Hi @porrascarlos80,

Please provide details about your environment, such as the cloud provider or hypervisor used to provision the VMs, the guest OS release/version, VM CPU, VM RAM, VM disk, how many network interfaces per VM, private/public, network bridged/nat, private subnet range for the VMs, whether all ingress traffic is allowed (from all sources, to all port destinations, all protocols).

This may help us to reproduce the behavior reported above.

Regards,
-Chris

Hi @porrascarlos80,

Thank you for the details provided above. While they do not answer the earlier questions, they provide enough information about you cluster in general.

The installation method from docs.cilium.io installs cilium in a different manner than the way it was intended by the installation instructions of the course lab guide. It implements the Pod network and it uses guest OS components differently than the lab guide, and some later exercises may behave differently as a result.

However, based on the hosts file entries provided, make sure that k8scp is an alias of the control plane node, and not the actual hostname of the control plane node.

The IP addresses of the node VMs are from the 192.168.1.0 subnet. This subnet overlaps with the Pod network implemented by the cilium network plugin 192.168.0.0/16. Such overlaps should be avoided. The nodes network (aaa.bbb.ccc.ddd), the Pods network (192.168.0.0/16), and the Services network (10.96.0.0/12) should be distinct. Because of this overlap the installation method from the lab guide did not complete successfully on your cluster.

If you are using a local hypervisor, managing the DHCP server is pretty straight forward, and all inbound traffic can be easily allowed from the hypervisor's settings.

Regards,
-Chris

This exact issue got me too.

k8cps must point to the IP address of the Control Plane's/First node's IP address. In my it was on eth0 which was 192.168.1.225.

This will clash with cilium's subnet so have to change cluster-pool-ipv4-cidr in the cilium yaml to "192.169.0.0/16" and podSubnet in the kubeadm-config.yaml to 192.169.0.0/16

I would have loved if these notes were in the lab as I wasted a bit of time with this too.

I change values and parameters in the file kubeadm-config.yaml

apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: 1.27.1
controlPlaneEndpoint: "k8scp:6443"
networking:
podSubnet: 10.10.0.0/16 <-- change
serviceSubnet: 10.96.0.0/12 <-- add

Too follow this link mainly the install with helm.
https://docs.cilium.io/en/stable/installation/k8s-install-kubeadm/

Install Helm
https://helm.sh/es/docs/intro/install/

Setup Helm repository:
helm repo add cilium https://helm.cilium.io/

Deploy Cilium release via Helm:
helm install cilium cilium/cilium --version 1.14.4 --namespace kube-system

with this it worked for me..!!!

I paid good money for this course and honestly would like a refund. I have spent a few hours working in the first few chapter sections and a couple of days sorting through the bugs and reading forum posts involving all sorts of issues with a supposed step by step setup of a k8s cluster. I can't even finish chapter 3. This is painstaking and frustrating.

Got the same issue as my home lab DHCP is configured to provide 192.168.1.0/24.
To fix it and set 10.10.0.0/16 CIDR to cilium, simply run this command and continue the guide
sed -i s'#cluster-pool-ipv4-cidr: "192.168.0.0/16"#cluster-pool-ipv4-cidr: "10.10.0.0/16"#'g $(find $HOME -name cilium-cni.yaml)

It would be nice indeed that the course specifies the CIDR used by Cilium in the config file, and give the necessary instruction for changing it.

Best
Denis

Hi @silviukucsvan,

What type of infrastructure is hosting your cluster (local hypervisor or cloud)? What are the IP addresses of your VMs? What is the guest OS running the VMs? Are any firewalls active to filter/block ingress traffic to the VMs?

Regards,
-Chris

Hi @silviukucsvan,

There are several issues that prevent you from moving forward. So far they are the guest OS release and the VMs' IP addresses.

The recommended OS is still Ubuntu 20.04 LTS. The more recent 22, 23, 24 releases introduce some dependency issues that have not yet been addressed.

Most local hypervisors use the 192.168.0.0/x subnet for VMs' private IP addresses. This eventually overlaps with the default Pod subnet that is defined by the Cilium CNI plugin 192.168.0.0/16. Below you will find instructions how to avoid this overlap.

Start by provisioning two new VMs. Make sure you enable a single bridged network interface per VM, and all the ingress traffic is allowed to the VM by the hypervisor - that is all protocols, to all port destinations from all sources. IPs from the 192.168.0.0/x subnet are OK. The OS should be Ubuntu 20.04 LTS (server or desktop).

When you get to step 19 of lab exercise 3.1, make sure that the /etc/hosts file additional entry is the control plane node private IP and the k8scp alias:

...
192.168.x.x k8scp
...

At step 20, edit your /root/kubeadm-config.yaml manifest with a new Pod subnet, that should not overlap the VM IPs:

apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: 1.29.1
controlPlaneEndpoint: "k8scp:6443"
networking:
  podSubnet: 10.200.0.0/16

Then init the cluster (step 21) and prepare the ~/.kube/config file (step 22).

Before applying the cilium-cni.yaml manifest (step 23), edit the file on line 198 with the desired Pod CIDR, to match the one supplied in the kubeadm-config.yaml manifest earlier:

...
cluster-pool-ipv4-cidr: "10.200.0.0/16"
...

From here on you can follow the lab guide as is.

Regards,
-Chris

I understand the purpose of having us researching and troubleshooting but I have spent a lot of time fixing some things that could have been delivered or highlighted with a simply note or warning. I am still on chapter 3 after several days trying to figure out small issues/bugs.