rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-07-14 15:46:03 +00:00
Code Issues Releases Wiki Activity

added enable_br_netfilter env var

Browse Source
This commit is contained in:
vardhaman22 2025-02-28 19:25:26 +05:30
parent a274d25252
commit 1add22bc39
3 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/defaults.go
View File

@ -762,6 +762,12 @@ func (c *Cluster) setClusterDNSDefaults() error {
func (c *Cluster) setClusterNetworkDefaults() { func (c *Cluster) setClusterNetworkDefaults() {
setDefaultIfEmpty(&c.Network.Plugin, DefaultNetworkPlugin) setDefaultIfEmpty(&c.Network.Plugin, DefaultNetworkPlugin)
// set enable_br_netfilter to true by default since it is required for network plugins
if c.Network.EnableBrNetfilter == nil {
enableBrNetfilter := true
c.Network.EnableBrNetfilter = &enableBrNetfilter
}
if c.Network.Options == nil { if c.Network.Options == nil {
// don't break if the user didn't define options // don't break if the user didn't define options
c.Network.Options = make(map[string]string) c.Network.Options = make(map[string]string)

15
cluster/plan.go
View File

@ -68,6 +68,7 @@ const (
KubeletDualStackNameEnv = "RKE_KUBELET_CRIDOCKERD_DUALSTACK" KubeletDualStackNameEnv = "RKE_KUBELET_CRIDOCKERD_DUALSTACK"
CRIDockerdStreamServerAddressEnv = "CRIDOCKERD_STREAM_SERVER_ADDRESS" CRIDockerdStreamServerAddressEnv = "CRIDOCKERD_STREAM_SERVER_ADDRESS"
CRIDockerdStreamServerPortEnv = "CRIDOCKERD_STREAM_SERVER_PORT" CRIDockerdStreamServerPortEnv = "CRIDOCKERD_STREAM_SERVER_PORT"
KubeProxyBrNetfilterNameEnv = "RKE_KUBE_PROXY_BR_NETFILTER"
) )
var ( var (
@ -775,6 +776,10 @@ func (c *Cluster) BuildKubeProxyProcess(host *hosts.Host, serviceOptions v3.Kube
Env = append(Env, c.getWindowsEnv(host)...) Env = append(Env, c.getWindowsEnv(host)...)
} }
if c.EnableBrNetfilter() {
Env = append(Env, fmt.Sprintf("%s=%s", KubeProxyBrNetfilterNameEnv, "true"))
}
for arg, value := range host.GetExtraArgs(kubeproxy.BaseService) { for arg, value := range host.GetExtraArgs(kubeproxy.BaseService) {
CommandArgs[arg] = value CommandArgs[arg] = value
} }
@ -1324,6 +1329,16 @@ func (c *Cluster) IsCRIDockerdEnabled() bool {
return false return false
} }
func (c *Cluster) EnableBrNetfilter() bool {
if c == nil {
return false
}
if c.Network.EnableBrNetfilter != nil && *c.Network.EnableBrNetfilter {
return true
}
return false
}
func (c *Cluster) multipleCIDRsConfigured() bool { func (c *Cluster) multipleCIDRsConfigured() bool {
if c == nil { if c == nil {
logrus.Debug("multipleCIDRsConfigured: Returning false, cluster object is nil") logrus.Debug("multipleCIDRsConfigured: Returning false, cluster object is nil")

2
types/rke_types.go
View File

@ -409,6 +409,8 @@ type NetworkConfig struct {
UpdateStrategy *DaemonSetUpdateStrategy `yaml:"update_strategy" json:"updateStrategy,omitempty"` UpdateStrategy *DaemonSetUpdateStrategy `yaml:"update_strategy" json:"updateStrategy,omitempty"`
// Tolerations for Deployments // Tolerations for Deployments
Tolerations []v1.Toleration `yaml:"tolerations" json:"tolerations,omitempty"` Tolerations []v1.Toleration `yaml:"tolerations" json:"tolerations,omitempty"`
// Enable/Disable br_netfilter on nodes
EnableBrNetfilter *bool `yaml:"enable_br_netfilter" json:"enableBrNetfilter" norman:"default=true"`
} }
type AuthWebhookConfig struct { type AuthWebhookConfig struct {