[Kernel-packages] [Bug 1843051] [NEW] please include kernel module CONFIG_NETFILTER_XT_SET
Public bug reported: To use kube-router as part of a kubernetes install, it requires kernel module CONFIG_NETFILTER_XT_SET build it makes use of the 'set' module in iptables. Otherwise, since this kernel module is not built as a module nor included in the kernel itself, iptables complains: root@prod-controller1:~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.3 LTS" root@prod-controller1:~# /sbin/iptables -t nat -A POSTROUTING -m set --match-set kube-router-pod-subnets src -m set ! --match-set kube-router-pod-subnets dst -m set ! --match-set kube-router-node-ips dst -j MASQUERADE --wait iptables: No chain/target/match by that name. root@prod-controller1:/boot# grep XT_SET config-$(uname -r) # CONFIG_NETFILTER_XT_SET is not set To fix this situation, I would kindly request that CONFIG_NETFILTER_XT_SET be incldued, at minimum, as a module in the kvm kernel. Thanks, Kube-router code that shows the iptables parameters using the 'set' module: https://github.com/cloudnativelabs/kube-router/blob/00824cd84b862d73dbdf984477178cca9bce9166/pkg/controllers/routing/pod_egress.go#L13 ** Affects: linux-kvm (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1843051 Title: please include kernel module CONFIG_NETFILTER_XT_SET Status in linux-kvm package in Ubuntu: New Bug description: To use kube-router as part of a kubernetes install, it requires kernel module CONFIG_NETFILTER_XT_SET build it makes use of the 'set' module in iptables. Otherwise, since this kernel module is not built as a module nor included in the kernel itself, iptables complains: root@prod-controller1:~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.3 LTS" root@prod-controller1:~# /sbin/iptables -t nat -A POSTROUTING -m set --match-set kube-router-pod-subnets src -m set ! --match-set kube-router-pod-subnets dst -m set ! --match-set kube-router-node-ips dst -j MASQUERADE --wait iptables: No chain/target/match by that name. root@prod-controller1:/boot# grep XT_SET config-$(uname -r) # CONFIG_NETFILTER_XT_SET is not set To fix this situation, I would kindly request that CONFIG_NETFILTER_XT_SET be incldued, at minimum, as a module in the kvm kernel. Thanks, Kube-router code that shows the iptables parameters using the 'set' module: https://github.com/cloudnativelabs/kube-router/blob/00824cd84b862d73dbdf984477178cca9bce9166/pkg/controllers/routing/pod_egress.go#L13 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1843051/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1811819] Re: please include the kernel module VXLAN
Just curious on an update of when this should be available in the apt repositories? Thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1811819 Title: please include the kernel module VXLAN Status in linux-kvm package in Ubuntu: In Progress Status in linux-kvm source package in Xenial: In Progress Status in linux-kvm source package in Bionic: In Progress Status in linux-kvm source package in Disco: In Progress Bug description: == SRU Justification == VXLAN is used by Flannel and maybe other CNI plugins for Kubernetes, it will be great to enable the support in KVM kernels. == Fix == Enable the CONFIG_VXLAN in the config file. CONFIG_NET_UDP_TUNNEL=m and other configs were added automatically with updateconfigs. CONFIG_OPENVSWITCH_VXLAN supprt was excluded intentionally as this is not requested (and to reduce the binary size). == Test == Test kernels could be found here: https://people.canonical.com/~phlin/kernel/lp-1811819-vxlan/ Kernel smoke tested. User has also verified that all the patched kernels are working as expected. == Regression Potentail == Low, this enables the support for VXLAN module on KVM kernels, we might see some related bugs in the future. Since we already have this in the generic kernel so the impact should be small. == Original Bug Report == The kernel built with this packages does have VXLAN compiled. It would be nice if this could be fixed since VXLAN is used by Flannel and maybe other CNI plugins for Kubernetes. $ grep -i vxlan /boot/config-4.4.0-1039-kvm # CONFIG_VXLAN is not set When running a kubernetes cluster with Flannel with this image: $ kubectl logs kube-flannel-ds-amd64-jfkc8 -n kube-system --kubeconfig=case1-admin.conf I0116 11:35:34.176962 1 main.go:475] Determining IP address of default interface I0116 11:35:34.177231 1 main.go:488] Using interface with name ens3 and address 10.32.192.14 I0116 11:35:34.177259 1 main.go:505] Defaulting external address to interface address (10.32.192.14) I0116 11:35:34.191358 1 kube.go:131] Waiting 10m0s for node controller to sync I0116 11:35:34.273844 1 kube.go:294] Starting kube subnet manager I0116 11:35:35.274075 1 kube.go:138] Node controller sync successful I0116 11:35:35.274106 1 main.go:235] Created subnet manager: Kubernetes Subnet Manager - node-1-case1 I0116 11:35:35.274113 1 main.go:238] Installing signal handlers I0116 11:35:35.274233 1 main.go:353] Found network config - Backend type: vxlan I0116 11:35:35.274292 1 vxlan.go:120] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false E0116 11:35:35.275803 1 main.go:280] Error registering network: operation not supported I0116 11:35:35.275860 1 main.go:333] Stopping shutdownHandler... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1811819/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1811819] Re: please include the kernel module VXLAN
Both of those, B and D, are confirmed to work. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1811819 Title: please include the kernel module VXLAN Status in linux-kvm package in Ubuntu: Incomplete Status in linux-kvm source package in Xenial: New Status in linux-kvm source package in Bionic: New Status in linux-kvm source package in Disco: New Bug description: The kernel built with this packages does have VXLAN compiled. It would be nice if this could be fixed since VXLAN is used by Flannel and maybe other CNI plugins for Kubernetes. $ grep -i vxlan /boot/config-4.4.0-1039-kvm # CONFIG_VXLAN is not set When running a kubernetes cluster with Flannel with this image: $ kubectl logs kube-flannel-ds-amd64-jfkc8 -n kube-system --kubeconfig=case1-admin.conf I0116 11:35:34.176962 1 main.go:475] Determining IP address of default interface I0116 11:35:34.177231 1 main.go:488] Using interface with name ens3 and address 10.32.192.14 I0116 11:35:34.177259 1 main.go:505] Defaulting external address to interface address (10.32.192.14) I0116 11:35:34.191358 1 kube.go:131] Waiting 10m0s for node controller to sync I0116 11:35:34.273844 1 kube.go:294] Starting kube subnet manager I0116 11:35:35.274075 1 kube.go:138] Node controller sync successful I0116 11:35:35.274106 1 main.go:235] Created subnet manager: Kubernetes Subnet Manager - node-1-case1 I0116 11:35:35.274113 1 main.go:238] Installing signal handlers I0116 11:35:35.274233 1 main.go:353] Found network config - Backend type: vxlan I0116 11:35:35.274292 1 vxlan.go:120] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false E0116 11:35:35.275803 1 main.go:280] Error registering network: operation not supported I0116 11:35:35.275860 1 main.go:333] Stopping shutdownHandler... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1811819/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1811819] Re: please include the kernel module VXLAN
I just tried this on a ubuntu cloud 18.04.3 VM and it works. Could this get foreported to the 4.15.x kernels as well? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1811819 Title: please include the kernel module VXLAN Status in linux-kvm package in Ubuntu: Incomplete Status in linux-kvm source package in Xenial: New Bug description: The kernel built with this packages does have VXLAN compiled. It would be nice if this could be fixed since VXLAN is used by Flannel and maybe other CNI plugins for Kubernetes. $ grep -i vxlan /boot/config-4.4.0-1039-kvm # CONFIG_VXLAN is not set When running a kubernetes cluster with Flannel with this image: $ kubectl logs kube-flannel-ds-amd64-jfkc8 -n kube-system --kubeconfig=case1-admin.conf I0116 11:35:34.176962 1 main.go:475] Determining IP address of default interface I0116 11:35:34.177231 1 main.go:488] Using interface with name ens3 and address 10.32.192.14 I0116 11:35:34.177259 1 main.go:505] Defaulting external address to interface address (10.32.192.14) I0116 11:35:34.191358 1 kube.go:131] Waiting 10m0s for node controller to sync I0116 11:35:34.273844 1 kube.go:294] Starting kube subnet manager I0116 11:35:35.274075 1 kube.go:138] Node controller sync successful I0116 11:35:35.274106 1 main.go:235] Created subnet manager: Kubernetes Subnet Manager - node-1-case1 I0116 11:35:35.274113 1 main.go:238] Installing signal handlers I0116 11:35:35.274233 1 main.go:353] Found network config - Backend type: vxlan I0116 11:35:35.274292 1 vxlan.go:120] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false E0116 11:35:35.275803 1 main.go:280] Error registering network: operation not supported I0116 11:35:35.275860 1 main.go:333] Stopping shutdownHandler... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1811819/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1793841] Re: IP_SET modules not included in kernel build, prevents container functionality
ubuntu@deva-controller0:~$ uname -a Linux deva-controller0 4.15.0-1022-kvm #22+ipset.0 SMP Mon Sep 24 15:12:21 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux ubuntu@deva-controller0:~$ cd /boot ubuntu@deva-controller0:/boot$ grep SET config-4.15.0-1022-kvm CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_CPUSETS=y CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_HAVE_SETUP_PER_CPU_AREA=y CONFIG_IP_SET=y CONFIG_IP_SET_BITMAP_IP=m CONFIG_IP_SET_BITMAP_IPMAC=m CONFIG_IP_SET_BITMAP_PORT=m CONFIG_IP_SET_HASH_IP=m CONFIG_IP_SET_HASH_IPMAC=m CONFIG_IP_SET_HASH_IPMARK=m CONFIG_IP_SET_HASH_IPPORT=m CONFIG_IP_SET_HASH_IPPORTIP=m CONFIG_IP_SET_HASH_IPPORTNET=m CONFIG_IP_SET_HASH_MAC=m CONFIG_IP_SET_HASH_NET=m CONFIG_IP_SET_HASH_NETIFACE=m CONFIG_IP_SET_HASH_NETNET=m CONFIG_IP_SET_HASH_NETPORT=m CONFIG_IP_SET_HASH_NETPORTNET=m CONFIG_IP_SET_LIST_SET=m CONFIG_IP_SET_MAX=256 # CONFIG_NETFILTER_XT_SET is not set # CONFIG_POWER_RESET is not set CONFIG_PROC_PID_CPUSET=y # CONFIG_RESET_CONTROLLER is not set root@deva-controller0:~# lsmod | grep ip_set ip_set_hash_net28672 0 ip_set_hash_ip 24576 0 This looks good to me Kamal, Thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1793841 Title: IP_SET modules not included in kernel build, prevents container functionality Status in cloud-images: Invalid Status in linux-kvm package in Ubuntu: In Progress Status in linux-kvm source package in Bionic: In Progress Bug description: I would like to run Ubuntu Minimal Cloud Image as the base OS on which I run Kubernetes and various other containers, but it requires ipset and various kernel modules included in the build. Is there a way to have those added by default, or a documented process for me to modify the kernel on my Minimal Cloud images? I tried to use kube-router as a routing platform for connecting the containers between Ubuntu hosts, but this requires ipset. The error from kube-router: I0921 00:19:45.773157 1 kube-router.go:207] Running /usr/local/bin/kube-router version v0.2.0, built on 2018-09-12T08:03:59-0400, go1.10.3 Failed to run kube-router: Failed to create network routing controller: Failed to create ipset set on system: ipset v6.34: Kernel error received: set type not supported After some digging, it seems I need the following modules at least compiled into the kernel as modules: root@deva-controller0:~# cat "/boot/config-`uname -r`" | grep IP_SET CONFIG_IP_SET=y CONFIG_IP_SET_MAX=256 # CONFIG_IP_SET_BITMAP_IP is not set # CONFIG_IP_SET_BITMAP_IPMAC is not set # CONFIG_IP_SET_BITMAP_PORT is not set # CONFIG_IP_SET_HASH_IP is not set # CONFIG_IP_SET_HASH_IPMARK is not set # CONFIG_IP_SET_HASH_IPPORT is not set # CONFIG_IP_SET_HASH_IPPORTIP is not set # CONFIG_IP_SET_HASH_IPPORTNET is not set # CONFIG_IP_SET_HASH_IPMAC is not set # CONFIG_IP_SET_HASH_MAC is not set # CONFIG_IP_SET_HASH_NETPORTNET is not set # CONFIG_IP_SET_HASH_NET is not set # CONFIG_IP_SET_HASH_NETNET is not set # CONFIG_IP_SET_HASH_NETPORT is not set # CONFIG_IP_SET_HASH_NETIFACE is not set # CONFIG_IP_SET_LIST_SET is not set Ubuntu Release: ~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS" Any help is greatly appreciated. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/1793841/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1793841] Re: IP_SET modules not included in kernel build, prevents container functionality
To clarify your comment #1, I could install linux-kvm-xenial now to get the modules, but your work will eventually add them to the default kernel used by Ubuntu Minimal Cloud images? Thanks in advance -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1793841 Title: IP_SET modules not included in kernel build, prevents container functionality Status in cloud-images: Invalid Status in linux-kvm package in Ubuntu: In Progress Status in linux-kvm source package in Bionic: In Progress Bug description: I would like to run Ubuntu Minimal Cloud Image as the base OS on which I run Kubernetes and various other containers, but it requires ipset and various kernel modules included in the build. Is there a way to have those added by default, or a documented process for me to modify the kernel on my Minimal Cloud images? I tried to use kube-router as a routing platform for connecting the containers between Ubuntu hosts, but this requires ipset. The error from kube-router: I0921 00:19:45.773157 1 kube-router.go:207] Running /usr/local/bin/kube-router version v0.2.0, built on 2018-09-12T08:03:59-0400, go1.10.3 Failed to run kube-router: Failed to create network routing controller: Failed to create ipset set on system: ipset v6.34: Kernel error received: set type not supported After some digging, it seems I need the following modules at least compiled into the kernel as modules: root@deva-controller0:~# cat "/boot/config-`uname -r`" | grep IP_SET CONFIG_IP_SET=y CONFIG_IP_SET_MAX=256 # CONFIG_IP_SET_BITMAP_IP is not set # CONFIG_IP_SET_BITMAP_IPMAC is not set # CONFIG_IP_SET_BITMAP_PORT is not set # CONFIG_IP_SET_HASH_IP is not set # CONFIG_IP_SET_HASH_IPMARK is not set # CONFIG_IP_SET_HASH_IPPORT is not set # CONFIG_IP_SET_HASH_IPPORTIP is not set # CONFIG_IP_SET_HASH_IPPORTNET is not set # CONFIG_IP_SET_HASH_IPMAC is not set # CONFIG_IP_SET_HASH_MAC is not set # CONFIG_IP_SET_HASH_NETPORTNET is not set # CONFIG_IP_SET_HASH_NET is not set # CONFIG_IP_SET_HASH_NETNET is not set # CONFIG_IP_SET_HASH_NETPORT is not set # CONFIG_IP_SET_HASH_NETIFACE is not set # CONFIG_IP_SET_LIST_SET is not set Ubuntu Release: ~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS" Any help is greatly appreciated. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/1793841/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
