Skip to content

Commit

Permalink
Tell kube-proxy not to try to set nf_conntrack_max
Browse files Browse the repository at this point in the history 
For kube-proxy not becoming ready, like this:

    semaphore@semaphore-vm:~$ kubectl logs kube-proxy-42v55 -n kube-system
    I0727 19:55:26.230888       1 node.go:135] Successfully retrieved node IP: 172.17.0.2
    I0727 19:55:26.230923       1 server_others.go:172] Using ipvs Proxier.
    I0727 19:55:26.230930       1 server_others.go:174] creating dualStackProxier for ipvs.
    W0727 19:55:26.232364       1 proxier.go:420] IPVS scheduler not specified, use rr by default
    W0727 19:55:26.232522       1 proxier.go:420] IPVS scheduler not specified, use rr by default
    W0727 19:55:26.232538       1 ipset.go:107] ipset name truncated; [KUBE-6-LOAD-BALANCER-SOURCE-CIDR] -> [KUBE-6-LOAD-BALANCER-SOURCE-CID]
    W0727 19:55:26.232546       1 ipset.go:107] ipset name truncated; [KUBE-6-NODE-PORT-LOCAL-SCTP-HASH] -> [KUBE-6-NODE-PORT-LOCAL-SCTP-HAS]
    I0727 19:55:26.232648       1 server.go:571] Version: v1.17.0
    I0727 19:55:26.232963       1 conntrack.go:100] Set sysctl 'net/netfilter/nf_conntrack_max' to 131072
    F0727 19:55:26.232982       1 server.go:485] open /proc/sys/net/netfilter/nf_conntrack_max: permission denied

See kubernetes-sigs/kind#2240 and
kubernetes-sigs/kind#2241.
  • Loading branch information
@Brian-McM
Neil Jerram authored and Brian-McM committed Aug 5, 2021
1 parent 73793a6 commit c94916a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions tests/k8st/create_kind_cluster.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,8 @@ kubeadmConfigPatches:
metadata:
name: config
mode: ipvs
conntrack:
maxPerCore: 0
EOF

${kubectl} get no -o wide
Expand Down

0 comments on commit c94916a

Please sign in to comment.