Loading...
Loading...
Software deployment output shows "FAILED ChartKey: PORTAL""Deployment is not ready: NAMESPACE/POD 0 out of 1 expected pods are ready" Multiple pods in the application namespace remain stuck in Init statePods events show a failure to mount volumesStorage volumes show as NOT READY for workloads: AttachVolume.Attach failed for volume "pvc-8b562b80-0987-4aca-8c50-01471ef005c4" : rpc error: code = Aborted desc = volume pvc-8b562b80-0987-4aca-8c50-01471ef005c4 is not ready for workloads Host's journalctl logs contain firewall deny messages on CNI interfaces: May 11 19:31:52 ORCHESTRATOR1 kernel: MFE_O_A_Deny_AllIN= OUT=cali38e8bc45c94 SRC=10.24.125.7 DST=161.200.187.74 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=1724 DF PROTO=TCP SPT=39566 DPT=9501 WINDOW=64800 RES=0x00 SYN URGP=0 MARK=0x11e Longhorn Container Storage Interface (CSI) plugin communication failsVault Bootstrap pod runs but fails to create the required secretsAll application pods fail to initialize after Calico network plugin deployment
The host firewall may be configured to block traffic on interfaces used by the CNI plugin. When Calico or other CNI plugins create virtual network interfaces for pod communication, the host firewall treats these as untrusted and blocks traffic. This prevents: Longhorn CSI plugin communication with the storage manager on port 9501Pod-to-host communication required for volume attachment operationsKubernetes API server to pod communicationDNS resolution for pods Note: If failure analysis is unclear, follow the article Dell Automated Platform: How to Retrieve a Log Bundle for Troubleshooting to gather the log bundle when raising a case with support.
Configure the host firewall to allow Kubernetes traffic: Add firewall exceptions for CNI interface patterns (veth*, cali*, flannel*, weave*)Add exceptions for the pod network CIDR rangeAllow traffic on required ports: Port 9501 for Longhorn CSIPorts 8080 and 8443 for API serversPort 6443 for Kubernetes API Allow Kubernetes API server communication Test the firewall configuration: Temporarily disable the host firewall to confirm it resolves the issueMonitor pod startup and volume attachment after firewall changesCheck system logs for successful pod communication After firewall fix, restart the deployment process: Delete the Portal an Orchestrator namespacesRestart the deployment script. Confirm that all application pods reach Running state.
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
BugZero Plan
Streamline upgrades with automated vendor bug scrubs
BugZero Prevent
Wish you caught this bug sooner? Get proactive today.