Welcome to the Linux Foundation Forum!

Lab 3.1 calico tunnel is not created

i am on lab 3.1 now,
i follow step by stop of lab 3.1
but after run kubectl apply -f calico.yaml then i check ip a, tunnel is not created and node is not ready also pod is pending

could someone help me please



  • chrispokornichrispokorni Posts: 669
    edited October 2018

    Hi @nkristianto, could you provide the output from "ip a" and from "kubectl get nodes" and "kubectl get pods -o wide --all-namespaces"?

  • nkristiantonkristianto Posts: 12
    edited October 2018

    hi @chrispokorni this id the output

    i still cannot run the tunnel,

  • Thanks for the output. If the master is not ready, it will not allow for any pods to start either.
    Where are you running your nodes? Are you on GCP, AWS, Azure, Virtual box, VMware? What are the sizes of your nodes?
    Were any of the previous outputs inconsistent with the ones presented in the lab (during updates, upgrades, installs)?

  • hi @chrispokorni,
    thanks for your reply

    i am using GCP to running the nodes and i am using n1 standard

    i am following the lab step by step, and nothing different output until step 11

  • There may be such issues when there are not enough resources on the VM for the Kubernetes cluster to start.
    Are they n1-standard-2 with 2 vCPUs and 7.5 GB. Also make sure you have a firewall rule to enable all traffic (all sources, all ports, all protocols).
    New nodes and a re-install have fixed similar issues in the past.

  • hi @chrispokorni
    the issue is fixed

    the root cause is because : yes, you're right. i dont have enough resource to run the nodes

    thanks for the reply

  • I am having the same issue with the Calico tunnel. I am using the latest version and I have updated and patched as the instructions call for. I am running a VM with 2 core and 8 GB of RAM and it will not start. How do I get the calico tunnel to create?


  • I am getting an error that the Certificate on the Calico.yaml is not trusted.

  • Hi,

    I just completed the installation steps on both nodes and was able to start the cluster and join the second node as well.

    The only strange behavior I noticed on my end was that it took a lot more time for the master node to initialize and be Ready, and all the pods on the master node to get to Running state. It may just be an infra issue.

    When you mention above that you are "using the latest version" - what are you referring to? Kubernetes version, Calico version?

    The lab as it is written, calls for Kubernetes v. 1.11.1 and Calico v. 2.6. Are these the versions you have installed? The lab was tested successfully with these versions.

    Also, do you have a firewall rule that enables traffic to all ports, all protocols, from all sources? Kubernetes uses some ports which may be blocked by a default firewall.

    I hope this helps.

Sign In or Register to comment.