Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add conntrack to ISO - required for Kubernetes v1.18.x #6619

Closed
tstromberg opened this issue Feb 13, 2020 · 6 comments · Fixed by #6626
Closed

Add conntrack to ISO - required for Kubernetes v1.18.x #6619

tstromberg opened this issue Feb 13, 2020 · 6 comments · Fixed by #6626
Labels
area/guest-vm General configuration issues with the minikube guest VM kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
v1.8.0 March 5

Comments

@tstromberg
Copy link
Contributor

We should aim to update the LatestVersion constant to a v1.18 alpha in the v1.8.0 release so that there is time for us to battle-test Kubernetes v1.18 in minikube before the big release date.

Assuming #6603 is merged, minikube fails here with v1.18.0-alpha5.

213 11:57:11.300721   68618 exit.go:101] Error starting cluster: init failed. output: "-- stdout --\n[init] Using Kubernetes version: v1.18.0-alpha.5\n[preflight] Running pre-flight checks\n\n-- /stdout --\n** stderr ** \nW0213 19:57:08.866611    2776 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]\n\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/\n\t[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'\nerror execution phase preflight: [preflight] Some fatal errors occurred:\n\t[ERROR FileExisting-conntrack]: conntrack not found in system path\n[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`\nTo see the stack trace of this error execute with --v=5 or higher\n\n** /stderr **": /bin/bash -c "sudo env PATH=/var/lib/minikube/binaries/v1.18.0-alpha.5:$PATH kubeadm init --config /var/tmp/minikube/kubeadm.yaml  --ignore-preflight-errors=DirAvailable--etc-kubernetes-manifests,DirAvailable--var-lib-minikube,DirAvailable--var-lib-minikube-etcd,FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml,FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml,FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml,FileAvailable--etc-kubernetes-manifests-etcd.yaml,Port-10250,Swap,SystemVerification": Process exited with status 1
stdout:
[init] Using Kubernetes version: v1.18.0-alpha.5
[preflight] Running pre-flight checks

stderr:
W0213 19:57:08.866611    2776 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
	[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
	[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
error execution phase preflight: [preflight] Some fatal errors occurred:
	[ERROR FileExisting-conntrack]: conntrack not found in system path
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

💣  Error starting cluster: init failed. output: "-- stdout --\n[init] Using Kubernetes version: v1.18.0-alpha.5\n[preflight] Running pre-flight checks\n\n-- /stdout --\n** stderr ** \nW0213 19:57:08.866611    2776 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]\n\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/\n\t[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'\nerror execution phase preflight: [preflight] Some fatal errors occurred:\n\t[ERROR FileExisting-conntrack]: conntrack not found in system path\n[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`\nTo see the stack trace of this error execute with --v=5 or higher\n\n** /stderr **": /bin/bash -c "sudo env PATH=/var/lib/minikube/binaries/v1.18.0-alpha.5:$PATH kubeadm init --config /var/tmp/minikube/kubeadm.yaml  --ignore-preflight-errors=DirAvailable--etc-kubernetes-manifests,DirAvailable--var-lib-minikube,DirAvailable--var-lib-minikube-etcd,FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml,FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml,FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml,FileAvailable--etc-kubernetes-manifests-etcd.yaml,Port-10250,Swap,SystemVerification": Process exited with status 1
stdout:
[init] Using Kubernetes version: v1.18.0-alpha.5
[preflight] Running pre-flight checks

stderr:
W0213 19:57:08.866611    2776 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
	[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
	[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
error execution phase preflight: [preflight] Some fatal errors occurred:
	[ERROR FileExisting-conntrack]: conntrack not found in system path
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher
@tstromberg tstromberg added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Feb 13, 2020
@tstromberg tstromberg added this to the v1.8.0 Feb 28 milestone Feb 13, 2020
@tstromberg tstromberg changed the title Support for Kubernetes v1.18.x (requires conntrack) Support for Kubernetes v1.18.x (requires conntrack binary) Feb 13, 2020
@tstromberg tstromberg changed the title Support for Kubernetes v1.18.x (requires conntrack binary) Add conntrack to ISO - required for Kubernetes v1.18.x Feb 13, 2020
@tstromberg
Copy link
Contributor Author

tstromberg commented Feb 13, 2020
edited
Loading

It's worth noting that Kubernetes v1.18 works just fine with the Docker driver, likely because the kind node image includes conntrack already.

@afbjorklund
Copy link
Collaborator

afbjorklund commented Feb 13, 2020
edited
Loading

We have conntrack-tools 1.4.5 available as a package, so that should be doable...

# BR2_PACKAGE_CONNTRACK_TOOLS is not set

@afbjorklund
Copy link
Collaborator

Apparently the dependency was added for both deb and rpm packages. How nice...

It would be great if minikube could get more official kubernetes packaging status. 😐

@afbjorklund afbjorklund mentioned this issue Feb 13, 2020
Merged
@afbjorklund afbjorklund added kind/feature Categorizes issue or PR as related to a new feature. area/guest-vm General configuration issues with the minikube guest VM labels Feb 13, 2020
@afbjorklund afbjorklund reopened this Feb 14, 2020
@afbjorklund
Copy link
Collaborator

Looks like we also need a kernel module loaded, for this to work properly.

$ sudo modprobe nf_conntrack     
$ sudo sysctl net.netfilter.nf_conntrack_count
net.netfilter.nf_conntrack_count = 0

@afbjorklund
Copy link
Collaborator

And another crio binary as well, which I knew about - but forgot.

runtime config: pinns validation: exec: \"pinns\": executable file not found in $PATH

Remembered to remove "pause", but not to add the new "pinns"....

@afbjorklund
Copy link
Collaborator

It was the missing binary that was blocking crio.service, and thus our modprobe

@bfitzpat bfitzpat mentioned this issue May 5, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/guest-vm General configuration issues with the minikube guest VM kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Projects
None yet
Milestone
v1.8.0 March 5
Development

Successfully merging a pull request may close this issue.

Add conntrack-tools, needed for kubernetes 1.18 afbjorklund/minikube
2 participants
@tstromberg @afbjorklund