0

I configured openshift and everything is working properly on host where docker-register is started. When i added new node and i try to deploy containers on it i have such error in logs:

E0519 10:51:38.574152    2135 pod_workers.go:138] Error syncing pod 083b958e-1dc0-11e6-8ca2-525400c36a07, skipping: failed to "StartContainer" for "testapp4" with ImagePullBackOff: "Back-off pulling image \"172.30.236.174:5000/test/testapp4@sha256:64c3dc4cb983986a1dd5a7979f03f449b089f4baaf979b67363a92aac43e49cd\""

E0519 11:00:09.099712    2098 pod_workers.go:138] Error syncing pod 5d3c48a1-1dd2-11e6-a164-525400c36a07, skipping: failed to "StartContainer" for "testapp4" with ErrImagePull: "API error (500): Get http://172.30.236.174:5000/v2/: dial tcp 172.30.236.174:5000: getsockopt: no route to host\n"

I'm guessing problem is with it that new node not "see" docker-registry address 172.30.236.174 which is deployed on other node. Should i do something more with new node (i just started openshift with node config)?

user3069488
  • 159
  • 2
  • 3
  • 18

1 Answers1

2

172.30.0.0/16 is used by OpenShift to allocate virtual IP addresses for Kubernetes Services. The docker registry is made available via a Service, and it has apparently bound 172.30.236.174 in your cluster. Service addresses are not normally routable -- instead, kube-proxy intercepts outbound traffic addressed to that IP address, and redirects it (see Virtual IPs and service proxies).

The error message "no route to host", associated with the virtual IP address, indicates that the kube-proxy is not working on the new node. You should be able to find the process running, and you should be able to find its rules in the iptables -L output.

aecolley
  • 943
  • 4
  • 15
  • How kubernetes/openshift is downloading images, in that case, if registry is working in internal environment? How images are downloaded to nodes as docker containers are on top of it? – user3069488 Apr 27 '17 at 12:12