All Products
Search
Document Center

What Can I Do if Insufficient IP Addresses are Provided by a vSwitch in a Cluster that Uses Terway?

Last Updated: Jul 30, 2021

Problem description

You cannot create a pod. To view the information about the vSwitch that you want to use, you go to the vSwitch page in the Virtual Private Cloud (VPC) console and select the region where your cluster resides. You find that the number of available IP addresses for the vSwitch is zero. For more information, see the More information section.

Cause

The IP addresses of the vSwitch are exhausted. The pod cannot be created and stays in the ContainerCreating state because no IP address is available.

Solution

Perform the following steps to scale out the cluster resources by adding a vSwitch:

  1. Log on to the VPC console. Select the region where your cluster resides and create a vSwitch.
    Note: The vSwitch to be created must be in the same region and zone as the vSwitch with insufficient IP addresses. If the number of pods is increasing, we recommend that the Classless Inter-Domain Routing (CIDR) block of the vSwitch to be created contain at least 8,192 IP addresses. This means that the network bits of the CIDR block must be no greater than 19.
  2. Run the following command to configure a ConfigMap for Terway.
    kubectl edit cm eni-config -n kube-system
    Add the new vSwitch named vsw-BBB and the existing vSwitch named vsw-AAA with insufficient IP addresses to the vswitches parameter in edit mode. The following sample code provides an example:
    eni_conf: |
    {
    "version": "1",
    "max_pool_size": 25,
    "min_pool_size": 10,
    "vswitches": {"cn-shanghai-f":["vsw-AAA", "vsw-BBB"]},
    "service_cidr": "172.X.X.0/20",
    "security_group": "sg-CCC"
    }
  3. View the version of Terway. If you have not updated Terway to the latest version, log on to the Container Service for Kubernetes (ACK) console and update Terway on the Add-ons page. For more information, see Manage system components.
  4. Run the following command to delete all pods. Pods will be rebuilt after deletion.
    Note: If you use Terway and select the Assign One ENI to Each Pod check box when you create a cluster, an elastic network interface (ENI) is exclusive to one pod. If you clear the Assign One ENI to Each Pod check box, one ENI is shared among multiple pods. For more information, see Work with Terway.
    • If one ENI is shared among multiple pods, run the kubectl delete -n kube-system pod -l app=terway-eniip command to delete all pods.
    • If one ENI is exclusive to one pod, run the kubectl delete -n kube-system pod -l app=terway-eni command to delete all pods.
  1. Run the kubectl get pod command and check whether all pods are rebuilt.
  2. Create a pod to check whether the pod is assigned an IP address from the new vSwitch.

More information

Connect to an ACK cluster. For more information, see Use kubectl to connect to an ACK cluster. Run the kubectl get pod command and find that the status of the pod is ContainerCreating. Run the following command and view the container logs of the node where the pod resides:

kubectl logs --tail=100 -f [$Pod_Name] -n kube-system -c [$Container_Name]

Note:

  • [$Pod_Name] specifies the name of the pod.
  • [$Container_Name] specifies the name of the container where the pod resides.

An error message similar to the following output is displayed:

time="2020-03-17T07:03:40Z" level=warning msg="Assign private ip address failed: Aliyun API Error: RequestId: 2095E971-E473-4BA0-853F-0C41CF52651D Status Code: 403 Code: InvalidVSwitchId.IpNotEnough Message: The specified VSwitch \"vsw-AAA\" has not enough IpAddress., retrying"

References

Applicable scope

  • ACK