New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not call NewFlannelServer() unless flannel overlay is enabled #26264
Do not call NewFlannelServer() unless flannel overlay is enabled #26264
Conversation
you probably want to warn the user about iptables anway, because the kubelet installs a masquerade rule: kubernetes/pkg/kubelet/container_bridge.go Line 145 in dae5ac4
|
Ah, I missed that one. Great, I'll add that one. @bprashanth So the question is, is this masquerade rule really necessary in all cases, or just when enabling some functions? It would be really great if we found a way where kubelet didn't depend on iptables, because iptables depends on glibc, and that's quite heavy... |
Kube-proxy requires iptables anway. I feel iptables is basic enough to require on every node, perhaps @kubernetes/sig-network has thoughts. |
Yes, but the intention was to package So it would be great to not depend on |
I think iptables is effectively required On Wed, May 25, 2016 at 1:06 PM, Lucas Käldström notifications@github.com
|
Okay, @dchen1107 Should we proceed on this anyway? |
@k8s-bot e2e test this please github issue: #IGNORE |
Sure, lgtm but removing 1.3 milestone |
GCE e2e build/test passed for commit fdff659. |
Yes, absolutely! Iit shouldn't have any specific priority anymore... |
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
GCE e2e build/test passed for commit fdff659. |
Automatic merge from submit-queue |
Ref: #26093
This makes so kubelet does not warn the user that iptables isn't in PATH, although the user didn't enable the flannel overlay.
@vishh @freehan @bprashanth