mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 12:15:52 +00:00
Merge pull request #70325 from islinwb/ipvs_fix
add module 'nf_conntrack' in ipvs prerequisite check
This commit is contained in:
commit
d05622bee6
@ -259,7 +259,7 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-EXT
|
||||
Currently, local-up scripts, GCE scripts and kubeadm support switching IPVS proxy mode via exporting environment variables or specifying flags.
|
||||
|
||||
### Prerequisite
|
||||
Ensure IPVS required kernel modules
|
||||
Ensure IPVS required kernel modules (**Notes**: use `nf_conntrack` instead of `nf_conntrack_ipv4` for Linux kernel 4.19 and later)
|
||||
```shell
|
||||
ip_vs
|
||||
ip_vs_rr
|
||||
|
@ -163,6 +163,7 @@ var ipvsModules = []string{
|
||||
"ip_vs_wrr",
|
||||
"ip_vs_sh",
|
||||
"nf_conntrack_ipv4",
|
||||
"nf_conntrack",
|
||||
}
|
||||
|
||||
// In IPVS proxy mode, the following flags need to be set
|
||||
@ -489,8 +490,21 @@ func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner) (bool, err
|
||||
wantModules.Insert(ipvsModules...)
|
||||
loadModules.Insert(mods...)
|
||||
modules := wantModules.Difference(loadModules).UnsortedList()
|
||||
if len(modules) != 0 {
|
||||
return false, fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", modules)
|
||||
var missingMods []string
|
||||
ConntrackiMissingCounter := 0
|
||||
for _, mod := range modules {
|
||||
if strings.Contains(mod, "nf_conntrack") {
|
||||
ConntrackiMissingCounter++
|
||||
} else {
|
||||
missingMods = append(missingMods, mod)
|
||||
}
|
||||
}
|
||||
if ConntrackiMissingCounter == 2 {
|
||||
missingMods = append(missingMods, "nf_conntrack_ipv4(or nf_conntrack for Linux kernel 4.19 and later)")
|
||||
}
|
||||
|
||||
if len(missingMods) != 0 {
|
||||
return false, fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", missingMods)
|
||||
}
|
||||
|
||||
// Check ipset version
|
||||
|
Loading…
Reference in New Issue
Block a user