection for 30007
E0807 15:22:23.609816 9279 portforward.go:409] an error occurred forwarding 30007 -> 5432: error forwarding port 5432 to pod 3b197014edd6b63ae652182572b1072de5ba22c5bb80c8ea6febbbeb8b1530dd, uid : failed to execute portforward in network namespace "/var/run/netns/cni-4bddec3e-f2ca-0251-bf46-b4e559c1e259": read tcp4 127.0.0.1:46466->127.0.0.1:5432: read: connection reset by peer
error: lost connection to pod
The connection is cut immediately. Services inside the cluster that talks with the database work fine.
What did you expect to happen
Not to terminate the socket.
Which OS & Architecture
- output of
k3d runtime-info
arch: aarch64
cgroupdriver: cgroupfs
cgroupversion: "2"
endpoint: /var/run/docker.sock
filesystem: extfs
infoname: docker-desktop
name: docker
os: Docker Desktop
ostype: linux
version: 24.0.2
Which version of k3d
- output of
k3d version
k3d version v5.5.2
k3s version v1.27.4-k3s1 (default)
Which version of docker
- output of
docker versionanddocker info
Client:
Cloud integration: v1.0.35
Version: 24.0.2
API version: 1.43
Go version: go1.20.4
Git commit: cb74dfc
Built: Thu May 25 21:51:16 2023
OS/Arch: darwin/arm64
Context: desktop-linux
Server: Docker Desktop 4.21.1 (114176)
Engine:
Version: 24.0.2
API version: 1.43 (minimum version 1.12)
Go version: go1.20.4
Git commit: 659604f
Built: Thu May 25 21:50:59 2023
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.21
GitCommit: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc:
Version: 1.1.7
GitCommit: v1.1.7-0-g860f061
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Client:
Version: 24.0.2
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.0
Path: /Users/h/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.19.1
Path: /Users/h/.docker/cli-plugins/docker-compose
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/h/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.20
Path: /Users/h/.docker/cli-plugins/docker-extension
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v0.1.0-beta.6
Path: /Users/h/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/h/.docker/cli-plugins/docker-sbom
scan: Docker Scan (Docker Inc.)
Version: v0.26.0
Path: /Users/h/.docker/cli-plugins/docker-scan
scout: Command line tool for Docker Scout (Docker Inc.)
Version: 0.16.1
Path: /Users/h/.docker/cli-plugins/docker-scout
Server:
Containers: 8
Running: 8
Paused: 0
Stopped: 0
Images: 10
Server Version: 24.0.2
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc version: v1.1.7-0-g860f061
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 5.15.49-linuxkit-pr
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 5
Total Memory: 15.61GiB
Name: docker-desktop
ID: 71192638-cb89-4c94-9709-17b0534d2fe2
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
Hi @haf , thanks for opening this issue! Did you test this without istio already? Is the istio-cni-plugin enabled?
