Symptoms
An attempt to use Data Protection menu in Provider's CP shows the following error on searching for account ID:
error returned from GDPR backend /info
/var/log/messages on GDPR node contains the entry:
May 22 20:34:38.787 journal: 22-05-2018;18:34:38,785 IOException occurred while connecting to 192.0.2.2:5432: java.net.SocketTimeoutException: connect timed out
Traffic capture on the OSS database host shows that the arriving packets originate from the virtual docker container network:
[root@osscore ~]# sudo tcpdump -i eth0 -nn 'host 10.244.0.8 && port 5432'
...
20:13:43.031222 IP 192.0.2.2.5432 > 10.244.0.8.45098: Flags [S.], seq 3847600567, ack 1104477630, win 28960, options [mss 1460,sackOK,TS val 510012634 ecr 1040132625,nop,wscale 7], length 0
iptables rules on the GDPR node do not contain the docker masquerading entries:
[root@k8s ~]# iptables-save | grep docker
[root@k8s ~]#
Cause
Docker iptables rules were removed on the GDPR node.
Resolution
Restart the services to bring back the required iptbales rules:
# systemctl stop kubelet
# systemctl stop docker
# systemctl stop iptables
# systemctl start iptables
# systemctl start docker
# systemctl start kubelet