starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 10:05:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #286] Getting 'CrashLoopBackOff' from Kubernetes pod #265

New issue
Closed
opened 2026-03-02 08:00:53 +03:00 by kerem · 6 comments
kerem commented 2026-03-02 08:00:53 +03:00
Owner
Copy link

Originally created by @sichokie on GitHub (Mar 27, 2022).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/286

So sorry for not marking down the checklist. But here's what I've got:

  • When applying the .yaml file, there is no problem
  • But when I'm trying to running kubectl logs to the pod, here's what I've got:
    Screen Shot 2022-03-28 at 03 50 24

Also if needed, this is my .yaml file : https://pastebin.com/wuGiXnb6

Did anyone face this problem? Thank you!

Originally created by @sichokie on GitHub (Mar 27, 2022). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/286 So sorry for not marking down the checklist. But here's what I've got: - When applying the .yaml file, there is no problem - But when I'm trying to running kubectl logs to the pod, here's what I've got: <img width="516" alt="Screen Shot 2022-03-28 at 03 50 24" src="https://user-images.githubusercontent.com/20127624/160298480-163952a5-f713-4b9b-bd11-c12e10623ee0.png"> Also if needed, this is my .yaml file : https://pastebin.com/wuGiXnb6 Did anyone face this problem? Thank you!
kerem closed this issue 2026-03-02 08:00:54 +03:00
kerem commented 2026-03-02 08:00:54 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 29, 2022):

@sichokie Hello! This Docker image contains a script run.sh that first checks that it is running inside a container (e.g. Docker, Podman) [1].

Your logs indicate that this check failed when you run it in Kubernetes. This could mean that this Docker image is not yet compatible with Kubernetes. For now, you can try commenting out the relevant lines [1] and build your own Docker image from source [2].

If you have suggestions on how to make that check work under Kubernetes, let us know.

[1] github.com/hwdsl2/docker-ipsec-vpn-server@a73c1f1467/run.sh (L43-L45)
[2] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#build-from-source-code

<!-- gh-comment-id:1081311635 --> @hwdsl2 commented on GitHub (Mar 29, 2022): @sichokie Hello! This Docker image contains a script `run.sh` that first checks that it is running inside a container (e.g. Docker, Podman) [1]. Your logs indicate that this check failed when you run it in Kubernetes. This could mean that this Docker image is not yet compatible with Kubernetes. For now, you can try commenting out the relevant lines [1] and build your own Docker image from source [2]. If you have suggestions on how to make that check work under Kubernetes, let us know. [1] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/a73c1f14678427f53fbc8e723efbd9af0bb8025e/run.sh#L43-L45 [2] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#build-from-source-code
kerem commented 2026-03-02 08:00:55 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 29, 2022):

@sichokie Fixed in df3284f. You can try the latest Docker image.

<!-- gh-comment-id:1081367027 --> @hwdsl2 commented on GitHub (Mar 29, 2022): @sichokie Fixed in df3284f. You can try the latest Docker image.
kerem commented 2026-03-02 08:00:55 +03:00
Author
Owner
Copy link

@sichokie commented on GitHub (Mar 29, 2022):

It's finally working, but we need to make sure that the container is privileged within the Kubernetes.

Thank you so much, it saves me a lot!

<!-- gh-comment-id:1081637017 --> @sichokie commented on GitHub (Mar 29, 2022): It's finally working, but we need to make sure that the container is privileged within the Kubernetes. Thank you so much, it saves me a lot!
kerem commented 2026-03-02 08:00:55 +03:00
Author
Owner
Copy link

@sichokie commented on GitHub (Mar 29, 2022):

Hi @hwdsl2 Sorry for bothering again. The image is working as you and I mentioned before. When I try to get the pod log, the IP, user, password and IPsec PSK is shown as well.

But when I try to connect from my local machine, it didn't connect, the IP Address shown in from a node within my cluster, I can ping the IP address, but it doesn't connect.

I'm following a guide from https://shinychang.net/blog/deploy-ipsec-vpn-server-on-kubernetes/ and I'm using the same config as he does.

Can you please help? Thank you!

<!-- gh-comment-id:1081869683 --> @sichokie commented on GitHub (Mar 29, 2022): Hi @hwdsl2 Sorry for bothering again. The image is working as you and I mentioned before. When I try to get the pod log, the IP, user, password and IPsec PSK is shown as well. But when I try to connect from my local machine, it didn't connect, the IP Address shown in from a node within my cluster, I can ping the IP address, but it doesn't connect. I'm following a guide from https://shinychang.net/blog/deploy-ipsec-vpn-server-on-kubernetes/ and I'm using the same config as he does. Can you please help? Thank you!
kerem commented 2026-03-02 08:00:55 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 29, 2022):

@sichokie Which VPN mode are you using (IPsec/L2TP, IPsec/XAuth or IKEv2)? For IKEv2 mode, you must use the VPN server's public IP to connect, instead of its local (private) IP. On the other hand, if you want to use the VPN server's local (private) IP to connect, you'll need to remove IKEv2 and set it up again using custom options. See [1] for more details.

[1] https://github.com/hwdsl2/docker-ipsec-vpn-server#configure-and-use-ikev2-vpn

<!-- gh-comment-id:1082062733 --> @hwdsl2 commented on GitHub (Mar 29, 2022): @sichokie Which VPN mode are you using (IPsec/L2TP, IPsec/XAuth or IKEv2)? For IKEv2 mode, you must use the VPN server's public IP to connect, instead of its local (private) IP. On the other hand, if you want to use the VPN server's local (private) IP to connect, you'll need to remove IKEv2 and set it up again using custom options. See [1] for more details. [1] https://github.com/hwdsl2/docker-ipsec-vpn-server#configure-and-use-ikev2-vpn
kerem commented 2026-03-02 08:00:55 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 29, 2022):

@sichokie Looking at your configuration again, IKEv2 mode may not be enabled in your vpn-ipsec.yaml. In this case, it could be due to network or firewall issues between your local machine and your Kubernetes cluster, which prevents VPN connection requests from reaching UDP ports 500 and 4500 on the VPN server node.

<!-- gh-comment-id:1082071996 --> @hwdsl2 commented on GitHub (Mar 29, 2022): @sichokie Looking at your configuration again, IKEv2 mode may not be enabled in your `vpn-ipsec.yaml`. In this case, it could be due to network or firewall issues between your local machine and your Kubernetes cluster, which prevents VPN connection requests from reaching UDP ports 500 and 4500 on the VPN server node.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#265
No description provided.