Join Log in
Score:0
avatar Server

How to fix "Failed to apply 'Node' resource: [update conflict: Node(...)]" while trying to apply Calico node config?

cn flag
Dmitriy Vinokurov

I'm playing with Kubernetes and got two VirtualBox machines - master and worker. Every one has two network interfaces - one for Internet and other for communication between each other VM and host machine. And I got troubles with Calico setup because it autodetects wrong network interface. I've made few settings to fix it but one trouble remains - worker takes wrong IP. And I found how to fix it - but it does not work. Details below.

Current worker config is (10.0.3.15 is those "wrong" IP):

[12:35]user@ubuntu-vbox-k8s-master[~]$ ./calicoctl get node ubuntu-vbox-k8s-worker -o yaml
apiVersion: projectcalico.org/v3
kind: Node
metadata:
  annotations:
    projectcalico.org/kube-labels: '{"beta.kubernetes.io/arch":"amd64","beta.kubernetes.io/os":"linux","kubernetes.io/arch":"amd64","kubernetes.io/hostname":"ubuntu-vbox-k8s-worker","kubernetes.io/os":"linux"}'
  creationTimestamp: "2021-09-26T10:59:00Z"
  labels:
    beta.kubernetes.io/arch: amd64
    beta.kubernetes.io/os: linux
    kubernetes.io/arch: amd64
    kubernetes.io/hostname: ubuntu-vbox-k8s-worker
    kubernetes.io/os: linux
  name: ubuntu-vbox-k8s-worker
  resourceVersion: "9219"
  uid: 6f5efd41-e06c-4f9d-9b3a-248af88a385e
spec:
  addresses:
  - address: 10.0.3.15/24
    type: CalicoNodeIP
  - address: 10.0.3.15
    type: InternalIP
  bgp:
    ipv4Address: 10.0.3.15/24
    ipv4IPIPTunnelAddr: 192.168.77.64
  orchRefs:
  - nodeName: ubuntu-vbox-k8s-worker
    orchestrator: k8s
status: {}

I try to apply fixed one:

[12:37]user@ubuntu-vbox-k8s-master[~]$ cat calico-worker.yaml 
apiVersion: projectcalico.org/v3
kind: Node
metadata:
  annotations:
    projectcalico.org/kube-labels: '{"beta.kubernetes.io/arch":"amd64","beta.kubernetes.io/os":"linux","kubernetes.io/arch":"amd64","kubernetes.io/hostname":"ubuntu-vbox-k8s-worker","kubernetes.io/os":"linux"}'
  creationTimestamp: "2021-09-26T10:59:00Z"
  labels:
    beta.kubernetes.io/arch: amd64
    beta.kubernetes.io/os: linux
    kubernetes.io/arch: amd64
    kubernetes.io/hostname: ubuntu-vbox-k8s-worker
    kubernetes.io/os: linux
  name: ubuntu-vbox-k8s-worker
  resourceVersion: "5303"
  uid: 6f5efd41-e06c-4f9d-9b3a-248af88a385e
spec:
  addresses:
  - address: 192.168.56.109
    type: InternalIP
  orchRefs:
  - nodeName: ubuntu-vbox-k8s-worker
    orchestrator: k8s
status: {}

and got error:

[12:38]user@ubuntu-vbox-k8s-master[~]$ ./calicoctl apply -f calico-worker.yaml 
Failed to apply 'Node' resource: [update conflict: Node(ubuntu-vbox-k8s-worker)]

It is strange because I succeeded to fix Calico master node in same way without conflict with config:

apiVersion: projectcalico.org/v3
kind: Node
metadata:
  annotations:
    projectcalico.org/kube-labels: '{"beta.kubernetes.io/arch":"amd64","beta.kubernetes.io/os":"linux","kubernetes.io/arch":"amd64","kubernetes.io/hostname":"ubuntu-vbox-k8s-master","kubernetes.io/os":"linux","node-role.kubernetes.io/control-plane":"","node-role.kubernetes.io/master":"","node.kubernetes.io/exclude-from-external-load-balancers":""}'
  creationTimestamp: "2021-09-26T10:56:24Z"
  labels:
    beta.kubernetes.io/arch: amd64
    beta.kubernetes.io/os: linux
    kubernetes.io/arch: amd64
    kubernetes.io/hostname: ubuntu-vbox-k8s-master
    kubernetes.io/os: linux
    node-role.kubernetes.io/control-plane: ""
    node-role.kubernetes.io/master: ""
    node.kubernetes.io/exclude-from-external-load-balancers: ""
  name: ubuntu-vbox-k8s-master
  resourceVersion: "9052"
  uid: 9e6d55c6-f449-4ded-ab47-ea9d889d6b43
spec:
  addresses:
  - address: 192.168.56.108
    type: InternalIP
  bgp:
    ipv4IPIPTunnelAddr: 192.168.77.0
  orchRefs:
  - nodeName: ubuntu-vbox-k8s-master
    orchestrator: k8s
status:
  podCIDRs:
  - 192.168.77.0/24
143
0 + 0
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
Well I understand you want to change the yaml and give the calicoctl apply again? Did you try to run `calicoctl replace` command? [Ref](https://docs.projectcalico.org/reference/calicoctl/replace)?
0
Reply
Wytrzymały Wiktor avatar
it flag
Wytrzymały Wiktor
Hello @DmitriyVinokurov. Any updates?
0
Reply
cn flag
Dmitriy Vinokurov
@MikołajGłodziak, sorry for late reply, was on vacation, now both apply and replace works but nothing changes :(
0
Reply
cn flag
Dmitriy Vinokurov
@WytrzymałyWiktor, see above
0
Reply
cn flag
Dmitriy Vinokurov
Solved, added answer
0
Reply
Score:0
avatar Server
cn flag
Dmitriy Vinokurov

Solved with help from Calico Slack channel by command kubectl set env daemonset/calico-node -n kube-system IP_AUTODETECTION_METHOD=interface=enp0s3 from https://docs.projectcalico.org/networking/ip-autodetection

0 + 0
SM Kravec avatar
lb flag
SM Kravec
Just used this command for fixing a Calico deploy that was connecting to the wrong subnet and for the life of me was confused how to roll out the change. Here's the command if you don't know the interface but do know the subnet (e.g. `10.141.0.0/24`): `kubectl -n calico-system set env ds calico-node IP_AUTODETECTION_METHOD=cidr=10.141.0.0/24`
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.