Skip to content

Commit

Permalink
Support Rocky Linux 9 hosts
Browse files Browse the repository at this point in the history
Signed-off-by: Akihiro Suda <[email protected]>
  • Loading branch information
AkihiroSuda committed Sep 15, 2023
1 parent 57a770a commit d330069
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 7 deletions.
13 changes: 12 additions & 1 deletion Makefile.d/check-preflight.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ function ERROR() {
}

: "${DOCKER:=docker}"
: "${QUICK:=0}"
: "${BUSYBOX_IMAGE:=busybox}"

# Check hard dependency commands
for f in make jq "${DOCKER}"; do
Expand Down Expand Up @@ -59,8 +61,17 @@ else
fi

# Check kernel modules
for f in ip6_tables ip6table_nat ip_tables iptable_nat vxlan; do
for f in br_netfilter ip6_tables ip6table_nat ip_tables iptable_nat vxlan; do
if ! grep -qw "^$f" /proc/modules; then
WARNING "Kernel module \"${f}\" does not seem loaded? (negligible if built-in to the kernel)"
fi
done

if [ "$QUICK" != "1" ]; then
# Check net.ipv4.conf.default.rp_filter in the daemon's network namespace.
# The value can be 0 (disabled) or 2 (loose), must not be 1 (strict).
if [ "$(${DOCKER} run --rm --net=host "${BUSYBOX_IMAGE}" sysctl -n net.ipv4.conf.default.rp_filter)" == "1" ]; then
ERROR "sysctl value \"net.ipv4.conf.default.rp_filter\" must be 0 (disabled) or 2 (loose) in the daemon's network namespace"
exit 1
fi
fi
23 changes: 19 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,10 @@ but Usernetes (Gen 2) supports creating a cluster with multiple hosts.

## Requirements

> **Note**
>
> Using Ubuntu 22.04 hosts is recommended.
- Host OS should be one of the following:
- Ubuntu 22.04 (recommended)
- Rocky Linux 9
- AlmaLinux 9

- [Rootless Docker](https://rootlesscontaine.rs/getting-started/docker/):
```bash
Expand Down Expand Up @@ -52,7 +53,21 @@ sudo systemctl daemon-reload

- Kernel modules:
```
sudo modprobe vxlan
sudo tee /etc/modules-load.d/usernetes.conf <<EOF >/dev/null
br_netfilter
vxlan
EOF
sudo systemctl restart systemd-modules-load.service
```

- sysctl:
```
cat tee /etc/sysctl.d/99-usernetes.conf <<EOF >/dev/null
net.ipv4.conf.default.rp_filter = 2
EOF
sudo sysctl --system
```

## Usage
Expand Down
5 changes: 5 additions & 0 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,11 @@ services:
environment:
KUBECONFIG: /etc/kubernetes/admin.conf
U7S_HOST_IP: ${U7S_HOST_IP}
sysctls:
- net.ipv4.ip_forward=1
# In addition, `net.ipv4.conf.default.rp_filter`
# has to be set to 0 (disabled) or 2 (loose)
# in the daemon's network namespace.
networks:
default:
ipam:
Expand Down
28 changes: 26 additions & 2 deletions hack/init-host.root.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,33 @@ EOF
systemctl daemon-reload
fi

cat >/etc/modules-load.d/usernetes.conf <<EOF
br_netfilter
vxlan
EOF
systemctl restart systemd-modules-load.service

cat >/etc/sysctl.d/99-usernetes.conf <<EOF
# For VXLAN, net.ipv4.conf.default.rp_filter must not be 1 (strict) in the daemon's netns.
# It may still remain 1 in the host netns, but there is no robust and simple way to
# configure sysctl for the daemon's netns. So we are configuring it globally here.
net.ipv4.conf.default.rp_filter = 2
EOF
sysctl --system

if ! command -v dockerd-rootless-setuptool.sh >/dev/null 2>&1; then
curl https://get.docker.com | sh
if grep -q centos /etc/os-release; then
# Works with Rocky and Alma too
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
dnf -y install docker-ce
else
curl https://get.docker.com | sh
fi
fi
systemctl disable --now docker

apt-get install -y uidmap make jq
if command -v dnf >/dev/null 2>&1; then
dnf install -y git shadow-utils make jq
else
apt-get install -y git uidmap make jq
fi

0 comments on commit d330069

Please sign in to comment.