This page documents the list of known issues in Kubermatic KubeOne along with possible workarounds and recommendations.
This list applies to KubeOne 1.9 release. For KubeOne 1.8, please consider the v1.8 version of this document. For earlier releases, please consult the appropriate changelog.
| Status | Under investigation |
| Severity | Low |
| GitHub issue | TBD |
We have discovered the the optional Calico VXLAN addon that we provide might not work in all setups. We’re currently investigating this and will provide more information as we have them.
This issue is considered low severity because this is an optional addon and you have to opt-in to use it as described in this document. By default, KubeOne uses Canal CNI which is a separate addon and is confirmed to work properly on all supported providers and Kubernetes versions.
If you’re using the optional Calico VXLAN addon, we recommend staying on your current Kubernetes version until we don’t have more information about this issue.
| Status | Workaround available |
| Severity | Low |
| GitHub issue | https://github.com/cilium/cilium/issues/21801 |
Internal error occurred: failed calling webhook "webhook-name": failed to call webhook: Post "https://webhook-service-name.namespace.svc:443/webhook-endpoint": context deadline exceeded
On recent enough VMware hardware compatibility version (i.e >=15 or maybe >=14), CNI connectivity breaks because of hardware segmentation offload. cilium-health status has ICMP connectivity working, but not TCP connectivity. cilium-health status may also fail completely.
sudo ethtool -K ens192 tx-udp_tnl-segmentation off
sudo ethtool -K ens192 tx-udp_tnl-csum-segmentation off
These flags are related to the hardware segmentation offload done by the vSphere driver VMXNET3. We have observed this issue for both Cilium and Canal CNI running on Ubuntu 22.04.
We have two options to configure these flags for KubeOne installations: