Some users may be experiencing networking problems after installing Kubernetes 1.25.
In an effort to help users that are experiencing trouble, the cloud-native company Mirantis has published a blog post on how to resolve the issue.
According to Mirantis, the issue likely arises when there is a conflict between your version of iptables and the version Kubernetes 1.25 ships with. There is an incompatibility issue with iptables 1.8.8 and older versions, so if you are running 1.8.8 and a Kubernetes 1.25’s kube-router is shipping with version 1.8.7, that causes problems.
The result of this compatibility issue is that the earlier version rewrites a rule and inadvertently blocks all network traffic on the host.
Fortunately there are already some fixes that can be implemented. According to Mirantis, you can downgrade your host version to 1.8.7 to eliminate the incompatibility issue. Another option is to run kubelet with “–feature-gates=IPTablesOwnershipCleanup=true” to avoid creating the rule that causes the issue. This second option may cause some issues with components that assume kubelet creates those rules, however.
Mirantis is also making changes in the k0s distribution of Kubernetes, including detecting the iptables mode using the iptables-wrapper script and shipping k0s with iptables 1.8.7 and the iptables binary.
ITOps Times reached out to the Cloud-Native Computing Foundation (CNCF), the organization that maintains Kubernetes, and they declined to comment.