Troubleshooting
kube-flannel CrashLoopBackOff
Symptom
Flannel pods crash with error:
Failed to check br_netfilter: stat /proc/sys/net/bridge/bridge-nf-call-iptables: no such file or directory
Solution
Load the kernel module on the affected node:
modprobe br_netfilter
Then restart flannel pods:
kubectl delete pod -n kube-flannel <flannel-pod-name> --force
Prevention
Add modprobe br_netfilter to your node provisioning steps.
MetalLB CRDs OutOfSync
Symptom
ArgoCD shows MetalLB CRDs as OutOfSync.
Cause
MetalLB v0.14+ uses CRDs with webhook conversions. The webhook CA bundle is dynamically generated.
Solution
The metallb.yaml template includes ignoreDifferences to ignore the caBundle field:
ignoreDifferences:
- group: apiextensions.k8s.io
kind: CustomResourceDefinition
name: bgppeers.metallb.io
jsonPointers:
- /spec/conversion/webhook/clientConfig/caBundle
This is already configured in the template.
ArgoCD Repo-Server OOM
Symptom
ArgoCD repo-server pods crash with OOM errors.
Solution
Configure resources in the ArgoCD values:
repoServer:
resources:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
Node Not Ready
Common Causes
-
Kubelet not running:
systemctl status kubelet
systemctl restart kubelet -
Certificates missing: Re-run
kubeadm joinon the node -
Network issues: Check that
br_netfiltermodule is loaded andsysctlsettings are applied
Deploy Not Working
Check 1: ArgoCD Applications
kubectl get applications -n argocd
Check 2: Application Revision
kubectl get application <app-name> -n argocd -o jsonpath='{.spec.source.targetRevision}'
Check 3: Sync Status
kubectl get application <app-name> -n argocd -o jsonpath='{.status.sync.status}'
Check 4: ArgoCD Logs
kubectl logs -n argocd deployment/argocd-application-controller