1745.4.0 disabled bridge-nf-call-iptables
1,264 views
Skip to first unread message
Lucas do Amaral Saboya
May 29, 2018, 9:33:57 PM5/29/18
to CoreOS User
I have a small kops-generated kubernetes cluster running on CoreOS (Container Linux by CoreOS 1745.4.0 (Rhyolite)) and since the upgrade, none of the containers running in it appear to have internet connectivity.
In any node I log on, I get the following errors while issuing `docker info`:
https://gist.github.com/lucazz/78385f47f7c3b16e7d5c8f0ef6772c9d
In any node I log on, I get the following errors while issuing `docker info`:
https://gist.github.com/lucazz/78385f47f7c3b16e7d5c8f0ef6772c9d
`WARNING: bridge-nf-call-iptables is disabled`
and
`WARNING: bridge-nf-call-ip6tables is disabled`
Lurking other github issues, I've came across the following issue:
https://github.com/moby/moby/issues/24809#issuecomment-336001509
https://github.com/moby/moby/issues/24809#issuecomment-336001509
but issuing those sysctl commands wont work in CoreOS, as it cannot state that path:
`sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory`
`sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory`
Does anyone have an idea on how can I enable those flags?
Benjamin Gilbert
May 29, 2018, 10:12:34 PM5/29/18
to Lucas do Amaral Saboya, CoreOS User
On Tue, May 29, 2018 at 9:33 PM, Lucas do Amaral Saboya <lucas....@gmail.com> wrote:
In any node I log on, I get the following errors while issuing `docker info`:
https://gist.github.com/lucazz/78385f47f7c3b16e7d5c8f0ef6772c9d`WARNING: bridge-nf-call-iptables is disabled`and`WARNING: bridge-nf-call-ip6tables is disabled`Lurking other github issues, I've came across the following issue:
https://github.com/moby/moby/issues/24809#issuecomment-336001509but issuing those sysctl commands wont work in CoreOS, as it cannot state that path:
`sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory`Does anyone have an idea on how can I enable those flags?
Hi,
Running `modprobe br_netfilter` should allow those variables to be set.
--Benjamin Gilbert
Lucas do Amaral Saboya
May 30, 2018, 8:25:23 AM5/30/18
to CoreOS User, Benjamin Gilbert
Hello there,
First of all, I'd like to apologize for my last e-mail, I was so tired yesterday that I didn't even put an intro, greeting or thank you.
Thanks for the top Benjamin,
I've managed to run those commands after enabling the bridge filter module.
But that didn't help:
I'm running a kops-generated Kubernetes Cluster using canal and CoreOS.
Thanks for the help,
| Lucas do Amaral Saboya | https://lucazz.me
| Phone: +5585997794661 | lucas....@gmail.com
| Keybase GPG Key: http://keybase.io/lucazz/key.asc
Benjamin Gilbert
May 30, 2018, 12:18:08 PM5/30/18
to Lucas do Amaral Saboya, CoreOS User
On Wed, May 30, 2018 at 8:25 AM, Lucas do Amaral Saboya <lucas....@gmail.com> wrote:
I've managed to run those commands after enabling the bridge filter module.But that didn't help:I'm running a kops-generated Kubernetes Cluster using canal and CoreOS.
Are you running in AWS? You could be seeing https://github.com/coreos/bugs/issues/2443.
--Benjamin Gilbert
Lucas do Amaral Saboya
May 30, 2018, 12:51:52 PM5/30/18
to CoreOS User, Benjamin Gilbert
Hey there,
Yes I am running those nodes on AWS, but I think I'm running into this issue, instead:
I say that, because my CoreOS instance's eth0 MTU look fine - docker0, on the other hand has an MTU of 1500:
Is that behavior expected? It looks like it (my ubuntu instances do have it like that).
Thanks!
| Lucas do Amaral Saboya | https://lucazz.me
| Phone: +5585997794661 | lucas....@gmail.com
| Keybase GPG Key: http://keybase.io/lucazz/key.asc
Reply all
Reply to author
Forward
0 new messages