Merge pull request #70325 from islinwb/ipvs_fix

add module 'nf_conntrack' in ipvs prerequisite check
This commit is contained in:
k8s-ci-robot 2018-10-29 12:08:22 -07:00 committed by GitHub
commit d05622bee6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 3 deletions

View File

@ -259,7 +259,7 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-EXT
Currently, local-up scripts, GCE scripts and kubeadm support switching IPVS proxy mode via exporting environment variables or specifying flags.
### Prerequisite
Ensure IPVS required kernel modules
Ensure IPVS required kernel modules (**Notes**: use `nf_conntrack` instead of `nf_conntrack_ipv4` for Linux kernel 4.19 and later)
```shell
ip_vs
ip_vs_rr

View File

@ -163,6 +163,7 @@ var ipvsModules = []string{
"ip_vs_wrr",
"ip_vs_sh",
"nf_conntrack_ipv4",
"nf_conntrack",
}
// In IPVS proxy mode, the following flags need to be set
@ -489,8 +490,21 @@ func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner) (bool, err
wantModules.Insert(ipvsModules...)
loadModules.Insert(mods...)
modules := wantModules.Difference(loadModules).UnsortedList()
if len(modules) != 0 {
return false, fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", modules)
var missingMods []string
ConntrackiMissingCounter := 0
for _, mod := range modules {
if strings.Contains(mod, "nf_conntrack") {
ConntrackiMissingCounter++
} else {
missingMods = append(missingMods, mod)
}
}
if ConntrackiMissingCounter == 2 {
missingMods = append(missingMods, "nf_conntrack_ipv4(or nf_conntrack for Linux kernel 4.19 and later)")
}
if len(missingMods) != 0 {
return false, fmt.Errorf("IPVS proxier will not be used because the following required kernel modules are not loaded: %v", missingMods)
}
// Check ipset version