RE: Submariner gateway status is showing as connecting
26 views
Skip to first unread message
Vaishnavi Rajulu
Sep 30, 2024, 6:36:53 AM9/30/24
to submariner-users
Hi Guys,
I have deployed submariner and joined to broker with globalnet enabled. In subctl show connections the status remains connecting. I want to get it as connected. How do I refresh the configuration and get it connected?
PS: No errors are there checked with diagnose all command
PS: No errors are there checked with diagnose all command
subctl show connections
Cluster "default"
✓ Showing Connections
GATEWAY CLUSTER REMOTE IP NAT CABLE DRIVER SUBNETS STATUS RTT avg.
worker2 cluster2 203.x.x.x yes libreswan 242.1.0.0/16 connecting 0s
kind-control-plane kind 59.x.x.x yes libreswan 242.2.0.0/16 connecting 0s
Cluster "default"
✓ Showing Connections
GATEWAY CLUSTER REMOTE IP NAT CABLE DRIVER SUBNETS STATUS RTT avg.
worker2 cluster2 203.x.x.x yes libreswan 242.1.0.0/16 connecting 0s
kind-control-plane kind 59.x.x.x yes libreswan 242.2.0.0/16 connecting 0s
Yossi Boaron
Sep 30, 2024, 6:51:40 AM9/30/24
to Vaishnavi Rajulu, submariner-users
Hi Vaishnavi,
If connection status remains in "connecting" status on "subctl show connections" that implies some datapath issue in inter-cluster IPSec tunnel.
You can check subctl inter-cluster firewall diagnose [1] to verify inter-cluster firewall prerequisites.
If you could not solve the issue, please file a ticket on Github - and upload all the relevant details .
Thanks
Yossi
[1]
subctl diagnose firewall inter-cluster --context <localcontext> --remotecontext <remotecontext>
--
You received this message because you are subscribed to the Google Groups "submariner-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to submariner-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/submariner-users/1987702b-fcee-415f-b90b-4afaf2604bd0n%40googlegroups.com.
Vaishnavi Rajulu
Oct 1, 2024, 2:53:31 AM10/1/24
to submariner-users
subctl diagnose firewall inter-cluster --kubeconfig /etc/rancher/rke2/rke2.yaml --kubeconfig kind-config.yaml
✓ Checking if tunnels can be setup on the gateway node of cluster "kind-kind"
✓ Skipping this check as it's a single node cluster
✓ Tunnels can be established on the gateway node of cluster "kind-kind"
✓ Checking if tunnels can be setup on the gateway node of cluster "kind-kind"
✓ Skipping this check as it's a single node cluster
✓ Tunnels can be established on the gateway node of cluster "kind-kind"
Yossi Boaron
Oct 1, 2024, 6:10:55 AM10/1/24
to Vaishnavi Rajulu, submariner-users
Ack,
subctl diagnose firewall inter-cluster doesn't support single node cluster.
If you've made sure that all Submariner prerequisites are met and still get the same behavior,
please file a ticket on Github - and upload all the relevant details.
To view this discussion on the web visit https://groups.google.com/d/msgid/submariner-users/c0fac14f-3040-48fe-8377-5d5d9572a5den%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages