From c94916a875600ad7c858b45012eb1e3d84f31902 Mon Sep 17 00:00:00 2001 From: Neil Jerram Date: Tue, 27 Jul 2021 21:03:28 +0100 Subject: [PATCH] Tell kube-proxy not to try to set nf_conntrack_max For kube-proxy not becoming ready, like this: semaphore@semaphore-vm:~$ kubectl logs kube-proxy-42v55 -n kube-system I0727 19:55:26.230888 1 node.go:135] Successfully retrieved node IP: 172.17.0.2 I0727 19:55:26.230923 1 server_others.go:172] Using ipvs Proxier. I0727 19:55:26.230930 1 server_others.go:174] creating dualStackProxier for ipvs. W0727 19:55:26.232364 1 proxier.go:420] IPVS scheduler not specified, use rr by default W0727 19:55:26.232522 1 proxier.go:420] IPVS scheduler not specified, use rr by default W0727 19:55:26.232538 1 ipset.go:107] ipset name truncated; [KUBE-6-LOAD-BALANCER-SOURCE-CIDR] -> [KUBE-6-LOAD-BALANCER-SOURCE-CID] W0727 19:55:26.232546 1 ipset.go:107] ipset name truncated; [KUBE-6-NODE-PORT-LOCAL-SCTP-HASH] -> [KUBE-6-NODE-PORT-LOCAL-SCTP-HAS] I0727 19:55:26.232648 1 server.go:571] Version: v1.17.0 I0727 19:55:26.232963 1 conntrack.go:100] Set sysctl 'net/netfilter/nf_conntrack_max' to 131072 F0727 19:55:26.232982 1 server.go:485] open /proc/sys/net/netfilter/nf_conntrack_max: permission denied See https://github.com/kubernetes-sigs/kind/issues/2240 and https://github.com/kubernetes-sigs/kind/pull/2241. --- tests/k8st/create_kind_cluster.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/k8st/create_kind_cluster.sh b/tests/k8st/create_kind_cluster.sh index 76d3890ef..e07d70e5a 100755 --- a/tests/k8st/create_kind_cluster.sh +++ b/tests/k8st/create_kind_cluster.sh @@ -103,6 +103,8 @@ kubeadmConfigPatches: metadata: name: config mode: ipvs + conntrack: + maxPerCore: 0 EOF ${kubectl} get no -o wide