Antrea is consistently changing nodePortLocal for envoy Pod
search cancel

Antrea is consistently changing nodePortLocal for envoy Pod

book

Article ID: 333551

calendar_today

Updated On:

Products

VMware Container Networking with Antrea

Issue/Introduction

Symptoms:

  • Service is configured to use Antrea NodePortLocal (NPL)
  • Service is deployed with TAS (Tanzu Applicaton Platform) using Envoy
  • AVI report degraded service
  • NodePortLocal assigned to envoy gets updated at each reconciliation

Cause

Envoy is missing the annotation nodeportlocal.antrea.io/enabled: "true"

 

Resolution

you need to add the following annotation to the application deployed by TAP :

envoy:
 service:
   type: LoadBalancer
   annotations:
     nodeportlocal.antrea.io/enabled: "true"

In order to achieve this add the above to your file : nodeportlocal.antrea.io/enabled: "true"

Then run :

tanzu package installed update tap -p <package name> -v <version number>  --values-file tap-values.yaml -n <namespace>

 


Workaround:
Pause reconciliation for contour until the fix is in place.

Additional Information

https://docs.vmware.com/en/VMware-Tanzu-Application-Platform/1.6/tap/customize-package-installation.html
 

Documentation about NodePortLocal :

https://nsxbaas.blog/2023/07/03/enabling-antrea-nodeportlocal-in-single-and-multi-zonal-tkgs-clusters/

 https://antrea.io/docs/v1.9.0/docs/node-port-local/

 https://avinetworks.com/docs/ako/1.5/handling-objects/

 https://github.com/antrea-io/antrea/issues/1463 interesting doc around NPL implementation

 https://github.com/antrea-io/antrea/issues/2381 interesting details on NPL allocation


Powered by Wolken Software