From 278a2f75ff4e1785c726c31dc81b07dcd8f95af4 Mon Sep 17 00:00:00 2001 From: Richard Neill Date: Wed, 3 Nov 2021 13:01:11 +0000 Subject: [PATCH] k3s: Add additional required kernel modules Adds the following kernel modules for k3s: * xt-physdev * xt-nflog * xt-limit * nfnetlink-log Without them, the k3s network-policy-controller reports failures in the log related to iptables-restore. Signed-off-by: Richard Neill Signed-off-by: Bruce Ashfield --- recipes-containers/k3s/k3s_git.bb | 4 ++++ recipes-kernel/linux/linux-yocto/kubernetes.cfg | 10 +++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/recipes-containers/k3s/k3s_git.bb b/recipes-containers/k3s/k3s_git.bb index 64f4a3ae..bcfa9591 100644 --- a/recipes-containers/k3s/k3s_git.bb +++ b/recipes-containers/k3s/k3s_git.bb @@ -96,6 +96,10 @@ RRECOMMENDS:${PN} = "\ kernel-module-vxlan \ kernel-module-xt-masquerade \ kernel-module-xt-statistic \ + kernel-module-xt-physdev \ + kernel-module-xt-nflog \ + kernel-module-xt-limit \ + kernel-module-nfnetlink-log \ " RCONFLICTS:${PN} = "kubectl" diff --git a/recipes-kernel/linux/linux-yocto/kubernetes.cfg b/recipes-kernel/linux/linux-yocto/kubernetes.cfg index 2d4e1f54..84fa8c57 100644 --- a/recipes-kernel/linux/linux-yocto/kubernetes.cfg +++ b/recipes-kernel/linux/linux-yocto/kubernetes.cfg @@ -13,9 +13,14 @@ CONFIG_IP_VS_NFCT=y CONFIG_IP_VS_PROTO_TCP=y CONFIG_IP_VS_PROTO_UDP=y CONFIG_IP_VS_RR=m -CONFIG_NETFILTER_XT_MATCH_COMMENT=m -CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_REDIRECT=m CONFIG_NAMESPACES=y CONFIG_NET_NS=y CONFIG_PID_NS=y @@ -32,4 +37,3 @@ CONFIG_MEMCG=y CONFIG_INET=y CONFIG_EXT4_FS=y CONFIG_PROC_FS=y -CONFIG_NETFILTER_XT_TARGET_REDIRECT=m