I then apply the latest calico manifest from: https://docs.projectcalico.org/latest/getting-started/kubernetes/installation/calico
This results in a crashlooping calico-node pod on each host with the following presented in the log:
This can be worked around by running the following:
adjust the --name argument to the name of your cluster or leave it off for the "default" kind cluster.
I then looked into when this value was being set.
In the standard bring up this is the configured value:
which it appears is being set by
This was in turn changed to 2 with this issue:
in my other findings I found that:
and the base-image freshly built:
altho! the security file is present at this time!.
I think what's happening is that the sysctl is being honored when we start up the "real" node-image and that is what's causing the problem for calico.
What you expected to happen:
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
write up on this by Alex as well I like his solution as well!
It seems to be messing up DNS (I was following you TGIK 075)
$ k exec -it nginxd-667bdf4c99-qsbrv -- bash
** server can't find google.com: SERVFAIL
I'll push new images with https://github.com/kubernetes-sigs/kind/milestone/8 which is primarily blocked on rounding out some stability fixes. I'm back on that now.