Hi everyone,
This is my first post in quite some time! Today, I’d like to dive into a troubleshooting topic that I recently encountered and share how we resolved it in our Talos setup. Hopefully, this will help others facing a similar issue.
The Problem
We use Calico with BGP for networking in our Kubernetes setup. Recently, one of our nodes started showing the following event:
cidrAllocator Node node-1 status is now: CIDRNotAvailable
Interestingly, the cluster remained operational, and Pods were still accessible. However, it was clear that the error indicated a misconfiguration that needed to be addressed.
After reaching out to the Calico community, they quickly pointed out the root cause: the podCIDR allocation was still being handled by the Kubernetes controller manager. When using Calico IPAM, the controller manager should not assign IP addresses to Pods.
The Solution
To resolve this issue, we needed to disable podCIDR allocation in the controller manager. Here’s how we implemented the fix in Talos Linux.
Step 1: Update the Controller Manager Configuration
In Talos, you can update the controller manager configuration to disable IP allocation. Add the following configuration snippet to your Talos cluster manifest:
controllerManager:
image: registry.k8s.io/kube-controller-manager:v1.26.2
# Disable IP allocations in the controller manager.
# This change resolves the CIDRNotAvailable error.
extraArgs:
allocate-node-cidrs: false
Step 2: Apply the Changes
Once you apply the updated configuration, the kube-controller-manager Pods will restart automatically. The allocate-node-cidrs setting should now be disabled.
You can verify the updated configuration by describing the kube-controller-manager Pod:
kubectl describe pod -n kube-system kube-controller-manager-<clustername>
Here is an example of the expected output:
Command:
/usr/local/bin/kube-controller-manager
...
--allocate-node-cidrs=false
...
Note the line --allocate-node-cidrs=false in the Command section—this confirms that the setting has been correctly applied.
It will take sometime until the error CIDRNotAvailable is not longer visible.
Top comments (0)