After upgrading my classic cluster to version 1.21, I'm finding connectivity issues
There is a known issue with classic Kubernetes 1.21 clusters that have public and private service endpoint, but don't have VRF enabled.
You upgraded your classic cluster to Kubernetes 1.21 and are finding connectivity issues such as connecting to the Kubernetes console, fetching logs from pods, or running the IBM Cloud Kubernetes Service Diagnostics and Debug Tool.
In Kubernetes version 1.21, Konnectivity replaces OpenVPN as the network proxy that is used to secure the communication of the Kubernetes API server master to worker nodes in the cluster.
However, when using Konnectivity, a problem exists with masters to cluster nodes communication when all the following conditions are met.
- You are updating an existing classic cluster to Kubernetes version 1.21 or are deploying a new classic cluster.
- The cluster has both private and public service endpoints enabled.
- Service endpoints or VRF are not enabled in the account.
To determine if VRF and service endpoints are enabled in your account, run ibmcloud account show. Look for the following output.
VRF Enabled: true
Service Endpoint Enabled: true
To determine if your classic cluster has both public and private service endpoint enabled, run ibmcloud ks cluster get -c <cluster_id>. Look for output similar to:
Public Service Endpoint URL: https://c105.<REGION>.containers.cloud.ibm.com:<port>
Private Service Endpoint URL: https://c105.private.<REGION>.containers.cloud.ibm.com:<port>
If your cluster meets these conditions, delay updating to version 1.21 until you can enable service endpoints and VRF for the account. If you are updating your VPC clusters or classic clusters that have only public service endpoints enabled, there is no issue updating to 1.21. If you have questions about this issue, please open a support ticket and reference this announcement.
Do not create classic clusters with only a private service endpoint enabled unless you have both VRF and the Service Endpoint enabled.