kube-proxy fails to create iptables routing

Summary

After installation with kubeadm, the kube-proxy container cannot create iptables routing rules.

Steps to reproduce

Run kubeadm init to create a new kubernetes cluster with this image.

What is the current bug behavior?

The kube-proxy container reports the following in it's logs: Could not set up iptables canary mangle/KUBE-PROXY-CANARY: error creating chain "KUBE-PROXY-CANARY": executable file not found in $PATH:

What is the expected correct behavior?

iptables routing rules can be created for internal cluster traffic

Relevant logs and/or screenshots

Running docker run -ti 2beccc4ec9da /bin/bash and subsiquently iptables reports: /usr/sbin/iptables: Permission denied tracing the iptables binary I see, /usr/sbin/iptables -> /etc/alternatives/iptables -> /usr/sbin/iptables-wrapper I noticed that the file permissions for the wrapper are as follows: -rw-rw-rw-. 1 root root 89 Nov 24 19:26 /usr/sbin/iptables-wrapper

Possible fixes

Running chmod +x /usr/sbin/iptables-wrapper changes the error to the following in some cases: /usr/sbin/iptables-legacy has not been configured as an alternative for iptables My most recent try resulted in the iptables command not reporting anything regardless of input.

Defintion of Done

• Bug has been identified and corrected within the container

/cc @ironbank-notifications/bug