Bugs in Labs

slastr

Some labs in CKA course does not work e.g. Lab 11.1. Service Mesh.
Where can we get correct labs with fixed errors ?

fazlur.khan

Yes, I hear you, Linkerd’s data plane works by transparently routing all TCP traffic to and from every meshed pod to its proxy. This allows Linkerd to act without the application being aware.

By default, this rewiring is done with an Init Container that uses iptables to install routing rules for the pod, at pod startup time. However, this requires the CAP_NET_ADMIN capability; and in some clusters, this capability is not granted to pods.

To handle this, Linkerd can optionally run these iptables rules in a CNI plugin rather than in an Init Container.

Lab 11.1 works for me because on my cluster the init container is using CAP_NET_ADMIN

I have taken note, We can also add these optional steps in the docs to install linkerd-cni

fazlur.khan

Hello...

I have re-validated the Lab and Lab 11.1 is working fine for me.

First step is to install linkerd and second and third steps set up your Path. The user name we use in the lab is student (/home/student), if you are using any other username, then please change the command accordingly to match the username and rest of the steps should go through.

If this doesnt solve the issue, then please let me know the error you are facing and I will help you with that.

Thank you.

slastr

The lab require additional installation linkerd-cni otherwise pods won't start.

serewicz

Hello @slastr

I, too, have run the lab steps and they work as written.

Please share, what version of Kubernetes and OS you are using? Are you using GCE, AWS, Virtual Box, VMWare, digital ocean? Are all of your ports open or is there a VPC or firewall in place? Is SELinux and AppArmor disabled? Are pods running on both your CP and worker? Any other errors?

I think there is something in your setup preventing the pods from starting. If you can answer the above we may be able to offer advice.

Regards,