From 1e15243b11182fe6bd843075952beca22b5ccc47 Mon Sep 17 00:00:00 2001
From: Ian Campbell <ijc@docker.com>
Date: Tue, 12 Sep 2017 14:27:07 +0100
Subject: [PATCH] kubernetes: Enable net.ipv4.ip_forward

This doesn't seem to be necessary when using Docker Engine as the CRI backend,
but in general it is.

The sysctl container must be writeable to allow the
/etc/sysctl.d/01-kubernetes.conf mount point to be created. See #2503.

Signed-off-by: Ian Campbell <ijc@docker.com>
---
 projects/kubernetes/kube-master.yml | 5 +++++
 projects/kubernetes/kube-node.yml   | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml
index d1e007f9b..73802f8d0 100644
--- a/projects/kubernetes/kube-master.yml
+++ b/projects/kubernetes/kube-master.yml
@@ -9,6 +9,9 @@ init:
 onboot:
   - name: sysctl
     image: linuxkit/sysctl:154913b72c6f1f33eb408609fca9963628e8c051
+    binds:
+     - /etc/sysctl.d/01-kubernetes.conf:/etc/sysctl.d/01-kubernetes.conf
+    readonly: false
   - name: sysfs
     image: linuxkit/sysfs:3ae01a25583ee37a5ff8b09a0e569cb4bd8cf2e9
   - name: dhcpcd
@@ -60,6 +63,8 @@ services:
   - name: kubelet
     image: linuxkitprojects/kubernetes:c4a6ae5121df50471ad244b9fc153ff5eb674fb2
 files:
+  - path: /etc/sysctl.d/01-kubernetes.conf
+    contents: 'net.ipv4.ip_forward = 1'
   - path: /opt/cni
     directory: true
   - path: /etc/cni
diff --git a/projects/kubernetes/kube-node.yml b/projects/kubernetes/kube-node.yml
index 9ae19f239..d815e3e7b 100644
--- a/projects/kubernetes/kube-node.yml
+++ b/projects/kubernetes/kube-node.yml
@@ -9,6 +9,9 @@ init:
 onboot:
   - name: sysctl
     image: linuxkit/sysctl:154913b72c6f1f33eb408609fca9963628e8c051
+    binds:
+     - /etc/sysctl.d/01-kubernetes.conf:/etc/sysctl.d/01-kubernetes.conf
+    readonly: false
   - name: sysfs
     image: linuxkit/sysfs:3ae01a25583ee37a5ff8b09a0e569cb4bd8cf2e9
   - name: dhcpcd
@@ -58,6 +61,8 @@ services:
   - name: kubelet
     image: linuxkitprojects/kubernetes:c4a6ae5121df50471ad244b9fc153ff5eb674fb2
 files:
+  - path: /etc/sysctl.d/01-kubernetes.conf
+    contents: 'net.ipv4.ip_forward = 1'
   - path: /opt/cni
     directory: true
   - path: /etc/cni