Skip to content
This repository has been archived by the owner. It is now read-only.

Module nf_conntrack_ipv4 not found in directory /lib/modules/4.19.0-coreos #2518

Closed
ijl opened this issue Oct 26, 2018 · 6 comments
Closed

Module nf_conntrack_ipv4 not found in directory /lib/modules/4.19.0-coreos #2518

ijl opened this issue Oct 26, 2018 · 6 comments

Comments

@ijl
Copy link

@ijl ijl commented Oct 26, 2018

Issue Report

The kernel module nf_conntrack_ipv4 is not available on the 4.19 kernel in 1939.0.0. This breaks ipvs. This was available on the 4.18 kernels.

Bug

Container Linux Version

$ cat /etc/os-release
NAME="Container Linux by CoreOS"
ID=coreos
VERSION=1939.0.0
VERSION_ID=1939.0.0
BUILD_ID=2018-10-22-2357
PRETTY_NAME="Container Linux by CoreOS 1939.0.0 (Rhyolite)"
ANSI_COLOR="38;5;75"
HOME_URL="https://coreos.com/"
BUG_REPORT_URL="https://issues.coreos.com"
COREOS_BOARD="amd64-usr"

Reproduction Steps

core # modprobe -- nf_conntrack_ipv4
modprobe: FATAL: Module nf_conntrack_ipv4 not found in directory /lib/modules/4.19.0-coreos
@dm0-
Copy link

@dm0- dm0- commented Oct 26, 2018

What is actually failing? It looks okay if I run ipvsadm directly.

[   22.461066] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[   22.461415] IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
[   22.461724] IPVS: ipvs loaded.

The nf_conntrack_ipv4 modules isn't supposed to exist since torvalds/linux@a0ae256.

@bgilbert
Copy link
Member

@bgilbert bgilbert commented Oct 26, 2018

If for some reason you need to load the module directly, modprobe nf_conntrack should be sufficient in 4.19.

@ijl
Copy link
Author

@ijl ijl commented Oct 26, 2018

The error is kube-proxy failing to run in ipvs mode due to a check for nf_conntrack_ipv4 specifically (https://github.com/kubernetes/kubernetes/blob/6a8a8597f5bf4de29b7b88384529188df0b71337/pkg/util/ipvs/ipvs.go#L70-L77). So agreed this is an issue with kubernetes and not coreos. Thank you for looking into it.

@bgilbert
Copy link
Member

@bgilbert bgilbert commented Oct 26, 2018

Okay, thanks for the info. I'm looking at working around this in Container Linux.

  1. Does kube-proxy fail entirely, or only produce a warning? Could you post any error messages?
  2. Would you be willing to report this problem upstream to Kubernetes?
@ijl
Copy link
Author

@ijl ijl commented Oct 26, 2018

@bgilbert it runs while falling back to using iptables. More on the kubernetes issue: kubernetes/kubernetes#70304

@bgilbert
Copy link
Member

@bgilbert bgilbert commented Oct 27, 2018

I've added a compatibility nf_conntrack_ipv4 module to the Container Linux kernel, which will be included in the next alpha release. Thanks for reporting!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants