Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to connect to kube-dns after setting up calico cni #8811

Open
sqaisar opened this issue May 10, 2024 · 10 comments
Open

Failed to connect to kube-dns after setting up calico cni #8811

sqaisar opened this issue May 10, 2024 · 10 comments

Comments

@sqaisar
Copy link

sqaisar commented May 10, 2024
edited

Expected Behavior

Should be able to connect with kube-dns ip from any of the pods

Current Behavior

Fails to connect with kube-dns service ip from within the pod and because of this any operation that needs dns resolution fails inside any of the scheduled pods in the cluster.

Possible Solution

Steps to Reproduce (for bugs)

Context

I've setup kubernetes v1.29 using kubeadm and using tiegra operator for setting up the calico version v3.27.3. All of the calico-nodes are running fine without any restarts and I don't see any obvious errors.
Installation config

apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
  name: default
spec:
  # Configures Calico networking.
  logging:
    cni:
     logSeverity: Debug
  serviceCIDRs:
    - "172.31.0.0/16"
  calicoNetwork:
    # Note: The ipPools section cannot be modified post-install.
    bgp: Disabled
    ipPools:
    - blockSize: 26
      cidr: 192.168.0.0/16
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()

---
I also tried by removing `serviceCIDRs` from the `Installation` manifest because it's defined in kubadm config too `ClusterConfiguration`,  but didn't work for me
# This section configures the Calico API server.
# For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.APIServer
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
  name: default
spec: {}

Nodes

main-k8s-master-1    Ready    control-plane   67m   v1.29.4
main-k8s-master-2    Ready    control-plane   68m   v1.29.4
main-k8s-master-3    Ready    control-plane   67m   v1.29.4
main-k8s-regular-1   Ready    <none>          66m   v1.29.4

All pods in calico-system namespace

NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-7f94fb7cd8-jsqpg   1/1     Running   0          8m29s
calico-node-4b9l6                          1/1     Running   0          8m29s
calico-node-88kqr                          1/1     Running   0          8m29s
calico-node-nsks9                          1/1     Running   0          8m29s
calico-node-zppdr                          1/1     Running   0          8m29s
calico-typha-677c4f7b68-6d6qn              1/1     Running   0          8m29s
calico-typha-677c4f7b68-pqwxb              1/1     Running   0          8m21s
csi-node-driver-7t6zz                      2/2     Running   0          8m29s
csi-node-driver-gpbrz                      2/2     Running   0          8m29s
csi-node-driver-rjbrg                      2/2     Running   0          8m29s
csi-node-driver-s5xhk                      2/2     Running   0          8m29s
ubuntu                                     1/1     Running   0          6m43s

Service kube-dns

kube-dns                        ClusterIP   172.31.0.10     <none>        53/UDP,53/TCP,9153/TCP   62m

From withing the pod I'm able to connect to any external public IP but the dns resolution fails because of timeout. the rest of pods ip allocation and everything works as expected.

ubuntu:~# curl google.com
curl: (6) Could not resolve host: google.com
ubuntu:~# telnet 172.31.0.10 53
telnet: can't connect to remote host (172.31.0.10): Operation timed out
ubuntu:~# telnet 142.250.181.142 443
Connected to 142.250.181.142

Although I'm able to connect with other service IP's for example

ubuntu:~# telnet 172.31.219.128 5473
Connected to 172.31.219.128

I'm sure I've allowed all required ports from the firewall ingress/egress from all the k8s nodes that are listed here
https://docs.tigera.io/calico/latest/getting-started/kubernetes/requirements#network-requirements

Your Environment

  • Calico version: v3.27.3
  • Kubernetes version: v1.29
  • Operating System and version: Ubuntu 22.04
  • Containerd: v1.29.0 SystemdCgroup = true Systemd Groups are configured correctly BTW

I'm new to setting up calico so I'd really appreciate all the help, I can shared the calico-node logs if that's required.
@sqaisar
Copy link
Author

sqaisar commented May 10, 2024

I even allowed communication between workers and masters for all ports from wildcard range 0.0.0.0/0 but that didn't help so I'm sure it's not firewall issue.

@sqaisar
Copy link
Author

sqaisar commented May 10, 2024

Logs from calico-node

Defaulted container "calico-node" out of: calico-node, flexvol-driver (init), install-cni (init)
2024-05-10 21:47:36.985 [INFO][9] startup/startup.go 445: Early log level set to info
2024-05-10 21:47:36.985 [INFO][9] startup/utils.go 126: Using NODENAME environment for node name main-k8s-master-2
2024-05-10 21:47:36.985 [INFO][9] startup/utils.go 138: Determined node name: main-k8s-master-2
2024-05-10 21:47:36.985 [INFO][9] startup/startup.go 95: Starting node main-k8s-master-2 with version v3.27.3
2024-05-10 21:47:36.986 [INFO][9] startup/startup.go 450: Checking datastore connection
2024-05-10 21:47:37.008 [INFO][9] startup/startup.go 474: Datastore connection verified
2024-05-10 21:47:37.009 [INFO][9] startup/startup.go 105: Datastore is ready
2024-05-10 21:47:37.028 [WARNING][9] startup/winutils.go 144: Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
2024-05-10 21:47:37.057 [INFO][9] startup/autodetection_methods.go 103: Using autodetected IPv4 address on interface ens3: 10.140.20.162/24
2024-05-10 21:47:37.057 [INFO][9] startup/startup.go 726: No AS number configured on node resource, using global value
2024-05-10 21:47:37.057 [INFO][9] startup/startup.go 776: found v6= in the kubeadm config map
2024-05-10 21:47:37.063 [INFO][9] startup/startup.go 694: FELIX_IPV6SUPPORT is false through environment variable
2024-05-10 21:47:37.083 [INFO][9] startup/startup.go 222: Using node name: main-k8s-master-2
2024-05-10 21:47:37.083 [INFO][9] startup/utils.go 190: Setting NetworkUnavailable to false
2024-05-10 21:47:37.106 [INFO][9] startup/utils.go 94: removed shutdown timestamp timestamp="2024-05-10T21:44:43Z"
2024-05-10 21:47:37.174 [INFO][19] tunnel-ip-allocator/param_types.go 718: StringSliceParam StringSliceParam raw="docker+"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhak8sservicename"="calico-typha"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacafile"="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthenabled"="true"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacertfile"="/node-certs/tls.crt"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacn"="typha-server"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhakeyfile"="/node-certs/tls.key"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "defaultendpointtohostaction"="ACCEPT"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhak8snamespace"="calico-system"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthport"="9099"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipv6support"="false"
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/config_params.go 491: Merging in config from environment variable: map[defaultendpointtohostaction:ACCEPT healthenabled:true healthport:9099 ipv6support:false typhacafile:/etc/pki/tls/certs/tigera-ca-bundle.crt typhacertfile:/node-certs/tls.crt typhacn:typha-server typhak8snamespace:calico-system typhak8sservicename:calico-typha typhakeyfile:/node-certs/tls.key]
2024-05-10 21:47:37.176 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/node-certs/tls.crt"
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:37.177 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:37.178 [INFO][19] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:37.178 [INFO][19] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/node-certs/tls.key"
2024-05-10 21:47:37.178 [INFO][19] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:37.315 [INFO][19] tunnel-ip-allocator/allocateip.go 340: Current address is still valid, do nothing currentAddr="192.168.168.0" type="vxlanTunnelAddress"
CALICO_NETWORKING_BACKEND is vxlan - no need to run a BGP daemon
Calico node started successfully
2024-05-10 21:47:38.499 [INFO][60] tunnel-ip-allocator/param_types.go 718: StringSliceParam StringSliceParam raw="docker+"
2024-05-10 21:47:38.501 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhak8sservicename"="calico-typha"
2024-05-10 21:47:38.501 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacafile"="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:38.501 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthenabled"="true"
2024-05-10 21:47:38.501 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacertfile"="/node-certs/tls.crt"
2024-05-10 21:47:38.501 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhacn"="typha-server"
2024-05-10 21:47:38.502 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhakeyfile"="/node-certs/tls.key"
2024-05-10 21:47:38.502 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "defaultendpointtohostaction"="ACCEPT"
2024-05-10 21:47:38.502 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "typhak8snamespace"="calico-system"
2024-05-10 21:47:38.502 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "healthport"="9099"
2024-05-10 21:47:38.502 [INFO][60] tunnel-ip-allocator/env_var_loader.go 40: Found felix environment variable: "ipv6support"="false"
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 491: Merging in config from environment variable: map[defaultendpointtohostaction:ACCEPT healthenabled:true healthport:9099 ipv6support:false typhacafile:/etc/pki/tls/certs/tigera-ca-bundle.crt typhacertfile:/node-certs/tls.crt typhacn:typha-server typhak8snamespace:calico-system typhak8sservicename:calico-typha typhakeyfile:/node-certs/tls.key]
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.504 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.505 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.505 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/node-certs/tls.crt"
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/param_types.go 312: Looking for required file path="/node-certs/tls.key"
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.509 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.510 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.510 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.510 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.510 [INFO][60] tunnel-ip-allocator/config_params.go 622: Parsing value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.510 [INFO][60] tunnel-ip-allocator/config_params.go 658: Parsed value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.512 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHAK8SSERVICENAME=calico-typha
2024-05-10 21:47:38.512 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHAK8SNAMESPACE=calico-system
2024-05-10 21:47:38.512 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHAKEYFILE=/node-certs/tls.key
2024-05-10 21:47:38.512 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHACERTFILE=/node-certs/tls.crt
2024-05-10 21:47:38.513 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHACAFILE=/etc/pki/tls/certs/tigera-ca-bundle.crt
2024-05-10 21:47:38.513 [INFO][60] tunnel-ip-allocator/config.go 65: Found FELIX_TYPHACN=typha-server
2024-05-10 21:47:38.513 [INFO][60] tunnel-ip-allocator/discovery.go 179: Creating Kubernetes client for Typha discovery...
2024-05-10 21:47:38.513 [INFO][60] tunnel-ip-allocator/discovery.go 195: (Re)discovering Typha endpoints using the Kubernetes API...
2024-05-10 21:47:38.522 [INFO][58] status-reporter/startup.go 445: Early log level set to info
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHAK8SSERVICENAME=calico-typha
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHAK8SNAMESPACE=calico-system
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHAKEYFILE=/node-certs/tls.key
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHACERTFILE=/node-certs/tls.crt
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHACAFILE=/etc/pki/tls/certs/tigera-ca-bundle.crt
2024-05-10 21:47:38.523 [INFO][58] status-reporter/config.go 65: Found FELIX_TYPHACN=typha-server
2024-05-10 21:47:38.523 [INFO][58] status-reporter/discovery.go 179: Creating Kubernetes client for Typha discovery...
2024-05-10 21:47:38.524 [INFO][58] status-reporter/discovery.go 195: (Re)discovering Typha endpoints using the Kubernetes API...
2024-05-10 21:47:38.531 [WARNING][57] cni-config-monitor/winutils.go 144: Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/discovery.go 250: Found ready Typha addresses. addresses=[]discovery.Typha{discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)}}
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/startsyncerclient.go 69: Connecting to Typha. addr=[]discovery.Typha{discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)}}
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/sync_client.go 189: Starting Typha client... myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/sync_client.go 205: Connecting to typha endpoint 10.140.20.91:5473. myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/sync_client.go 276: Starting Typha client
2024-05-10 21:47:38.538 [INFO][60] tunnel-ip-allocator/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.539 [INFO][60] tunnel-ip-allocator/tlsutils.go 39: Make certificate verifier requiredCN="typha-server" requiredURISAN="" roots=&x509.CertPool{byName:map[string][]int{"0!1\x1f0\x1d\x06\x03U\x04\x03\x13\x16tigera-operator-signer":[]int{0}}, lazyCerts:[]x509.lazyCert{x509.lazyCert{rawSubject:[]uint8{0x30, 0x21, 0x31, 0x1f, 0x30, 0x1d, 0x6, 0x3, 0x55, 0x4, 0x3, 0x13, 0x16, 0x74, 0x69, 0x67, 0x65, 0x72, 0x61, 0x2d, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72}, getCert:(func() (*x509.Certificate, error))(0x722880)}}, haveSum:map[x509.sum224]bool{x509.sum224{0xa9, 0xe9, 0x87, 0x20, 0xc2, 0xa9, 0x57, 0x27, 0x8, 0x41, 0xcb, 0x6a, 0x92, 0x59, 0x19, 0xc, 0x6f, 0xd5, 0x31, 0x4c, 0x24, 0xf1, 0xaa, 0xc7, 0x60, 0x9a, 0x3e, 0xf4}:true}, systemPool:false}
2024-05-10 21:47:38.539 [INFO][60] tunnel-ip-allocator/sync_client.go 329: Connecting to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.541 [INFO][58] status-reporter/discovery.go 250: Found ready Typha addresses. addresses=[]discovery.Typha{discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)}}
2024-05-10 21:47:38.541 [INFO][58] status-reporter/startsyncerclient.go 69: Connecting to Typha. addr=[]discovery.Typha{discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)}}
2024-05-10 21:47:38.541 [INFO][58] status-reporter/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.541 [INFO][58] status-reporter/sync_client.go 189: Starting Typha client... myID=0x1 type="node-status"
2024-05-10 21:47:38.541 [INFO][58] status-reporter/sync_client.go 205: Connecting to typha endpoint 10.140.20.91:5473. myID=0x1 type="node-status"
2024-05-10 21:47:38.541 [INFO][58] status-reporter/sync_client.go 276: Starting Typha client
2024-05-10 21:47:38.541 [INFO][58] status-reporter/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.545 [INFO][60] tunnel-ip-allocator/tlsutils.go 46: Verify certificate chain signing address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.545 [INFO][58] status-reporter/tlsutils.go 39: Make certificate verifier requiredCN="typha-server" requiredURISAN="" roots=&x509.CertPool{byName:map[string][]int{"0!1\x1f0\x1d\x06\x03U\x04\x03\x13\x16tigera-operator-signer":[]int{0}}, lazyCerts:[]x509.lazyCert{x509.lazyCert{rawSubject:[]uint8{0x30, 0x21, 0x31, 0x1f, 0x30, 0x1d, 0x6, 0x3, 0x55, 0x4, 0x3, 0x13, 0x16, 0x74, 0x69, 0x67, 0x65, 0x72, 0x61, 0x2d, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72}, getCert:(func() (*x509.Certificate, error))(0x722880)}}, haveSum:map[x509.sum224]bool{x509.sum224{0xa9, 0xe9, 0x87, 0x20, 0xc2, 0xa9, 0x57, 0x27, 0x8, 0x41, 0xcb, 0x6a, 0x92, 0x59, 0x19, 0xc, 0x6f, 0xd5, 0x31, 0x4c, 0x24, 0xf1, 0xaa, 0xc7, 0x60, 0x9a, 0x3e, 0xf4}:true}, systemPool:false}
2024-05-10 21:47:38.545 [INFO][58] status-reporter/sync_client.go 329: Connecting to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 type="node-status"
2024-05-10 21:47:38.546 [INFO][57] cni-config-monitor/token_watch.go 232: Update of CNI kubeconfig triggered based on elapsed time.
2024-05-10 21:47:38.546 [WARNING][57] cni-config-monitor/winutils.go 144: Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
2024-05-10 21:47:38.547 [INFO][57] cni-config-monitor/token_watch.go 293: Wrote updated CNI kubeconfig file. path="/host/etc/cni/net.d/calico-kubeconfig"
2024-05-10 21:47:38.549 [INFO][58] status-reporter/tlsutils.go 46: Verify certificate chain signing address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 type="node-status"
2024-05-10 21:47:38.553 [INFO][58] status-reporter/sync_client.go 363: Connected to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 type="node-status"
2024-05-10 21:47:38.554 [INFO][58] status-reporter/sync_client.go 211: Successfully connected to Typha at 10.140.20.91:5473. myID=0x1 type="node-status"
2024-05-10 21:47:38.554 [INFO][58] status-reporter/sync_client.go 411: Started Typha client main loop connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 type="node-status"
2024-05-10 21:47:38.554 [INFO][60] tunnel-ip-allocator/sync_client.go 363: Connected to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.554 [INFO][60] tunnel-ip-allocator/sync_client.go 211: Successfully connected to Typha at 10.140.20.91:5473. myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.554 [INFO][60] tunnel-ip-allocator/sync_client.go 411: Started Typha client main loop connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 type="tunnel-ip-allocation"
2024-05-10 21:47:38.555 [INFO][58] status-reporter/sync_client.go 454: ServerHello message received connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 serverConnID=0x4 serverMsg=syncproto.MsgServerHello{Version:"v3.27.3", SyncerType:"node-status", SupportsNodeResourceUpdates:true, ServerConnID:0x4} type="node-status"
2024-05-10 21:47:38.555 [INFO][58] status-reporter/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} msg=syncproto.MsgDecoderRestart{Message:"enable compression: snappy;send binary snapshot", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0x4 type="node-status"
2024-05-10 21:47:38.555 [INFO][58] status-reporter/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 serverConnID=0x4 type="node-status"
2024-05-10 21:47:38.556 [INFO][58] status-reporter/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} msg=syncproto.MsgDecoderRestart{Message:"End of compressed snapshot.", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0x4 type="node-status"
2024-05-10 21:47:38.556 [INFO][58] status-reporter/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 serverConnID=0x4 type="node-status"
2024-05-10 21:47:38.558 [INFO][58] status-reporter/sync_client.go 486: Status update from Typha. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000b227c0)} myID=0x1 newStatus=in-sync serverConnID=0x4 type="node-status"
2024-05-10 21:47:38.564 [INFO][60] tunnel-ip-allocator/sync_client.go 454: ServerHello message received connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 serverConnID=0x3 serverMsg=syncproto.MsgServerHello{Version:"v3.27.3", SyncerType:"tunnel-ip-allocation", SupportsNodeResourceUpdates:true, ServerConnID:0x3} type="tunnel-ip-allocation"
2024-05-10 21:47:38.565 [INFO][60] tunnel-ip-allocator/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} msg=syncproto.MsgDecoderRestart{Message:"enable compression: snappy;send binary snapshot", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0x3 type="tunnel-ip-allocation"
2024-05-10 21:47:38.565 [INFO][60] tunnel-ip-allocator/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 serverConnID=0x3 type="tunnel-ip-allocation"
2024-05-10 21:47:38.570 [INFO][60] tunnel-ip-allocator/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} msg=syncproto.MsgDecoderRestart{Message:"End of compressed snapshot.", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0x3 type="tunnel-ip-allocation"
2024-05-10 21:47:38.570 [INFO][60] tunnel-ip-allocator/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 serverConnID=0x3 type="tunnel-ip-allocation"
2024-05-10 21:47:38.572 [INFO][60] tunnel-ip-allocator/sync_client.go 486: Status update from Typha. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc0004be620)} myID=0x1 newStatus=in-sync serverConnID=0x3 type="tunnel-ip-allocation"
2024-05-10 21:47:38.578 [INFO][62] felix/daemon.go 398: Successfully loaded configuration. GOMAXPROCS=4 builddate="2024-04-01T18:15:19+0000" config=&config.Config{UseInternalDataplaneDriver:true, DataplaneDriver:"calico-iptables-plugin", DataplaneWatchdogTimeout:90000000000, WireguardEnabled:false, WireguardEnabledV6:false, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardRoutingRulePriority:99, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardMTU:0, WireguardMTUV6:0, WireguardHostEncryptionEnabled:false, WireguardPersistentKeepAlive:0, BPFEnabled:false, BPFDisableUnprivileged:true, BPFLogLevel:"off", BPFLogFilters:map[string]string(nil), BPFCTLBLogFilter:"", BPFDataIfacePattern:(*regexp.Regexp)(0xc0005d03c0), BPFL3IfacePattern:(*regexp.Regexp)(nil), BPFConnectTimeLoadBalancingEnabled:false, BPFConnectTimeLoadBalancing:"TCP", BPFHostNetworkedNATWithoutCTLB:"Enabled", BPFExternalServiceMode:"tunnel", BPFDSROptoutCIDRs:[]string(nil), BPFKubeProxyIptablesCleanupEnabled:true, BPFKubeProxyMinSyncPeriod:1000000000, BPFKubeProxyEndpointSlicesEnabled:true, BPFExtToServiceConnmark:0, BPFPSNATPorts:numorstring.Port{MinPort:0x4e20, MaxPort:0x752f, PortName:""}, BPFMapSizeNATFrontend:65536, BPFMapSizeNATBackend:262144, BPFMapSizeNATAffinity:65536, BPFMapSizeRoute:262144, BPFMapSizeConntrack:512000, BPFMapSizeIPSets:1048576, BPFMapSizeIfState:1000, BPFHostConntrackBypass:true, BPFEnforceRPF:"Loose", BPFPolicyDebugEnabled:true, BPFForceTrackPacketsFromIfaces:[]string{"docker+"}, BPFDisableGROForIfaces:(*regexp.Regexp)(nil), BPFExcludeCIDRsFromNAT:[]string(nil), DebugBPFCgroupV2:"", DebugBPFMapRepinEnabled:false, DatastoreType:"kubernetes", FelixHostname:"main-k8s-master-2", EtcdAddr:"127.0.0.1:2379", EtcdScheme:"http", EtcdKeyFile:"", EtcdCertFile:"", EtcdCaFile:"", EtcdEndpoints:[]string(nil), TyphaAddr:"", TyphaK8sServiceName:"calico-typha", TyphaK8sNamespace:"calico-system", TyphaReadTimeout:30000000000, TyphaWriteTimeout:10000000000, TyphaKeyFile:"/node-certs/tls.key", TyphaCertFile:"/node-certs/tls.crt", TyphaCAFile:"/etc/pki/tls/certs/tigera-ca-bundle.crt", TyphaCN:"typha-server", TyphaURISAN:"", Ipv6Support:false, IptablesBackend:"auto", RouteRefreshInterval:90000000000, InterfaceRefreshInterval:90000000000, DeviceRouteSourceAddress:net.IP(nil), DeviceRouteSourceAddressIPv6:net.IP(nil), DeviceRouteProtocol:3, RemoveExternalRoutes:true, IptablesRefreshInterval:180000000000, IptablesPostWriteCheckIntervalSecs:5000000000, IptablesLockFilePath:"/run/xtables.lock", IptablesLockTimeoutSecs:0, IptablesLockProbeIntervalMillis:50000000, FeatureDetectOverride:map[string]string(nil), FeatureGates:map[string]string(nil), IpsetsRefreshInterval:10000000000, MaxIpsetSize:1048576, XDPRefreshInterval:90000000000, PolicySyncPathPrefix:"", NetlinkTimeoutSecs:10000000000, MetadataAddr:"", MetadataPort:8775, OpenstackRegion:"", InterfacePrefix:"cali", InterfaceExclude:[]*regexp.Regexp{(*regexp.Regexp)(0xc0005d0640)}, ChainInsertMode:"insert", DefaultEndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", IptablesFilterDenyAction:"DROP", LogPrefix:"calico-packet", LogFilePath:"", LogSeverityFile:"", LogSeverityScreen:"INFO", LogSeveritySys:"", LogDebugFilenameRegex:(*regexp.Regexp)(nil), VXLANEnabled:(*bool)(nil), VXLANPort:4789, VXLANVNI:4096, VXLANMTU:0, VXLANMTUV6:0, IPv4VXLANTunnelAddr:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xc0, 0xa8, 0xa8, 0x0}, IPv6VXLANTunnelAddr:net.IP(nil), VXLANTunnelMACAddr:"", VXLANTunnelMACAddrV6:"", IpInIpEnabled:(*bool)(nil), IpInIpMtu:0, IpInIpTunnelAddr:net.IP(nil), FloatingIPs:"Disabled", WindowsManageFirewallRules:"Disabled", AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, AWSSrcDstCheck:"DoNothing", ServiceLoopPrevention:"Drop", WorkloadSourceSpoofing:"Disabled", ReportingIntervalSecs:0, ReportingTTLSecs:90000000000, EndpointReportingEnabled:false, EndpointReportingDelaySecs:1000000000, IptablesMarkMask:0xffff0000, DisableConntrackInvalidCheck:false, HealthEnabled:true, HealthPort:9099, HealthHost:"localhost", HealthTimeoutOverrides:map[string]time.Duration(nil), PrometheusMetricsEnabled:false, PrometheusMetricsHost:"", PrometheusMetricsPort:9091, PrometheusGoMetricsEnabled:true, PrometheusProcessMetricsEnabled:true, PrometheusWireGuardMetricsEnabled:true, FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, NATOutgoingAddress:net.IP(nil), UsageReportingEnabled:true, UsageReportingInitialDelaySecs:300000000000, UsageReportingIntervalSecs:86400000000000, ClusterGUID:"a67d29bc359f4aa2a450000b755000d7", ClusterType:"typha,kdd,k8s,operator,kubeadm", CalicoVersion:"v3.27.3", ExternalNodesCIDRList:[]string(nil), DebugMemoryProfilePath:"", DebugCPUProfilePath:"/tmp/felix-cpu-<timestamp>.pprof", DebugDisableLogDropping:false, DebugSimulateCalcGraphHangAfter:0, DebugSimulateDataplaneHangAfter:0, DebugPanicAfter:0, DebugSimulateDataRace:false, RouteSource:"CalicoIPAM", RouteTableRange:idalloc.IndexRange{Min:0, Max:0}, RouteTableRanges:[]idalloc.IndexRange(nil), RouteSyncDisabled:false, IptablesNATOutgoingInterfaceFilter:"", SidecarAccelerationEnabled:false, XDPEnabled:true, GenericXDPEnabled:false, Variant:"Calico", MTUIfacePattern:(*regexp.Regexp)(0xc0005d0b40), Encapsulation:config.Encapsulation{IPIPEnabled:false, VXLANEnabled:true, VXLANEnabledV6:false}, internalOverrides:map[string]string{}, sourceToRawConfig:map[config.Source]map[string]string{0x1:map[string]string{"BPFConnectTimeLoadBalancing":"TCP", "BPFHostNetworkedNATWithoutCTLB":"Enabled", "CalicoVersion":"v3.27.3", "ClusterGUID":"a67d29bc359f4aa2a450000b755000d7", "ClusterType":"typha,kdd,k8s,operator,kubeadm", "FloatingIPs":"Disabled", "HealthPort":"9099", "LogSeverityScreen":"Info", "ReportingIntervalSecs":"0", "VXLANVNI":"4096"}, 0x2:map[string]string{"IPv4VXLANTunnelAddr":"192.168.168.0"}, 0x3:map[string]string{"LogFilePath":"None", "LogSeverityFile":"None", "LogSeveritySys":"None", "MetadataAddr":"None"}, 0x4:map[string]string{"datastoretype":"kubernetes", "defaultendpointtohostaction":"ACCEPT", "felixhostname":"main-k8s-master-2", "healthenabled":"true", "healthport":"9099", "ipv6support":"false", "typhacafile":"/etc/pki/tls/certs/tigera-ca-bundle.crt", "typhacertfile":"/node-certs/tls.crt", "typhacn":"typha-server", "typhak8snamespace":"calico-system", "typhak8sservicename":"calico-typha", "typhakeyfile":"/node-certs/tls.key"}}, rawValues:map[string]string{"BPFConnectTimeLoadBalancing":"TCP", "BPFHostNetworkedNATWithoutCTLB":"Enabled", "CalicoVersion":"v3.27.3", "ClusterGUID":"a67d29bc359f4aa2a450000b755000d7", "ClusterType":"typha,kdd,k8s,operator,kubeadm", "DatastoreType":"kubernetes", "DefaultEndpointToHostAction":"ACCEPT", "FelixHostname":"main-k8s-master-2", "FloatingIPs":"Disabled", "HealthEnabled":"true", "HealthPort":"9099", "IPv4VXLANTunnelAddr":"192.168.168.0", "Ipv6Support":"false", "LogFilePath":"None", "LogSeverityFile":"None", "LogSeverityScreen":"Info", "LogSeveritySys":"None", "MetadataAddr":"None", "ReportingIntervalSecs":"0", "TyphaCAFile":"/etc/pki/tls/certs/tigera-ca-bundle.crt", "TyphaCN":"typha-server", "TyphaCertFile":"/node-certs/tls.crt", "TyphaK8sNamespace":"calico-system", "TyphaK8sServiceName":"calico-typha", "TyphaKeyFile":"/node-certs/tls.key", "VXLANVNI":"4096"}, Err:error(nil), loadClientConfigFromEnvironment:(func() (*apiconfig.CalicoAPIConfig, error))(0x15c5580), useNodeResourceUpdates:false} gitcommit="638464f946657417dd4900724112eb844ce5be03" version="v3.27.3"
2024-05-10 21:47:38.579 [INFO][62] felix/driver.go 74: Using internal (linux) dataplane driver.
2024-05-10 21:47:38.580 [INFO][62] felix/driver.go 159: Calculated iptables mark bits acceptMark=0x10000 endpointMark=0xfff00000 endpointMarkNonCali=0x0 passMark=0x20000 scratch0Mark=0x40000 scratch1Mark=0x80000
2024-05-10 21:47:38.589 [INFO][62] felix/int_dataplane.go 363: Creating internal dataplane driver. config=intdataplane.Config{Hostname:"main-k8s-master-2", NodeZone:"compute", IPv6Enabled:false, RuleRendererOverride:rules.RuleRenderer(nil), IPIPMTU:0, VXLANMTU:0, VXLANMTUV6:0, VXLANPort:4789, MaxIPSetSize:1048576, RouteSyncDisabled:false, IptablesBackend:"auto", IPSetsRefreshInterval:10000000000, RouteRefreshInterval:90000000000, DeviceRouteSourceAddress:net.IP(nil), DeviceRouteSourceAddressIPv6:net.IP(nil), DeviceRouteProtocol:3, RemoveExternalRoutes:true, IptablesRefreshInterval:180000000000, IptablesPostWriteCheckInterval:5000000000, IptablesInsertMode:"insert", IptablesLockFilePath:"/run/xtables.lock", IptablesLockTimeout:0, IptablesLockProbeInterval:50000000, XDPRefreshInterval:90000000000, FloatingIPsEnabled:false, Wireguard:wireguard.Config{Enabled:false, EnabledV6:false, ListeningPort:51820, ListeningPortV6:51821, FirewallMark:0, RoutingRulePriority:99, RoutingTableIndex:1, RoutingTableIndexV6:2, InterfaceName:"wireguard.cali", InterfaceNameV6:"wg-v6.cali", MTU:0, MTUV6:0, RouteSource:"CalicoIPAM", EncryptHostTraffic:false, PersistentKeepAlive:0, RouteSyncDisabled:false}, NetlinkTimeout:10000000000, RulesConfig:rules.Config{IPSetConfigV4:(*ipsets.IPVersionConfig)(0xc0002802d0), IPSetConfigV6:(*ipsets.IPVersionConfig)(0xc0002803c0), WorkloadIfacePrefixes:[]string{"cali"}, IptablesMarkAccept:0x10000, IptablesMarkPass:0x20000, IptablesMarkScratch0:0x40000, IptablesMarkScratch1:0x80000, IptablesMarkEndpoint:0xfff00000, IptablesMarkNonCaliEndpoint:0x0, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, KubeIPVSSupportEnabled:false, OpenStackMetadataIP:net.IP(nil), OpenStackMetadataPort:0x2247, OpenStackSpecialCasesEnabled:false, VXLANEnabled:true, VXLANEnabledV6:false, VXLANPort:4789, VXLANVNI:4096, IPIPEnabled:false, FelixConfigIPIPEnabled:(*bool)(nil), IPIPTunnelAddress:net.IP(nil), VXLANTunnelAddress:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xc0, 0xa8, 0xa8, 0x0}, VXLANTunnelAddressV6:net.IP(nil), AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, WireguardEnabled:false, WireguardEnabledV6:false, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardIptablesMark:0x0, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardEncryptHostTraffic:false, RouteSource:"CalicoIPAM", IptablesLogPrefix:"calico-packet", EndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", IptablesFilterDenyAction:"DROP", FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, DisableConntrackInvalid:false, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, IptablesNATOutgoingInterfaceFilter:"", NATOutgoingAddress:net.IP(nil), BPFEnabled:false, BPFForceTrackPacketsFromIfaces:[]string{"docker+"}, ServiceLoopPrevention:"Drop"}, IfaceMonitorConfig:ifacemonitor.Config{InterfaceExcludes:[]*regexp.Regexp{(*regexp.Regexp)(0xc0005d0640)}, ResyncInterval:90000000000, NetlinkTimeout:10000000000}, StatusReportingInterval:0, ConfigChangedRestartCallback:(func())(0x2c7e8c0), FatalErrorRestartCallback:(func(error))(0x2c7e7a0), PostInSyncCallback:(func())(0x2c6d280), HealthAggregator:(*health.HealthAggregator)(0xc0005d7e00), WatchdogTimeout:90000000000, RouteTableManager:(*idalloc.IndexAllocator)(0xc000075820), DebugSimulateDataplaneHangAfter:0, ExternalNodesCidrs:[]string(nil), BPFEnabled:false, BPFPolicyDebugEnabled:true, BPFDisableUnprivileged:true, BPFKubeProxyIptablesCleanupEnabled:true, BPFLogLevel:"off", BPFLogFilters:map[string]string(nil), BPFCTLBLogFilter:"", BPFExtToServiceConnmark:0, BPFDataIfacePattern:(*regexp.Regexp)(0xc0005d03c0), BPFL3IfacePattern:(*regexp.Regexp)(nil), XDPEnabled:true, XDPAllowGeneric:false, BPFConntrackTimeouts:conntrack.Timeouts{CreationGracePeriod:10000000000, TCPPreEstablished:20000000000, TCPEstablished:3600000000000, TCPFinsSeen:30000000000, TCPResetSeen:40000000000, UDPLastSeen:60000000000, GenericIPLastSeen:600000000000, ICMPLastSeen:5000000000}, BPFCgroupV2:"", BPFConnTimeLBEnabled:false, BPFConnTimeLB:"TCP", BPFHostNetworkedNAT:"Enabled", BPFMapRepin:false, BPFNodePortDSREnabled:false, BPFDSROptoutCIDRs:[]string(nil), BPFPSNATPorts:numorstring.Port{MinPort:0x4e20, MaxPort:0x752f, PortName:""}, BPFMapSizeRoute:262144, BPFMapSizeConntrack:512000, BPFMapSizeNATFrontend:65536, BPFMapSizeNATBackend:262144, BPFMapSizeNATAffinity:65536, BPFMapSizeIPSets:1048576, BPFMapSizeIfState:1000, BPFIpv6Enabled:false, BPFHostConntrackBypass:true, BPFEnforceRPF:"Loose", BPFDisableGROForIfaces:(*regexp.Regexp)(nil), BPFExcludeCIDRsFromNAT:[]string(nil), KubeProxyMinSyncPeriod:1000000000, SidecarAccelerationEnabled:false, LookPathOverride:(func(string) (string, error))(nil), KubeClientSet:(*kubernetes.Clientset)(0xc0005e0ea0), FeatureDetectOverrides:map[string]string(nil), FeatureGates:map[string]string(nil), hostMTU:0, MTUIfacePattern:(*regexp.Regexp)(0xc0005d0b40), RouteSource:"CalicoIPAM", KubernetesProvider:0x0}
2024-05-10 21:47:38.589 [INFO][62] felix/rule_defs.go 381: Creating rule renderer. config=rules.Config{IPSetConfigV4:(*ipsets.IPVersionConfig)(0xc0002802d0), IPSetConfigV6:(*ipsets.IPVersionConfig)(0xc0002803c0), WorkloadIfacePrefixes:[]string{"cali"}, IptablesMarkAccept:0x10000, IptablesMarkPass:0x20000, IptablesMarkScratch0:0x40000, IptablesMarkScratch1:0x80000, IptablesMarkEndpoint:0xfff00000, IptablesMarkNonCaliEndpoint:0x0, KubeNodePortRanges:[]numorstring.Port{numorstring.Port{MinPort:0x7530, MaxPort:0x7fff, PortName:""}}, KubeIPVSSupportEnabled:false, OpenStackMetadataIP:net.IP(nil), OpenStackMetadataPort:0x2247, OpenStackSpecialCasesEnabled:false, VXLANEnabled:true, VXLANEnabledV6:false, VXLANPort:4789, VXLANVNI:4096, IPIPEnabled:false, FelixConfigIPIPEnabled:(*bool)(nil), IPIPTunnelAddress:net.IP(nil), VXLANTunnelAddress:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xc0, 0xa8, 0xa8, 0x0}, VXLANTunnelAddressV6:net.IP(nil), AllowVXLANPacketsFromWorkloads:false, AllowIPIPPacketsFromWorkloads:false, WireguardEnabled:false, WireguardEnabledV6:false, WireguardInterfaceName:"wireguard.cali", WireguardInterfaceNameV6:"wg-v6.cali", WireguardIptablesMark:0x0, WireguardListeningPort:51820, WireguardListeningPortV6:51821, WireguardEncryptHostTraffic:false, RouteSource:"CalicoIPAM", IptablesLogPrefix:"calico-packet", EndpointToHostAction:"ACCEPT", IptablesFilterAllowAction:"ACCEPT", IptablesMangleAllowAction:"ACCEPT", IptablesFilterDenyAction:"DROP", FailsafeInboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"tcp", Port:0x16}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x44}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, FailsafeOutboundHostPorts:[]config.ProtoPort{config.ProtoPort{Net:"", Protocol:"udp", Port:0x35}, config.ProtoPort{Net:"", Protocol:"udp", Port:0x43}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0xb3}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x94c}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1561}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x192b}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0a}, config.ProtoPort{Net:"", Protocol:"tcp", Port:0x1a0b}}, DisableConntrackInvalid:false, NATPortRange:numorstring.Port{MinPort:0x0, MaxPort:0x0, PortName:""}, IptablesNATOutgoingInterfaceFilter:"", NATOutgoingAddress:net.IP(nil), BPFEnabled:false, BPFForceTrackPacketsFromIfaces:[]string{"docker+"}, ServiceLoopPrevention:"Drop"}
2024-05-10 21:47:38.589 [INFO][62] felix/rule_defs.go 391: packets that are not passed by any policy or profile will be dropped.
2024-05-10 21:47:38.590 [INFO][62] felix/rule_defs.go 406: Workload to host packets will be accepted.
2024-05-10 21:47:38.590 [INFO][62] felix/rule_defs.go 420: filter table allowed packets will be accepted immediately.
2024-05-10 21:47:38.590 [INFO][62] felix/rule_defs.go 428: mangle table allowed packets will be accepted immediately.
2024-05-10 21:47:38.590 [INFO][62] felix/rule_defs.go 436: Packets to unknown service IPs will be dropped
2024-05-10 21:47:38.590 [INFO][62] felix/int_dataplane.go 1157: Determined pod MTU mtu=1450
2024-05-10 21:47:38.590 [INFO][62] felix/iface_monitor.go 92: configured to periodically rescan interfaces. interval=1m30s
2024-05-10 21:47:38.591 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"ip6tables-nft-save", "ip6tables-save"} command="ip6tables-nft-save" ipVersion=0x6 saveOrRestore="save"
2024-05-10 21:47:38.591 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-05-10 21:47:38.611 [INFO][62] felix/feature_detect_linux.go 170: Updating detected iptables features features=environment.Features{SNATFullyRandom:true, MASQFullyRandom:true, RestoreSupportsLock:true, ChecksumOffloadBroken:true, IPIPDeviceIsL3:true, KernelSideRouteFiltering:true} iptablesVersion=1.8.8 kernelVersion=5.15.0-106
2024-05-10 21:47:38.612 [INFO][62] felix/table.go 344: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-05-10 21:47:38.612 [INFO][62] felix/table.go 462: Enabling iptables-in-nftables-mode workarounds.
2024-05-10 21:47:38.612 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-05-10 21:47:38.612 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-05-10 21:47:38.612 [INFO][62] felix/table.go 344: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-|-A POSTROUTING .* felix-masq-ipam-pools .*|-A POSTROUTING -o tunl0 -m addrtype ! --src-type LOCAL --limit-iface-out -m addrtype --src-type LOCAL -j MASQUERADE"
2024-05-10 21:47:38.612 [INFO][62] felix/table.go 462: Enabling iptables-in-nftables-mode workarounds.
2024-05-10 21:47:38.612 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-05-10 21:47:38.612 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-05-10 21:47:38.613 [INFO][62] felix/table.go 344: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-05-10 21:47:38.613 [INFO][62] felix/table.go 462: Enabling iptables-in-nftables-mode workarounds.
2024-05-10 21:47:38.613 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-05-10 21:47:38.613 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-05-10 21:47:38.613 [INFO][62] felix/table.go 344: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-05-10 21:47:38.613 [INFO][62] felix/table.go 462: Enabling iptables-in-nftables-mode workarounds.
2024-05-10 21:47:38.613 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-restore", "iptables-restore"} command="iptables-nft-restore" ipVersion=0x4 saveOrRestore="restore"
2024-05-10 21:47:38.613 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"iptables-nft-save", "iptables-save"} command="iptables-nft-save" ipVersion=0x4 saveOrRestore="save"
2024-05-10 21:47:38.613 [INFO][62] felix/route_table.go 324: Calculated interface name regexp ifaceRegex="^vxlan.calico$" ipVersion=0x4 tableIndex=254
2024-05-10 21:47:38.614 [INFO][62] felix/route_table.go 317: No interface matches required for routetable ipVersion=0x4 tableIndex=254
2024-05-10 21:47:38.614 [INFO][62] felix/vxlan_mgr.go 535: VXLAN tunnel device thread started. ipVersion=0x4 mtu=1450 wait=10s xsumBroken=true
2024-05-10 21:47:38.617 [INFO][62] felix/int_dataplane.go 541: XDP acceleration enabled.
2024-05-10 21:47:38.623 [INFO][62] felix/table.go 344: Calculated old-insert detection regex. pattern="(?:-j|--jump) cali-|(?:-j|--jump) califw-|(?:-j|--jump) calitw-|(?:-j|--jump) califh-|(?:-j|--jump) calith-|(?:-j|--jump) calipi-|(?:-j|--jump) calipo-|(?:-j|--jump) felix-"
2024-05-10 21:47:38.623 [INFO][62] felix/table.go 462: Enabling iptables-in-nftables-mode workarounds.
2024-05-10 21:47:38.623 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"ip6tables-nft-restore", "ip6tables-restore"} command="ip6tables-nft-restore" ipVersion=0x6 saveOrRestore="restore"
2024-05-10 21:47:38.623 [INFO][62] felix/feature_detect_linux.go 410: Looked up iptables command backendMode="nft" candidates=[]string{"ip6tables-nft-save", "ip6tables-save"} command="ip6tables-nft-save" ipVersion=0x6 saveOrRestore="save"
2024-05-10 21:47:38.625 [INFO][62] felix/connecttime.go 57: Running bpftool to look up programs attached to cgroup args=[]string{"bpftool", "-j", "-p", "cgroup", "show", "/run/calico/cgroup"}
2024-05-10 21:47:38.637 [INFO][62] felix/route_table.go 324: Calculated interface name regexp ifaceRegex="^cali.*" ipVersion=0x4 tableIndex=254
2024-05-10 21:47:38.637 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="all-ipam-pools" setType="hash:net"
2024-05-10 21:47:38.638 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="masq-ipam-pools" setType="hash:net"
2024-05-10 21:47:38.638 [INFO][62] felix/route_table.go 324: Calculated interface name regexp ifaceRegex="^wireguard.cali$" ipVersion=0x4 tableIndex=1
2024-05-10 21:47:38.638 [INFO][62] felix/int_dataplane.go 1051: Registering to report health.
2024-05-10 21:47:38.642 [INFO][62] felix/int_dataplane.go 2060: attempted to modprobe nf_conntrack_proto_sctp error=exit status 1 output=""
2024-05-10 21:47:38.643 [INFO][62] felix/int_dataplane.go 2062: Making sure IPv4 forwarding is enabled.
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-in" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-out" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-PREROUTING" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-rpf-skip" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-from-host-endpoint" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.644 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-wireguard-incoming-mark" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.645 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-OUTPUT" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.645 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-to-host-endpoint" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.645 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-PREROUTING" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.645 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-OUTPUT" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.646 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-FORWARD" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.646 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-from-hep-forward" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.646 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-from-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.646 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-to-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.646 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-to-hep-forward" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.647 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-cidr-block" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.647 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-INPUT" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.647 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-wl-to-host" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.647 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-from-host-endpoint" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.647 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-wl-to-host" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-in" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-OUTPUT" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-to-host-endpoint" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-out" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-FORWARD" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.648 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-INPUT" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-OUTPUT" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-PREROUTING" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-fip-dnat" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-POSTROUTING" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-fip-snat" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.649 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-nat-outgoing" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.650 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-OUTPUT" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.650 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-PREROUTING" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-POSTROUTING" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-OUTPUT" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-in" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-failsafe-out" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-PREROUTING" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-from-host-endpoint" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.651 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-POSTROUTING" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.652 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-to-host-endpoint" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.652 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-PREROUTING" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.652 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-POSTROUTING" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1800: Set XDP failsafe ports: [{Net: Protocol:tcp Port:22} {Net: Protocol:udp Port:68} {Net: Protocol:tcp Port:179} {Net: Protocol:tcp Port:2379} {Net: Protocol:tcp Port:2380} {Net: Protocol:tcp Port:5473} {Net: Protocol:tcp Port:6443} {Net: Protocol:tcp Port:6666} {Net: Protocol:tcp Port:6667}]
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1495: IPIP disabled. Not starting tunnel update thread.
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1829: Started internal iptables dataplane driver loop
2024-05-10 21:47:38.741 [INFO][62] felix/daemon.go 440: Connect to the dataplane driver.
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1934: Will refresh IP sets on timer interval=10s
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 2323: Started internal status report thread
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1934: Will refresh routes on timer interval=1m30s
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 2325: Process status reports disabled
2024-05-10 21:47:38.741 [INFO][62] felix/int_dataplane.go 1934: Will refresh XDP state on timer interval=1m30s
2024-05-10 21:47:38.742 [INFO][62] felix/iface_monitor.go 117: Interface monitoring thread started.
2024-05-10 21:47:38.741 [INFO][62] felix/daemon.go 497: Connecting to Typha.
2024-05-10 21:47:38.742 [INFO][62] felix/iface_monitor.go 137: Subscribed to netlink updates.
2024-05-10 21:47:38.742 [INFO][62] felix/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.742 [INFO][62] felix/daemon.go 522: Created Syncer syncer=<nil>
2024-05-10 21:47:38.742 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=1 ifaceName="lo" state="up"
2024-05-10 21:47:38.742 [INFO][62] felix/daemon.go 534: Starting the Typha connection...
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"lo", State:"up", Index:1}
2024-05-10 21:47:38.743 [INFO][62] felix/sync_client.go 189: Starting Typha client... myID=0x1 type=""
2024-05-10 21:47:38.743 [INFO][62] felix/sync_client.go 205: Connecting to typha endpoint 10.140.20.91:5473. myID=0x1 type=""
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{127.0.0.1,::1,127.0.0.0} ifaceName="lo"
2024-05-10 21:47:38.743 [INFO][62] felix/sync_client.go 276: Starting Typha client
2024-05-10 21:47:38.743 [INFO][62] felix/sync_client.go 91:  requiringTLS=true
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"lo", Addrs:set.Typed[string]{"127.0.0.0":set.v{}, "127.0.0.1":set.v{}, "::1":set.v{}}}
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=2 ifaceName="ens3" state="up"
2024-05-10 21:47:38.743 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"lo", Addrs:set.Typed[string]{"127.0.0.0":set.v{}, "127.0.0.1":set.v{}, "::1":set.v{}}}
2024-05-10 21:47:38.743 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{fe80::f816:3eff:fed0:7178,10.140.20.162} ifaceName="ens3"
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"ens3", State:"up", Index:2}
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=6 ifaceName="vxlan.calico" state="up"
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"ens3", Addrs:set.Typed[string]{"10.140.20.162":set.v{}, "fe80::f816:3eff:fed0:7178":set.v{}}}
2024-05-10 21:47:38.743 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"ens3", Addrs:set.Typed[string]{"10.140.20.162":set.v{}, "fe80::f816:3eff:fed0:7178":set.v{}}}
2024-05-10 21:47:38.743 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2024-05-10 21:47:38.743 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{fe80::642d:6aff:fe01:7c51,192.168.168.0} ifaceName="vxlan.calico"
2024-05-10 21:47:38.744 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"vxlan.calico", State:"up", Index:6}
2024-05-10 21:47:38.744 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"vxlan.calico", Addrs:set.Typed[string]{"192.168.168.0":set.v{}, "fe80::642d:6aff:fe01:7c51":set.v{}}}
2024-05-10 21:47:38.744 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"vxlan.calico", Addrs:set.Typed[string]{"192.168.168.0":set.v{}, "fe80::642d:6aff:fe01:7c51":set.v{}}}
2024-05-10 21:47:38.744 [INFO][62] felix/tlsutils.go 39: Make certificate verifier requiredCN="typha-server" requiredURISAN="" roots=&x509.CertPool{byName:map[string][]int{"0!1\x1f0\x1d\x06\x03U\x04\x03\x13\x16tigera-operator-signer":[]int{0}}, lazyCerts:[]x509.lazyCert{x509.lazyCert{rawSubject:[]uint8{0x30, 0x21, 0x31, 0x1f, 0x30, 0x1d, 0x6, 0x3, 0x55, 0x4, 0x3, 0x13, 0x16, 0x74, 0x69, 0x67, 0x65, 0x72, 0x61, 0x2d, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72}, getCert:(func() (*x509.Certificate, error))(0x722880)}}, haveSum:map[x509.sum224]bool{x509.sum224{0xa9, 0xe9, 0x87, 0x20, 0xc2, 0xa9, 0x57, 0x27, 0x8, 0x41, 0xcb, 0x6a, 0x92, 0x59, 0x19, 0xc, 0x6f, 0xd5, 0x31, 0x4c, 0x24, 0xf1, 0xaa, 0xc7, 0x60, 0x9a, 0x3e, 0xf4}:true}, systemPool:false}
2024-05-10 21:47:38.744 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2024-05-10 21:47:38.744 [INFO][62] felix/int_dataplane.go 2005: Interface monitor now in sync.
2024-05-10 21:47:38.744 [INFO][62] felix/sync_client.go 329: Connecting to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 type=""
2024-05-10 21:47:38.751 [INFO][62] felix/tlsutils.go 46: Verify certificate chain signing address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 type=""
2024-05-10 21:47:38.755 [INFO][62] felix/sync_client.go 363: Connected to Typha. address=discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 type=""
2024-05-10 21:47:38.755 [INFO][62] felix/sync_client.go 211: Successfully connected to Typha at 10.140.20.91:5473. myID=0x1 type=""
2024-05-10 21:47:38.755 [INFO][62] felix/daemon.go 553: Connected to Typha on attempt 1
2024-05-10 21:47:38.755 [INFO][62] felix/sync_client.go 411: Started Typha client main loop connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 type=""
2024-05-10 21:47:38.758 [INFO][62] felix/sync_client.go 454: ServerHello message received connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 serverConnID=0xa serverMsg=syncproto.MsgServerHello{Version:"v3.27.3", SyncerType:"felix", SupportsNodeResourceUpdates:true, ServerConnID:0xa} type=""
2024-05-10 21:47:38.758 [INFO][62] felix/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} msg=syncproto.MsgDecoderRestart{Message:"enable compression: snappy;send binary snapshot", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0xa type=""
2024-05-10 21:47:38.758 [INFO][62] felix/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 serverConnID=0xa type=""
2024-05-10 21:47:38.758 [INFO][62] felix/calc_graph.go 149: Creating calculation graph, filtered to hostname main-k8s-master-2
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac5ba0)
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x1ac5ba0)
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac5a80)
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x1ac5a80)
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac7060)
2024-05-10 21:47:38.760 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x1ac7060)
2024-05-10 21:47:38.761 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.PolicyKey: (dispatcher.UpdateHandler)(0x1ac7060)
2024-05-10 21:47:38.761 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ProfileRulesKey: (dispatcher.UpdateHandler)(0x1ac7060)
2024-05-10 21:47:38.761 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1ac7060)
2024-05-10 21:47:38.761 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1a6d3e0)
2024-05-10 21:47:38.761 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x19feb20)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x19feb20)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x19feb20)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.NetworkSetKey: (dispatcher.UpdateHandler)(0x19feb20)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.PolicyKey: (dispatcher.UpdateHandler)(0x1ac5f80)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac5f80)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x1ac5f80)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostIPKey: (dispatcher.UpdateHandler)(0x1ac6e00)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.IPPoolKey: (dispatcher.UpdateHandler)(0x1ac6e00)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WireguardKey: (dispatcher.UpdateHandler)(0x1ac6e00)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1ac6e00)
2024-05-10 21:47:38.762 [INFO][62] felix/l3_route_resolver.go 175: Creating L3 route resolver
2024-05-10 21:47:38.762 [INFO][62] felix/l3_route_resolver.go 196: Registering L3 route resolver (node resources on)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1ac6860)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.IPPoolKey: (dispatcher.UpdateHandler)(0x1ac6aa0)
2024-05-10 21:47:38.762 [INFO][62] felix/l3_route_resolver.go 207: Registering for L3 route updates routeSource="CalicoIPAM"
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.BlockKey: (dispatcher.UpdateHandler)(0x1ac6ce0)
2024-05-10 21:47:38.762 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac6bc0)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1ac6500)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostConfigKey: (dispatcher.UpdateHandler)(0x1ac6740)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.GlobalConfigKey: (dispatcher.UpdateHandler)(0x1ac6380)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostConfigKey: (dispatcher.UpdateHandler)(0x1ac6380)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ReadyFlagKey: (dispatcher.UpdateHandler)(0x1ac6380)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.ResourceKey: (dispatcher.UpdateHandler)(0x1ac6260)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.IPPoolKey: (dispatcher.UpdateHandler)(0x1ac60e0)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostIPKey: (dispatcher.UpdateHandler)(0x1ac5820)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.WorkloadEndpointKey: (dispatcher.UpdateHandler)(0x1ac5820)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostEndpointKey: (dispatcher.UpdateHandler)(0x1ac5820)
2024-05-10 21:47:38.763 [INFO][62] felix/dispatcher.go 68: Registering listener for type model.HostConfigKey: (dispatcher.UpdateHandler)(0x1ac5820)
2024-05-10 21:47:38.764 [INFO][62] felix/async_calc_graph.go 256: Starting AsyncCalcGraph
2024-05-10 21:47:38.764 [INFO][62] felix/async_calc_graph.go 137: AsyncCalcGraph running
2024-05-10 21:47:38.764 [INFO][62] felix/daemon.go 639: Started the processing graph
2024-05-10 21:47:38.765 [INFO][62] felix/daemon.go 999: Reading from dataplane driver pipe...
2024-05-10 21:47:38.765 [INFO][62] felix/daemon.go 707: No driver process to monitor
2024-05-10 21:47:38.765 [INFO][62] felix/daemon.go 1256: Configuration update from calculation graph. configBySource=map[string]map[string]string{"config file":map[string]string{"LogFilePath":"None", "LogSeverityFile":"None", "LogSeveritySys":"None", "MetadataAddr":"None"}, "datastore (global)":map[string]string{"BPFConnectTimeLoadBalancing":"TCP", "BPFHostNetworkedNATWithoutCTLB":"Enabled", "CalicoVersion":"v3.27.3", "ClusterGUID":"a67d29bc359f4aa2a450000b755000d7", "ClusterType":"typha,kdd,k8s,operator,kubeadm", "FloatingIPs":"Disabled", "HealthPort":"9099", "LogSeverityScreen":"Info", "ReportingIntervalSecs":"0", "VXLANVNI":"4096"}, "datastore (per-host)":map[string]string{"IPv4VXLANTunnelAddr":"192.168.168.0"}, "environment variable":map[string]string{"datastoretype":"kubernetes", "defaultendpointtohostaction":"ACCEPT", "felixhostname":"main-k8s-master-2", "healthenabled":"true", "healthport":"9099", "ipv6support":"false", "typhacafile":"/etc/pki/tls/certs/tigera-ca-bundle.crt", "typhacertfile":"/node-certs/tls.crt", "typhacn":"typha-server", "typhak8snamespace":"calico-system", "typhak8sservicename":"calico-typha", "typhakeyfile":"/node-certs/tls.key"}} configUpdate=config:<key:"BPFConnectTimeLoadBalancing" value:"TCP" > config:<key:"BPFHostNetworkedNATWithoutCTLB" value:"Enabled" > config:<key:"CalicoVersion" value:"v3.27.3" > config:<key:"ClusterGUID" value:"a67d29bc359f4aa2a450000b755000d7" > config:<key:"ClusterType" value:"typha,kdd,k8s,operator,kubeadm" > config:<key:"DatastoreType" value:"kubernetes" > config:<key:"DefaultEndpointToHostAction" value:"ACCEPT" > config:<key:"FelixHostname" value:"main-k8s-master-2" > config:<key:"FloatingIPs" value:"Disabled" > config:<key:"HealthEnabled" value:"true" > config:<key:"HealthPort" value:"9099" > config:<key:"IPv4VXLANTunnelAddr" value:"192.168.168.0" > config:<key:"Ipv6Support" value:"false" > config:<key:"LogFilePath" value:"None" > config:<key:"LogSeverityFile" value:"None" > config:<key:"LogSeverityScreen" value:"Info" > config:<key:"LogSeveritySys" value:"None" > config:<key:"MetadataAddr" value:"None" > config:<key:"ReportingIntervalSecs" value:"0" > config:<key:"TyphaCAFile" value:"/etc/pki/tls/certs/tigera-ca-bundle.crt" > config:<key:"TyphaCN" value:"typha-server" > config:<key:"TyphaCertFile" value:"/node-certs/tls.crt" > config:<key:"TyphaK8sNamespace" value:"calico-system" > config:<key:"TyphaK8sServiceName" value:"calico-typha" > config:<key:"TyphaKeyFile" value:"/node-certs/tls.key" > config:<key:"VXLANVNI" value:"4096" > source_to_raw_config:<key:1 value:<source:"datastore (global)" config:<key:"BPFConnectTimeLoadBalancing" value:"TCP" > config:<key:"BPFHostNetworkedNATWithoutCTLB" value:"Enabled" > config:<key:"CalicoVersion" value:"v3.27.3" > config:<key:"ClusterGUID" value:"a67d29bc359f4aa2a450000b755000d7" > config:<key:"ClusterType" value:"typha,kdd,k8s,operator,kubeadm" > config:<key:"FloatingIPs" value:"Disabled" > config:<key:"HealthPort" value:"9099" > config:<key:"LogSeverityScreen" value:"Info" > config:<key:"ReportingIntervalSecs" value:"0" > config:<key:"VXLANVNI" value:"4096" > > > source_to_raw_config:<key:2 value:<source:"datastore (per-host)" config:<key:"IPv4VXLANTunnelAddr" value:"192.168.168.0" > > > source_to_raw_config:<key:3 value:<source:"config file" config:<key:"LogFilePath" value:"None" > config:<key:"LogSeverityFile" value:"None" > config:<key:"LogSeveritySys" value:"None" > config:<key:"MetadataAddr" value:"None" > > > source_to_raw_config:<key:4 value:<source:"environment variable" config:<key:"datastoretype" value:"kubernetes" > config:<key:"defaultendpointtohostaction" value:"ACCEPT" > config:<key:"felixhostname" value:"main-k8s-master-2" > config:<key:"healthenabled" value:"true" > config:<key:"healthport" value:"9099" > config:<key:"ipv6support" value:"false" > config:<key:"typhacafile" value:"/etc/pki/tls/certs/tigera-ca-bundle.crt" > config:<key:"typhacertfile" value:"/node-certs/tls.crt" > config:<key:"typhacn" value:"typha-server" > config:<key:"typhak8snamespace" value:"calico-system" > config:<key:"typhak8sservicename" value:"calico-typha" > config:<key:"typhakeyfile" value:"/node-certs/tls.key" > > >
2024-05-10 21:47:38.766 [INFO][62] felix/config_params.go 622: Parsing value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.767 [INFO][62] felix/config_params.go 658: Parsed value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.767 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.767 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.767 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.767 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 622: Parsing value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.key"
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 658: Parsed value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/param_types.go 312: Looking for required file path="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 622: Parsing value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.768 [INFO][62] felix/config_params.go 658: Parsed value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.769 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.769 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.769 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.769 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.crt"
2024-05-10 21:47:38.769 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.769 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 622: Parsing value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 658: Parsed value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 622: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 658: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.770 [INFO][62] felix/config_params.go 622: Parsing value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.771 [INFO][62] felix/config_params.go 658: Parsed value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.771 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityFile: None (from config file)
2024-05-10 21:47:38.771 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityFile:  (from config file)
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 622: Parsing value for LogSeveritySys: None (from config file)
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 658: Parsed value for LogSeveritySys:  (from config file)
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 622: Parsing value for MetadataAddr: None (from config file)
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 658: Parsed value for MetadataAddr:  (from config file)
2024-05-10 21:47:38.772 [INFO][62] felix/config_params.go 622: Parsing value for LogFilePath: None (from config file)
2024-05-10 21:47:38.773 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.773 [INFO][62] felix/config_params.go 658: Parsed value for LogFilePath:  (from config file)
2024-05-10 21:47:38.773 [INFO][62] felix/config_params.go 622: Parsing value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.773 [INFO][62] felix/config_params.go 658: Parsed value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.777 [INFO][62] felix/config_params.go 622: Parsing value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.777 [INFO][62] felix/config_params.go 658: Parsed value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.777 [INFO][62] felix/config_params.go 622: Parsing value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.777 [INFO][62] felix/config_params.go 658: Parsed value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 622: Parsing value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 658: Parsed value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 622: Parsing value for ReportingIntervalSecs: 0 (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 658: Parsed value for ReportingIntervalSecs: 0s (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 661: Skipping config value for HealthPort from datastore (global); already have a value from environment variable
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 622: Parsing value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 658: Parsed value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 622: Parsing value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.778 [INFO][62] felix/config_params.go 658: Parsed value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 622: Parsing value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 658: Parsed value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityScreen: Info (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityScreen: INFO (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 622: Parsing value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/config_params.go 658: Parsed value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.779 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ConfigUpdate update from calculation graph msg=config:<key:"BPFConnectTimeLoadBalancing" value:"TCP" > config:<key:"BPFHostNetworkedNATWithoutCTLB" value:"Enabled" > config:<key:"CalicoVersion" value:"v3.27.3" > config:<key:"ClusterGUID" value:"a67d29bc359f4aa2a450000b755000d7" > config:<key:"ClusterType" value:"typha,kdd,k8s,operator,kubeadm" > config:<key:"DatastoreType" value:"kubernetes" > config:<key:"DefaultEndpointToHostAction" value:"ACCEPT" > config:<key:"FelixHostname" value:"main-k8s-master-2" > config:<key:"FloatingIPs" value:"Disabled" > config:<key:"HealthEnabled" value:"true" > config:<key:"HealthPort" value:"9099" > config:<key:"IPv4VXLANTunnelAddr" value:"192.168.168.0" > config:<key:"Ipv6Support" value:"false" > config:<key:"LogFilePath" value:"None" > config:<key:"LogSeverityFile" value:"None" > config:<key:"LogSeverityScreen" value:"Info" > config:<key:"LogSeveritySys" value:"None" > config:<key:"MetadataAddr" value:"None" > config:<key:"ReportingIntervalSecs" value:"0" > config:<key:"TyphaCAFile" value:"/etc/pki/tls/certs/tigera-ca-bundle.crt" > config:<key:"TyphaCN" value:"typha-server" > config:<key:"TyphaCertFile" value:"/node-certs/tls.crt" > config:<key:"TyphaK8sNamespace" value:"calico-system" > config:<key:"TyphaK8sServiceName" value:"calico-typha" > config:<key:"TyphaKeyFile" value:"/node-certs/tls.key" > config:<key:"VXLANVNI" value:"4096" > source_to_raw_config:<key:1 value:<source:"datastore (global)" config:<key:"BPFConnectTimeLoadBalancing" value:"TCP" > config:<key:"BPFHostNetworkedNATWithoutCTLB" value:"Enabled" > config:<key:"CalicoVersion" value:"v3.27.3" > config:<key:"ClusterGUID" value:"a67d29bc359f4aa2a450000b755000d7" > config:<key:"ClusterType" value:"typha,kdd,k8s,operator,kubeadm" > config:<key:"FloatingIPs" value:"Disabled" > config:<key:"HealthPort" value:"9099" > config:<key:"LogSeverityScreen" value:"Info" > config:<key:"ReportingIntervalSecs" value:"0" > config:<key:"VXLANVNI" value:"4096" > > > source_to_raw_config:<key:2 value:<source:"datastore (per-host)" config:<key:"IPv4VXLANTunnelAddr" value:"192.168.168.0" > > > source_to_raw_config:<key:3 value:<source:"config file" config:<key:"LogFilePath" value:"None" > config:<key:"LogSeverityFile" value:"None" > config:<key:"LogSeveritySys" value:"None" > config:<key:"MetadataAddr" value:"None" > > > source_to_raw_config:<key:4 value:<source:"environment variable" config:<key:"datastoretype" value:"kubernetes" > config:<key:"defaultendpointtohostaction" value:"ACCEPT" > config:<key:"felixhostname" value:"main-k8s-master-2" > config:<key:"healthenabled" value:"true" > config:<key:"healthport" value:"9099" > config:<key:"ipv6support" value:"false" > config:<key:"typhacafile" value:"/etc/pki/tls/certs/tigera-ca-bundle.crt" > config:<key:"typhacertfile" value:"/node-certs/tls.crt" > config:<key:"typhacn" value:"typha-server" > config:<key:"typhak8snamespace" value:"calico-system" > config:<key:"typhak8sservicename" value:"calico-typha" > config:<key:"typhakeyfile" value:"/node-certs/tls.key" > > >
2024-05-10 21:47:38.779 [INFO][60] tunnel-ip-allocator/allocateip.go 340: Current address is still valid, do nothing currentAddr="192.168.168.0" type="vxlanTunnelAddress"
2024-05-10 21:47:38.790 [INFO][62] felix/sync_client.go 540: Server asked us to restart our decoder connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} msg=syncproto.MsgDecoderRestart{Message:"End of compressed snapshot.", CompressionAlgorithm:"snappy"} myID=0x1 serverConnID=0xa type=""
2024-05-10 21:47:38.790 [INFO][62] felix/sync_client.go 544: Server selected snappy compression. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 serverConnID=0xa type=""
2024-05-10 21:47:38.797 [INFO][62] felix/vxlan_resolver.go 304: Missing both IPv4 and IPv6 VTEP information for node, cannot send VTEP yet node="main-k8s-master-1"
2024-05-10 21:47:38.798 [INFO][62] felix/vxlan_resolver.go 304: Missing both IPv4 and IPv6 VTEP information for node, cannot send VTEP yet node="main-k8s-master-2"
2024-05-10 21:47:38.800 [INFO][62] felix/vxlan_resolver.go 304: Missing both IPv4 and IPv6 VTEP information for node, cannot send VTEP yet node="main-k8s-master-3"
2024-05-10 21:47:38.800 [INFO][62] felix/vxlan_resolver.go 304: Missing both IPv4 and IPv6 VTEP information for node, cannot send VTEP yet node="main-k8s-regular-1"
2024-05-10 21:47:38.802 [INFO][62] felix/sync_client.go 486: Status update from Typha. connection=&discovery.Typha{Addr:"10.140.20.91:5473", IP:"10.140.20.91", NodeName:(*string)(0xc000127a80)} myID=0x1 newStatus=in-sync serverConnID=0xa type=""
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=BPFConnectTimeLoadBalancing) TCP 4878 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=BPFHostNetworkedNATWithoutCTLB) Enabled 4878 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=CalicoVersion) v3.27.3 4877 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=ClusterGUID) a67d29bc359f4aa2a450000b755000d7 4877 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=ClusterType) typha,kdd,k8s,operator,kubeadm 4877 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=FloatingIPs) Disabled 4878 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=HealthPort) 9099 4878 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=LogSeverityScreen) Info 4878 <nil> 0s} 1}
2024-05-10 21:47:38.802 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=ReportingIntervalSecs) 0 4878 <nil> 0s} 1}
2024-05-10 21:47:38.804 [INFO][62] felix/config_batcher.go 74: Global config update: {{GlobalFelixConfig(name=VXLANVNI) 4096 4878 <nil> 0s} 1}
2024-05-10 21:47:38.804 [INFO][62] felix/vxlan_resolver.go 332: Sending VTEP update node="main-k8s-master-1"
2024-05-10 21:47:38.805 [INFO][62] felix/vxlan_resolver.go 332: Sending VTEP update node="main-k8s-master-2"
2024-05-10 21:47:38.805 [INFO][62] felix/config_batcher.go 61: Host config update for this host: {{HostConfig(node=main-k8s-master-2,name=IPv4VXLANTunnelAddr) 192.168.168.0 12055 <nil> 0s} 1}
2024-05-10 21:47:38.805 [INFO][62] felix/vxlan_resolver.go 332: Sending VTEP update node="main-k8s-master-3"
2024-05-10 21:47:38.805 [INFO][62] felix/vxlan_resolver.go 332: Sending VTEP update node="main-k8s-regular-1"
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"default" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-public" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.805 [INFO][62] felix/l3_route_resolver.go 633: Pool is active newPool=calc.l3rrPoolInfo{CIDR:ip.V4CIDR{addr:ip.V4Addr{0xc0, 0xa8, 0x0, 0x0}, prefix:0x10}, PoolType:2, NATOutgoing:true, CrossSubnet:false, AWSSubnetID:""} newType=VXLAN oldType=NONE
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"persistent-volume-binder" > labels:<key:"projectcalico.org/name" value:"persistent-volume-binder" >
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"endpointslicemirroring-controller" > labels:<key:"projectcalico.org/name" value:"endpointslicemirroring-controller" >
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"ttl-after-finished-controller" > labels:<key:"projectcalico.org/name" value:"ttl-after-finished-controller" >
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"disruption-controller" > labels:<key:"projectcalico.org/name" value:"disruption-controller" >
2024-05-10 21:47:38.805 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"endpointslice-controller" > labels:<key:"projectcalico.org/name" value:"endpointslice-controller" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"legacy-service-account-token-cleaner" > labels:<key:"projectcalico.org/name" value:"legacy-service-account-token-cleaner" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"pod-garbage-collector" > labels:<key:"projectcalico.org/name" value:"pod-garbage-collector" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-node-lease" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"horizontal-pod-autoscaler" > labels:<key:"projectcalico.org/name" value:"horizontal-pod-autoscaler" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"tigera-operator" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"bootstrap-signer" > labels:<key:"projectcalico.org/name" value:"bootstrap-signer" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"cloud-controller-manager" > labels:<key:"projectcalico.org/name" value:"cloud-controller-manager" >
2024-05-10 21:47:38.806 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"csi-cinder-node-sa" > labels:<key:"projectcalico.org/name" value:"csi-cinder-node-sa" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"endpoint-controller" > labels:<key:"projectcalico.org/name" value:"endpoint-controller" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"resourcequota-controller" > labels:<key:"projectcalico.org/name" value:"resourcequota-controller" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"cronjob-controller" > labels:<key:"projectcalico.org/name" value:"cronjob-controller" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"kube-proxy" > labels:<key:"projectcalico.org/name" value:"kube-proxy" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"replicaset-controller" > labels:<key:"projectcalico.org/name" value:"replicaset-controller" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-apiserver" name:"calico-apiserver" > labels:<key:"projectcalico.org/name" value:"calico-apiserver" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-system" name:"calico-kube-controllers" > labels:<key:"projectcalico.org/name" value:"calico-kube-controllers" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-system" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"attachdetach-controller" > labels:<key:"projectcalico.org/name" value:"attachdetach-controller" >
2024-05-10 21:47:38.807 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"clusterrole-aggregation-controller" > labels:<key:"projectcalico.org/name" value:"clusterrole-aggregation-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-system" name:"calico-typha" > labels:<key:"projectcalico.org/name" value:"calico-typha" >
2024-05-10 21:47:38.806 [INFO][62] felix/label_inheritance_index.go 182: Updating selector selID=Policy(name=calico-apiserver/knp.default.allow-apiserver)
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"csi-cinder-controller-sa" > labels:<key:"projectcalico.org/name" value:"csi-cinder-controller-sa" >
2024-05-10 21:47:38.808 [INFO][62] felix/config_batcher.go 102: Datamodel in sync, flushing config update
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"deployment-controller" > labels:<key:"projectcalico.org/name" value:"deployment-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/config_batcher.go 112: Sending config update global: map[BPFConnectTimeLoadBalancing:TCP BPFHostNetworkedNATWithoutCTLB:Enabled CalicoVersion:v3.27.3 ClusterGUID:a67d29bc359f4aa2a450000b755000d7 ClusterType:typha,kdd,k8s,operator,kubeadm FloatingIPs:Disabled HealthPort:9099 LogSeverityScreen:Info ReportingIntervalSecs:0 VXLANVNI:4096], host: map[IPv4VXLANTunnelAddr:192.168.168.0].
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"node-controller" > labels:<key:"projectcalico.org/name" value:"node-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/async_calc_graph.go 166: First time we've been in sync
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"ttl-controller" > labels:<key:"projectcalico.org/name" value:"ttl-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/health.go 206: Health of component changed name="CalculationGraph" newReport="live,ready" oldReport="live,non-ready"
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"tigera-operator" name:"tigera-operator" > labels:<key:"projectcalico.org/name" value:"tigera-operator" >
2024-05-10 21:47:38.808 [INFO][62] felix/event_sequencer.go 273: Possible config update. global=map[string]string{"BPFConnectTimeLoadBalancing":"TCP", "BPFHostNetworkedNATWithoutCTLB":"Enabled", "CalicoVersion":"v3.27.3", "ClusterGUID":"a67d29bc359f4aa2a450000b755000d7", "ClusterType":"typha,kdd,k8s,operator,kubeadm", "FloatingIPs":"Disabled", "HealthPort":"9099", "LogSeverityScreen":"Info", "ReportingIntervalSecs":"0", "VXLANVNI":"4096"} host=map[string]string{"IPv4VXLANTunnelAddr":"192.168.168.0"}
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"daemon-set-controller" > labels:<key:"projectcalico.org/name" value:"daemon-set-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"namespace-controller" > labels:<key:"projectcalico.org/name" value:"namespace-controller" >
2024-05-10 21:47:38.808 [INFO][62] felix/config_params.go 491: Merging in config from datastore (global): map[BPFConnectTimeLoadBalancing:TCP BPFHostNetworkedNATWithoutCTLB:Enabled CalicoVersion:v3.27.3 ClusterGUID:a67d29bc359f4aa2a450000b755000d7 ClusterType:typha,kdd,k8s,operator,kubeadm FloatingIPs:Disabled HealthPort:9099 LogSeverityScreen:Info ReportingIntervalSecs:0 VXLANVNI:4096]
2024-05-10 21:47:38.808 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"pv-protection-controller" > labels:<key:"projectcalico.org/name" value:"pv-protection-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"replication-controller" > labels:<key:"projectcalico.org/name" value:"replication-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"service-account-controller" > labels:<key:"projectcalico.org/name" value:"service-account-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-apiserver" name:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"job-controller" > labels:<key:"projectcalico.org/name" value:"job-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"root-ca-cert-publisher" > labels:<key:"projectcalico.org/name" value:"root-ca-cert-publisher" >
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 622: Parsing value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"ephemeral-volume-controller" > labels:<key:"projectcalico.org/name" value:"ephemeral-volume-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/usagerep.go 91: Waiting before first check-in delay=5m2.265s
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 658: Parsed value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"generic-garbage-collector" > labels:<key:"projectcalico.org/name" value:"generic-garbage-collector" >
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"pvc-protection-controller" > labels:<key:"projectcalico.org/name" value:"pvc-protection-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-system" name:"calico-node" > labels:<key:"projectcalico.org/name" value:"calico-node" >
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"certificate-controller" > labels:<key:"projectcalico.org/name" value:"certificate-controller" >
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.809 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"coredns" > labels:<key:"projectcalico.org/name" value:"coredns" >
2024-05-10 21:47:38.809 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.810 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"expand-controller" > labels:<key:"projectcalico.org/name" value:"expand-controller" >
2024-05-10 21:47:38.810 [INFO][62] felix/config_params.go 622: Parsing value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 658: Parsed value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 622: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 658: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/param_types.go 312: Looking for required file path="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.811 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"statefulset-controller" > labels:<key:"projectcalico.org/name" value:"statefulset-controller" >
2024-05-10 21:47:38.812 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.crt"
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"kube-system" name:"token-cleaner" > labels:<key:"projectcalico.org/name" value:"token-cleaner" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceAccountUpdate update from calculation graph msg=id:<namespace:"calico-system" name:"calico-cni-plugin" > labels:<key:"projectcalico.org/name" value:"calico-cni-plugin" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 622: Parsing value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 658: Parsed value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"kube-public" > labels:<key:"kubernetes.io/metadata.name" value:"kube-public" > labels:<key:"projectcalico.org/name" value:"kube-public" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"kube-system" > labels:<key:"kubernetes.io/metadata.name" value:"kube-system" > labels:<key:"projectcalico.org/name" value:"kube-system" >
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"tigera-operator" > labels:<key:"kubernetes.io/metadata.name" value:"tigera-operator" > labels:<key:"name" value:"tigera-operator" > labels:<key:"pod-security.kubernetes.io/enforce" value:"privileged" > labels:<key:"projectcalico.org/name" value:"tigera-operator" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"calico-apiserver" > labels:<key:"kubernetes.io/metadata.name" value:"calico-apiserver" > labels:<key:"name" value:"calico-apiserver" > labels:<key:"pod-security.kubernetes.io/enforce" value:"privileged" > labels:<key:"pod-security.kubernetes.io/enforce-version" value:"latest" > labels:<key:"projectcalico.org/name" value:"calico-apiserver" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 622: Parsing value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"calico-system" > labels:<key:"kubernetes.io/metadata.name" value:"calico-system" > labels:<key:"name" value:"calico-system" > labels:<key:"pod-security.kubernetes.io/enforce" value:"privileged" > labels:<key:"pod-security.kubernetes.io/enforce-version" value:"latest" > labels:<key:"projectcalico.org/name" value:"calico-system" >
2024-05-10 21:47:38.812 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.key"
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"default" > labels:<key:"kubernetes.io/metadata.name" value:"default" > labels:<key:"projectcalico.org/name" value:"default" >
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 658: Parsed value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.NamespaceUpdate update from calculation graph msg=id:<name:"kube-node-lease" > labels:<key:"kubernetes.io/metadata.name" value:"kube-node-lease" > labels:<key:"projectcalico.org/name" value:"kube-node-lease" >
2024-05-10 21:47:38.812 [INFO][62] felix/int_dataplane.go 1954: Received *proto.VXLANTunnelEndpointUpdate update from calculation graph msg=node:"main-k8s-master-1" mac:"66:6b:6b:6f:34:c2" ipv4_addr:"192.168.40.0" parent_device_ip:"10.140.20.110"
2024-05-10 21:47:38.812 [INFO][62] felix/config_params.go 622: Parsing value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.VXLANTunnelEndpointUpdate update from calculation graph msg=node:"main-k8s-master-2" mac:"66:2d:6a:01:7c:51" ipv4_addr:"192.168.168.0" parent_device_ip:"10.140.20.162"
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.VXLANTunnelEndpointUpdate update from calculation graph msg=node:"main-k8s-master-3" mac:"66:f6:9e:7f:c9:39" ipv4_addr:"192.168.149.128" parent_device_ip:"10.140.20.86"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 658: Parsed value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL dst:"192.168.145.0/32" dst_node_name:"main-k8s-regular-1" dst_node_ip:"10.140.20.91" tunnel_type:<vxlan:true >
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 622: Parsing value for MetadataAddr: None (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_HOST dst:"10.140.20.91/32" dst_node_name:"main-k8s-regular-1" dst_node_ip:"10.140.20.91"
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD dst:"192.168.149.128/26" dst_node_name:"main-k8s-master-3" dst_node_ip:"10.140.20.86"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_WORKLOAD dst:"192.168.168.0/26" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162"
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL dst:"192.168.40.0/32" dst_node_name:"main-k8s-master-1" dst_node_ip:"10.140.20.110" tunnel_type:<vxlan:true >
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 658: Parsed value for MetadataAddr:  (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_TUNNEL dst:"192.168.168.0/32" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162" tunnel_type:<vxlan:true >
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 622: Parsing value for LogFilePath: None (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_HOST dst:"10.140.20.162/32" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD dst:"192.168.145.0/26" dst_node_name:"main-k8s-regular-1" dst_node_ip:"10.140.20.91"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 658: Parsed value for LogFilePath:  (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD dst:"192.168.40.0/26" dst_node_name:"main-k8s-master-1" dst_node_ip:"10.140.20.110"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityFile: None (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_HOST dst:"10.140.20.110/32" dst_node_name:"main-k8s-master-1" dst_node_ip:"10.140.20.110"
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL dst:"192.168.149.128/32" dst_node_name:"main-k8s-master-3" dst_node_ip:"10.140.20.86" tunnel_type:<vxlan:true >
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_HOST dst:"10.140.20.86/32" dst_node_name:"main-k8s-master-3" dst_node_ip:"10.140.20.86"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityFile:  (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataUpdate update from calculation graph msg=hostname:"main-k8s-master-1" ipv4_addr:"10.140.20.110"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 622: Parsing value for LogSeveritySys: None (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataUpdate update from calculation graph msg=hostname:"main-k8s-master-2" ipv4_addr:"10.140.20.162"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataUpdate update from calculation graph msg=hostname:"main-k8s-master-3" ipv4_addr:"10.140.20.86"
2024-05-10 21:47:38.813 [INFO][62] felix/config_params.go 658: Parsed value for LogSeveritySys:  (from config file)
2024-05-10 21:47:38.813 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataV4V6Update update from calculation graph msg=hostname:"main-k8s-master-1" ipv4_addr:"10.140.20.110/24" labels:<key:"beta.kubernetes.io/arch" value:"amd64" > labels:<key:"beta.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"beta.kubernetes.io/os" value:"linux" > labels:<key:"failure-domain.beta.kubernetes.io/region" value:"iad3" > labels:<key:"failure-domain.beta.kubernetes.io/zone" value:"compute" > labels:<key:"kubernetes.io/arch" value:"amd64" > labels:<key:"kubernetes.io/hostname" value:"main-k8s-master-1" > labels:<key:"kubernetes.io/os" value:"linux" > labels:<key:"node-role.kubernetes.io/control-plane" value:"" > labels:<key:"node.kubernetes.io/exclude-from-external-load-balancers" value:"" > labels:<key:"node.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"topology.cinder.csi.openstack.org/zone" value:"compute" > labels:<key:"topology.kubernetes.io/region" value:"iad3" > labels:<key:"topology.kubernetes.io/zone" value:"compute" >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataV4V6Update update from calculation graph msg=hostname:"main-k8s-master-2" ipv4_addr:"10.140.20.162/24" labels:<key:"beta.kubernetes.io/arch" value:"amd64" > labels:<key:"beta.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"beta.kubernetes.io/os" value:"linux" > labels:<key:"failure-domain.beta.kubernetes.io/region" value:"iad3" > labels:<key:"failure-domain.beta.kubernetes.io/zone" value:"compute" > labels:<key:"kubernetes.io/arch" value:"amd64" > labels:<key:"kubernetes.io/hostname" value:"main-k8s-master-2" > labels:<key:"kubernetes.io/os" value:"linux" > labels:<key:"node-role.kubernetes.io/control-plane" value:"" > labels:<key:"node.kubernetes.io/exclude-from-external-load-balancers" value:"" > labels:<key:"node.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"topology.cinder.csi.openstack.org/zone" value:"compute" > labels:<key:"topology.kubernetes.io/region" value:"iad3" > labels:<key:"topology.kubernetes.io/zone" value:"compute" >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 658: Parsed value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataV4V6Update update from calculation graph msg=hostname:"main-k8s-master-3" ipv4_addr:"10.140.20.86/24" labels:<key:"beta.kubernetes.io/arch" value:"amd64" > labels:<key:"beta.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"beta.kubernetes.io/os" value:"linux" > labels:<key:"failure-domain.beta.kubernetes.io/region" value:"iad3" > labels:<key:"failure-domain.beta.kubernetes.io/zone" value:"compute" > labels:<key:"kubernetes.io/arch" value:"amd64" > labels:<key:"kubernetes.io/hostname" value:"main-k8s-master-3" > labels:<key:"kubernetes.io/os" value:"linux" > labels:<key:"node-role.kubernetes.io/control-plane" value:"" > labels:<key:"node.kubernetes.io/exclude-from-external-load-balancers" value:"" > labels:<key:"node.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"topology.cinder.csi.openstack.org/zone" value:"compute" > labels:<key:"topology.kubernetes.io/region" value:"iad3" > labels:<key:"topology.kubernetes.io/zone" value:"compute" >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 658: Parsed value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataV4V6Update update from calculation graph msg=hostname:"main-k8s-regular-1" ipv4_addr:"10.140.20.91/24" labels:<key:"beta.kubernetes.io/arch" value:"amd64" > labels:<key:"beta.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"beta.kubernetes.io/os" value:"linux" > labels:<key:"failure-domain.beta.kubernetes.io/region" value:"iad3" > labels:<key:"failure-domain.beta.kubernetes.io/zone" value:"compute" > labels:<key:"kubernetes.io/arch" value:"amd64" > labels:<key:"kubernetes.io/hostname" value:"main-k8s-regular-1" > labels:<key:"kubernetes.io/os" value:"linux" > labels:<key:"node.kubernetes.io/instance-type" value:"m1.medium" > labels:<key:"topology.cinder.csi.openstack.org/zone" value:"compute" > labels:<key:"topology.kubernetes.io/region" value:"iad3" > labels:<key:"topology.kubernetes.io/zone" value:"compute" >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"csi-cinder-controller-service" namespace:"kube-system" type:"ClusterIP" cluster_ip:"172.31.38.169" ports:<Protocol:"TCP" Port:12345 >
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"kube-dns" namespace:"kube-system" type:"ClusterIP" cluster_ip:"172.31.0.10" ports:<Protocol:"UDP" Port:53 > ports:<Protocol:"TCP" Port:53 > ports:<Protocol:"TCP" Port:9153 >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 661: Skipping config value for HealthPort from datastore (global); already have a value from environment variable
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"calico-api" namespace:"calico-apiserver" type:"ClusterIP" cluster_ip:"172.31.237.101" ports:<Protocol:"TCP" Port:443 >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityScreen: Info (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"calico-kube-controllers-metrics" namespace:"calico-system" type:"ClusterIP" cluster_ip:"None" ports:<Protocol:"TCP" Port:9094 >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityScreen: INFO (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"calico-typha" namespace:"calico-system" type:"ClusterIP" cluster_ip:"172.31.219.128" ports:<Protocol:"TCP" Port:5473 >
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ServiceUpdate update from calculation graph msg=name:"kubernetes" namespace:"default" type:"ClusterIP" cluster_ip:"172.31.0.1" ports:<Protocol:"TCP" Port:443 >
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.VXLANTunnelEndpointUpdate update from calculation graph msg=node:"main-k8s-regular-1" mac:"66:28:90:52:62:96" ipv4_addr:"192.168.145.0" parent_device_ip:"10.140.20.91"
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 658: Parsed value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_TUNNEL ip_pool_type:VXLAN dst:"192.168.168.0/32" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162" nat_outgoing:true tunnel_type:<vxlan:true >
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD ip_pool_type:VXLAN dst:"192.168.40.0/26" dst_node_name:"main-k8s-master-1" dst_node_ip:"10.140.20.110" nat_outgoing:true
2024-05-10 21:47:38.814 [INFO][62] felix/config_params.go 622: Parsing value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL ip_pool_type:VXLAN dst:"192.168.40.0/32" dst_node_name:"main-k8s-master-1" dst_node_ip:"10.140.20.110" nat_outgoing:true tunnel_type:<vxlan:true >
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_WORKLOAD ip_pool_type:VXLAN dst:"192.168.168.0/26" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162" nat_outgoing:true
2024-05-10 21:47:38.814 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL ip_pool_type:VXLAN dst:"192.168.145.0/32" dst_node_name:"main-k8s-regular-1" dst_node_ip:"10.140.20.91" nat_outgoing:true tunnel_type:<vxlan:true >
2024-05-10 21:47:38.815 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD ip_pool_type:VXLAN dst:"192.168.149.128/26" dst_node_name:"main-k8s-master-3" dst_node_ip:"10.140.20.86" nat_outgoing:true
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 658: Parsed value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 622: Parsing value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 658: Parsed value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 622: Parsing value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 658: Parsed value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 622: Parsing value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 658: Parsed value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 622: Parsing value for ReportingIntervalSecs: 0 (from datastore (global))
2024-05-10 21:47:38.815 [INFO][62] felix/config_params.go 658: Parsed value for ReportingIntervalSecs: 0s (from datastore (global))
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 622: Parsing value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 658: Parsed value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 491: Merging in config from datastore (per-host): map[IPv4VXLANTunnelAddr:192.168.168.0]
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.815 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=ip_pool_type:VXLAN dst:"192.168.0.0/16" nat_outgoing:true
2024-05-10 21:47:38.816 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.crt"
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCertFile: /node-certs/tls.crt (from environment variable)
2024-05-10 21:47:38.816 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_WORKLOAD ip_pool_type:VXLAN dst:"192.168.145.0/26" dst_node_name:"main-k8s-regular-1" dst_node_ip:"10.140.20.91" nat_outgoing:true
2024-05-10 21:47:38.816 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:REMOTE_TUNNEL ip_pool_type:VXLAN dst:"192.168.149.128/32" dst_node_name:"main-k8s-master-3" dst_node_ip:"10.140.20.86" nat_outgoing:true tunnel_type:<vxlan:true >
2024-05-10 21:47:38.817 [INFO][62] felix/int_dataplane.go 1954: Received *proto.HostMetadataUpdate update from calculation graph msg=hostname:"main-k8s-regular-1" ipv4_addr:"10.140.20.91"
2024-05-10 21:47:38.816 [INFO][62] felix/config_params.go 622: Parsing value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.817 [INFO][62] felix/int_dataplane.go 1954: Received *proto.IPAMPoolUpdate update from calculation graph msg=id:"192.168.0.0-16" pool:<cidr:"192.168.0.0/16" masquerade:true vxlan_mode:"always" >
2024-05-10 21:47:38.817 [INFO][62] felix/config_params.go 658: Parsed value for FelixHostname: main-k8s-master-2 (from environment variable)
2024-05-10 21:47:38.817 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.817 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCN: typha-server (from environment variable)
2024-05-10 21:47:38.817 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sNamespace: calico-system (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 622: Parsing value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for Ipv6Support: false (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 622: Parsing value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for DefaultEndpointToHostAction: ACCEPT (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 622: Parsing value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for TyphaK8sServiceName: calico-typha (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 622: Parsing value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/param_types.go 312: Looking for required file path="/etc/pki/tls/certs/tigera-ca-bundle.crt"
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for TyphaCAFile: /etc/pki/tls/certs/tigera-ca-bundle.crt (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 622: Parsing value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.818 [INFO][62] felix/config_params.go 658: Parsed value for DatastoreType: kubernetes (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 658: Parsed value for HealthEnabled: true (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/param_types.go 312: Looking for required file path="/node-certs/tls.key"
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 658: Parsed value for TyphaKeyFile: /node-certs/tls.key (from environment variable)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for MetadataAddr: None (from config file)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 658: Parsed value for MetadataAddr:  (from config file)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for LogFilePath: None (from config file)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 658: Parsed value for LogFilePath:  (from config file)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityFile: None (from config file)
2024-05-10 21:47:38.819 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityFile:  (from config file)
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 622: Parsing value for LogSeveritySys: None (from config file)
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 639: Value set to 'none', replacing with zero-value: "".
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 658: Parsed value for LogSeveritySys:  (from config file)
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 622: Parsing value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 658: Parsed value for IPv4VXLANTunnelAddr: 192.168.168.0 (from datastore (per-host))
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 622: Parsing value for ReportingIntervalSecs: 0 (from datastore (global))
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 658: Parsed value for ReportingIntervalSecs: 0s (from datastore (global))
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 622: Parsing value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.820 [INFO][62] felix/config_params.go 658: Parsed value for ClusterGUID: a67d29bc359f4aa2a450000b755000d7 (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for FloatingIPs: Disabled (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for VXLANVNI: 4096 (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for ClusterType: typha,kdd,k8s,operator,kubeadm (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for BPFConnectTimeLoadBalancing: TCP (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for CalicoVersion: v3.27.3 (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 622: Parsing value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.821 [INFO][62] felix/config_params.go 658: Parsed value for BPFHostNetworkedNATWithoutCTLB: Enabled (from datastore (global))
2024-05-10 21:47:38.822 [INFO][62] felix/config_params.go 622: Parsing value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.822 [INFO][62] felix/config_params.go 658: Parsed value for HealthPort: 9099 (from datastore (global))
2024-05-10 21:47:38.822 [INFO][62] felix/config_params.go 661: Skipping config value for HealthPort from datastore (global); already have a value from environment variable
2024-05-10 21:47:38.822 [INFO][62] felix/config_params.go 622: Parsing value for LogSeverityScreen: Info (from datastore (global))
2024-05-10 21:47:38.822 [INFO][62] felix/config_params.go 658: Parsed value for LogSeverityScreen: INFO (from datastore (global))
2024-05-10 21:47:38.822 [INFO][62] felix/async_calc_graph.go 221: First flush after becoming in sync, sending InSync message.
2024-05-10 21:47:38.822 [INFO][62] felix/daemon.go 1198: Datastore now in sync.
2024-05-10 21:47:38.822 [INFO][62] felix/int_dataplane.go 1954: Received *proto.Encapsulation update from calculation graph msg=vxlan_enabled:true
2024-05-10 21:47:38.823 [INFO][62] felix/daemon.go 1200: Datastore in sync for first time, sending message to status reporter.
2024-05-10 21:47:38.823 [INFO][62] felix/int_dataplane.go 1954: Received *proto.InSync update from calculation graph msg=
2024-05-10 21:47:38.823 [INFO][62] felix/int_dataplane.go 1963: Datastore in sync, flushing the dataplane for the first time... timeSinceStart=358.356667ms
2024-05-10 21:47:38.823 [INFO][62] felix/ipsets.go 159: Queueing IP set for creation family="inet" setID="all-vxlan-net" setType="hash:net"
2024-05-10 21:47:38.823 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.823 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-host-endpoint" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-host-endpoint" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-host-endpoint" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-host-endpoint" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-hep-forward" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-hep-forward" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-host-endpoint" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.824 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-host-endpoint" ipVersion=0x4 table="mangle"
2024-05-10 21:47:38.825 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-rpf-skip" ipVersion=0x4 table="raw"
2024-05-10 21:47:38.825 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-fip-dnat" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.825 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-fip-snat" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.825 [INFO][62] felix/masq_mgr.go 145: IPAM pools updated, refreshing iptables rule ipVersion=0x4
2024-05-10 21:47:38.825 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-nat-outgoing" ipVersion=0x4 table="nat"
2024-05-10 21:47:38.825 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-cidr-block" ipVersion=0x4 table="filter"
2024-05-10 21:47:38.901 [INFO][62] felix/health.go 294: Reporter is not ready: reporting non-ready. name="InternalDataplaneMainLoop"
2024-05-10 21:47:38.901 [INFO][62] felix/health.go 336: Overall health status changed: live=true ready=false
+---------------------------+---------+----------------+---------------------+--------+
|         COMPONENT         | TIMEOUT |    LIVENESS    |      READINESS      | DETAIL |
+---------------------------+---------+----------------+---------------------+--------+
| CalculationGraph          | 30s     | reporting live | reporting ready     |        |
| FelixStartup              | -       | reporting live | reporting ready     |        |
| InternalDataplaneMainLoop | 1m30s   | reporting live | reporting non-ready |        |
+---------------------------+---------+----------------+---------------------+--------+
2024-05-10 21:47:38.922 [INFO][62] felix/wireguard.go 1705: Trying to connect to linkClient ipVersion=0x4
2024-05-10 21:47:38.925 [INFO][62] felix/route_rule.go 189: Trying to connect to netlink
2024-05-10 21:47:38.926 [INFO][62] felix/wireguard.go 636: Public key out of sync or updated ipVersion=0x4 ourPublicKey=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
2024-05-10 21:47:38.946 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=9 ifaceName="calico_tmp_B" state="down"
2024-05-10 21:47:38.947 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{} ifaceName="calico_tmp_B"
2024-05-10 21:47:38.951 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=10 ifaceName="calico_tmp_A" state="down"
2024-05-10 21:47:38.951 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{} ifaceName="calico_tmp_A"
2024-05-10 21:47:38.969 [INFO][62] felix/int_dataplane.go 1911: Completed first update to dataplane. secsSinceStart=0.504308139
2024-05-10 21:47:38.975 [INFO][62] felix/health.go 206: Health of component changed name="InternalDataplaneMainLoop" newReport="live,ready" oldReport="live,non-ready"
2024-05-10 21:47:38.976 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"calico_tmp_B", State:"down", Index:9}
2024-05-10 21:47:38.976 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_B", Addrs:set.Typed[string]{}}
2024-05-10 21:47:38.977 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_B", Addrs:set.Typed[string]{}}
2024-05-10 21:47:38.977 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"calico_tmp_A", State:"down", Index:10}
2024-05-10 21:47:38.977 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_A", Addrs:set.Typed[string]{}}
2024-05-10 21:47:38.977 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_A", Addrs:set.Typed[string]{}}
2024-05-10 21:47:38.977 [INFO][62] felix/int_dataplane.go 1921: Dataplane updates throttled
2024-05-10 21:47:38.981 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=10 ifaceName="calico_tmp_A" state=""
2024-05-10 21:47:38.981 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=<nil> ifaceName="calico_tmp_A"
2024-05-10 21:47:38.981 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=9 ifaceName="calico_tmp_B" state=""
2024-05-10 21:47:38.981 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=<nil> ifaceName="calico_tmp_B"
2024-05-10 21:47:38.982 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"calico_tmp_A", State:"", Index:10}
2024-05-10 21:47:38.982 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_A", Addrs:set.Set[string](nil)}
2024-05-10 21:47:38.982 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_A", Addrs:set.Set[string](nil)}
2024-05-10 21:47:38.982 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"calico_tmp_B", State:"", Index:9}
2024-05-10 21:47:38.982 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_B", Addrs:set.Set[string](nil)}
2024-05-10 21:47:38.982 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"calico_tmp_B", Addrs:set.Set[string](nil)}
2024-05-10 21:47:39.615 [INFO][62] felix/route_table.go 324: Calculated interface name regexp ifaceRegex="^ens3$" ipVersion=0x4 tableIndex=254
2024-05-10 21:47:39.616 [INFO][62] felix/vxlan_mgr.go 571: VXLAN tunnel device configured ipVersion=0x4
2024-05-10 21:47:39.692 [INFO][62] felix/vxlan_mgr.go 520: VXLAN Manager completed deferred work ipVersion=0x4
2024-05-10 21:47:43.966 [INFO][62] felix/int_dataplane.go 1888: Dataplane updates no longer throttled
2024-05-10 21:47:49.536 [INFO][62] felix/calc_graph.go 507: Local endpoint updated id=WorkloadEndpoint(node=main-k8s-master-2, orchestrator=k8s, workload=calico-system/csi-node-driver-rjbrg, name=eth0)
2024-05-10 21:47:49.538 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ActiveProfileUpdate update from calculation graph msg=id:<name:"kns.calico-system" > profile:<inbound_rules:<action:"allow" rule_id:"fw2fB0QZr1DPiXMg" > outbound_rules:<action:"allow" rule_id:"D66fMttEtc8Iyw4Z" > >
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pri-kns.calico-system" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pro-kns.calico-system" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pro-kns.calico-system" ipVersion=0x4 table="mangle"
2024-05-10 21:47:49.539 [INFO][62] felix/int_dataplane.go 1954: Received *proto.ActiveProfileUpdate update from calculation graph msg=id:<name:"ksa.calico-system.default" > profile:<>
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pri-_og73BH3DuNOZrbBKFW" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pro-_og73BH3DuNOZrbBKFW" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.539 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-pro-_og73BH3DuNOZrbBKFW" ipVersion=0x4 table="mangle"
2024-05-10 21:47:49.541 [INFO][62] felix/int_dataplane.go 1954: Received *proto.WorkloadEndpointUpdate update from calculation graph msg=id:<orchestrator_id:"k8s" workload_id:"calico-system/csi-node-driver-rjbrg" endpoint_id:"eth0" > endpoint:<state:"active" name:"cali96bfba0cfb9" profile_ids:"kns.calico-system" profile_ids:"ksa.calico-system.default" ipv4_nets:"192.168.168.2/32" >
2024-05-10 21:47:49.541 [INFO][62] felix/int_dataplane.go 1954: Received *proto.RouteUpdate update from calculation graph msg=type:LOCAL_WORKLOAD ip_pool_type:VXLAN dst:"192.168.168.2/32" dst_node_name:"main-k8s-master-2" dst_node_ip:"10.140.20.162" nat_outgoing:true local_workload:true
2024-05-10 21:47:49.541 [INFO][62] felix/endpoint_mgr.go 602: Updating per-endpoint chains. id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-tw-cali96bfba0cfb9" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-pri-kns.calico-system" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-pri-_og73BH3DuNOZrbBKFW" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-fw-cali96bfba0cfb9" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-pro-kns.calico-system" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-pro-_og73BH3DuNOZrbBKFW" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/endpoint_mgr.go 648: Updating endpoint routes. id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-from-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-fw-cali96bfba0cfb9" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 521: Queueing update of chain. chainName="cali-to-wl-dispatch" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/table.go 595: Chain became referenced, marking it for programming chainName="cali-tw-cali96bfba0cfb9" ipVersion=0x4 table="filter"
2024-05-10 21:47:49.542 [INFO][62] felix/endpoint_mgr.go 1283: Skipping configuration of interface because it is oper down. ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.542 [INFO][62] felix/endpoint_mgr.go 490: Re-evaluated workload endpoint status adminUp=true failed=false known=true operUp=false status="down" workloadEndpointID=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.542 [INFO][62] felix/status_combiner.go 58: Storing endpoint status update ipVersion=0x4 status="down" workload=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.578 [INFO][62] felix/status_combiner.go 78: Endpoint down for at least one IP version id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} ipVersion=0x4 status="down"
2024-05-10 21:47:49.578 [INFO][62] felix/status_combiner.go 98: Reporting combined status. id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} status="down"
2024-05-10 21:47:49.611 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=11 ifaceName="cali96bfba0cfb9" state="down"
2024-05-10 21:47:49.611 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{} ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.611 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"cali96bfba0cfb9", State:"down", Index:11}
2024-05-10 21:47:49.611 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"cali96bfba0cfb9", Addrs:set.Typed[string]{}}
2024-05-10 21:47:49.611 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"cali96bfba0cfb9", Addrs:set.Typed[string]{}}
2024-05-10 21:47:49.611 [INFO][62] felix/endpoint_mgr.go 431: Workload interface state changed; marking for status update. ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.611 [INFO][62] felix/endpoint_mgr.go 490: Re-evaluated workload endpoint status adminUp=true failed=false known=true operUp=false status="down" workloadEndpointID=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.611 [INFO][62] felix/status_combiner.go 58: Storing endpoint status update ipVersion=0x4 status="down" workload=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.612 [INFO][62] felix/status_combiner.go 78: Endpoint down for at least one IP version id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} ipVersion=0x4 status="down"
2024-05-10 21:47:49.612 [INFO][62] felix/status_combiner.go 98: Reporting combined status. id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} status="down"
2024-05-10 21:47:49.612 [INFO][62] felix/int_dataplane.go 1387: Linux interface state changed. ifIndex=11 ifaceName="cali96bfba0cfb9" state="up"
2024-05-10 21:47:49.612 [INFO][62] felix/int_dataplane.go 2011: Received interface update msg=&intdataplane.ifaceStateUpdate{Name:"cali96bfba0cfb9", State:"up", Index:11}
2024-05-10 21:47:49.612 [INFO][62] felix/endpoint_mgr.go 374: Workload interface came up, marking for reconfiguration. ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.612 [INFO][62] felix/endpoint_mgr.go 431: Workload interface state changed; marking for status update. ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.612 [INFO][62] felix/endpoint_mgr.go 1215: Applying /proc/sys configuration to interface. ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:49.612 [INFO][62] felix/endpoint_mgr.go 490: Re-evaluated workload endpoint status adminUp=true failed=false known=true operUp=true status="up" workloadEndpointID=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.612 [INFO][62] felix/status_combiner.go 58: Storing endpoint status update ipVersion=0x4 status="up" workload=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"}
2024-05-10 21:47:49.613 [INFO][62] felix/status_combiner.go 81: Endpoint up for at least one IP version id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} ipVersion=0x4 status="up"
2024-05-10 21:47:49.613 [INFO][62] felix/status_combiner.go 98: Reporting combined status. id=proto.WorkloadEndpointID{OrchestratorId:"k8s", WorkloadId:"calico-system/csi-node-driver-rjbrg", EndpointId:"eth0"} status="up"
2024-05-10 21:47:51.075 [INFO][62] felix/iface_monitor.go 238: Netlink address update for known interface.  addr="fe80::ecee:eeff:feee:eeee" exists=true ifIndex=11
2024-05-10 21:47:51.076 [INFO][62] felix/int_dataplane.go 1431: Linux interface addrs changed. addrs=set.Set{fe80::ecee:eeff:feee:eeee} ifaceName="cali96bfba0cfb9"
2024-05-10 21:47:51.076 [INFO][62] felix/int_dataplane.go 2031: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"cali96bfba0cfb9", Addrs:set.Typed[string]{"fe80::ecee:eeff:feee:eeee":set.v{}}}
2024-05-10 21:47:51.076 [INFO][62] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"cali96bfba0cfb9", Addrs:set.Typed[string]{"fe80::ecee:eeff:feee:eeee":set.v{}}}
2024-05-10 21:48:05.085 [INFO][62] felix/health.go 336: Overall health status changed: live=true ready=true
+---------------------------+---------+----------------+-----------------+--------+
|         COMPONENT         | TIMEOUT |    LIVENESS    |    READINESS    | DETAIL |
+---------------------------+---------+----------------+-----------------+--------+
| CalculationGraph          | 30s     | reporting live | reporting ready |        |
| FelixStartup              | -       | reporting live | reporting ready |        |
| InternalDataplaneMainLoop | 1m30s   | reporting live | reporting ready |        |
+---------------------------+---------+----------------+-----------------+--------+
2024-05-10 21:48:41.743 [INFO][62] felix/summary.go 100: Summarising 29 dataplane reconciliation loops over 1m3.2s: avg=13ms longest=146ms (resync-filter-v4,resync-ipsets-v4,resync-mangle-v4,resync-nat-v4,resync-raw-v4,resync-routes-v4,resync-routes-v4,resync-routes-v4,resync-routes-v4,resync-rules-v4,update-filter-v4,update-mangle-v4,update-nat-v4,update-raw-v4)
2024-05-10 21:49:44.562 [INFO][62] felix/summary.go 100: Summarising 11 dataplane reconciliation loops over 1m2.8s: avg=8ms longest=11ms (resync-mangle-v4,resync-nat-v4)
2024-05-10 21:50:44.833 [INFO][62] felix/summary.go 100: Summarising 9 dataplane reconciliation loops over 1m0.3s: avg=9ms longest=17ms (resync-mangle-v4,resync-nat-v4)
2024-05-10 21:51:51.543 [INFO][62] felix/summary.go 100: Summarising 8 dataplane reconciliation loops over 1m6.7s: avg=7ms longest=10ms (resync-ipsets-v4)
2024-05-10 21:52:41.074 [INFO][62] felix/usagerep.go 115: Initial delay complete, doing first report
2024-05-10 21:52:41.074 [INFO][62] felix/usagerep.go 205: Reporting cluster usage/checking for deprecation warnings. alpEnabled=false calicoVersion="v3.27.3" clusterGUID="a67d29bc359f4aa2a450000b755000d7" clusterType="typha,kdd,k8s,operator,kubeadm" gitRevision="638464f946657417dd4900724112eb844ce5be03" kubernetesVersion="v1.29.4" stats=calc.StatsUpdate{NumHosts:4, NumWorkloadEndpoints:11, NumHostEndpoints:0, NumPolicies:1, NumProfiles:58, NumALPPolicies:0} version="v3.27.3"
2024-05-10 21:52:41.832 [INFO][62] felix/usagerep.go 117: First report done, starting ticker
2024-05-10 21:52:54.729 [INFO][62] felix/summary.go 100: Summarising 8 dataplane reconciliation loops over 1m3.2s: avg=8ms longest=14ms (resync-ipsets-v4)
2024-05-10 21:53:54.883 [INFO][62] felix/summary.go 100: Summarising 10 dataplane reconciliation loops over 1m0.2s: avg=8ms longest=14ms (resync-nat-v4,resync-raw-v4)
2024-05-10 21:54:58.854 [INFO][62] felix/summary.go 100: Summarising 7 dataplane reconciliation loops over 1m4s: avg=8ms longest=15ms (resync-ipsets-v4)
2024-05-10 21:55:58.978 [INFO][62] felix/summary.go 100: Summarising 8 dataplane reconciliation loops over 1m0.1s: avg=7ms longest=10ms (resync-ipsets-v4)
2024-05-10 21:57:01.269 [INFO][62] felix/summary.go 100: Summarising 10 dataplane reconciliation loops over 1m2.3s: avg=7ms longest=11ms (resync-filter-v4)
2024-05-10 21:58:06.080 [INFO][62] felix/summary.go 100: Summarising 8 dataplane reconciliation loops over 1m4.8s: avg=8ms longest=10ms ()
2024-05-10 21:59:09.382 [INFO][62] felix/summary.go 100: Summarising 11 dataplane reconciliation loops over 1m3.3s: avg=8ms longest=11ms ()
2024-05-10 22:00:12.047 [INFO][62] felix/summary.go 100: Summarising 7 dataplane reconciliation loops over 1m2.7s: avg=7ms longest=9ms (resync-ipsets-v4)

@AlanduzzZ
Copy link

I also have the same version v3.27.3 and encountered the same problem
nc -uvz 10.10.0.2 53 is Connected, but dig timeout.
It is normal if you use dig +tcp

@sqaisar
Copy link
Author

sqaisar commented May 11, 2024
edited

@AlanduzzZ
Exactly udp works but tcp doesn't.

ubuntu:~# nc -uvz 172.31.0.10 53
Connection to 172.31.0.10 53 port [udp/domain] succeeded!

Are you installing calico using the operator? What's your config and are you using dual stack?
I am setting it up on openstack but I don't think it's related to openstack.

@sqaisar
Copy link
Author

sqaisar commented May 12, 2024

I found something.
If coredns pods runs on master nodes then no pod can communicate to it over tcp but if coredns runs on worker nodes then pods can connect with the coredns pods and able to resolve dns.
I don't have any specific networkpolicy configured. Does anyone know what could be the issue? From the looks of it I'd say it's firewall issue on master node vm's but I've added allow all ingress tcp 0.0.0.0/0 and that doesn't work so it might be something else

@mfreeman451
Copy link

I seem to be having a similar issue. Going to try to add a node and see what happens, I believe I had all of this working earlier but I have gone from 4 nodes to 1 now.

@mfreeman451
Copy link

Adding a node solved my problem..

@sqaisar
Copy link
Author

sqaisar commented May 12, 2024

Actually the pods running on same nodes where coredns is running is able to resolve dns. I've multiple worker nodes and If I run all coredns pods on any of the node e.g main-k8s-regular-1 and rum some other pod on same node then I'm able to resolve dns. but if the pod is running on some other node then it doesn't work.
@mfreeman451 Can you see if you have similar problem? if not can you please share the firewall rules you have for the nodes?

@mfreeman451
Copy link

i dont have any firewall rules, pretty vanilla setup.. for me if I only have one node, I get pods that can't do dns/TLS verification.

@AlanduzzZ
Copy link

@sqaisar
My kubernetes version is 1.30.0, calico is not installed using the operator, and the calico-etcd.yaml file is used. I eventually downgraded the version of calico to 3.26.4 and coredns parsed everything fine

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mfreeman451 @AlanduzzZ @sqaisar