k3s/pkg/agent/syssetup/setup.go

51 lines
1.4 KiB
Go
Raw Normal View History

// +build !windows
2019-01-01 08:23:01 +00:00
package syssetup
import (
"io/ioutil"
"os"
"os/exec"
2019-01-01 08:23:01 +00:00
"github.com/sirupsen/logrus"
)
func loadKernelModule(moduleName string) {
if _, err := os.Stat("/sys/module/" + moduleName); err == nil {
logrus.Info("Module " + moduleName + " was already loaded")
return
}
if err := exec.Command("modprobe", moduleName).Run(); err != nil {
logrus.Warn("Failed to start " + moduleName + " module")
}
}
2019-11-04 18:35:14 +00:00
func enableSystemControl(file string) {
if err := ioutil.WriteFile(file, []byte("1"), 0640); err != nil {
logrus.Warnf("Failed to write value 1 at "+file+": %v", err)
}
2019-11-04 18:35:14 +00:00
}
func Configure(enableIPv6 bool) {
loadKernelModule("overlay")
loadKernelModule("nf_conntrack")
2019-11-04 18:35:14 +00:00
loadKernelModule("br_netfilter")
loadKernelModule("iptable_nat")
if enableIPv6 {
loadKernelModule("ip6table_nat")
}
// Kernel is inconsistent about how devconf is configured for
// new network namespaces between ipv4 and ipv6. Make sure to
// enable forwarding on all and default for both ipv4 and ipv6.
enableSystemControl("/proc/sys/net/ipv4/conf/all/forwarding")
enableSystemControl("/proc/sys/net/ipv4/conf/default/forwarding")
2019-11-04 18:35:14 +00:00
enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-iptables")
if enableIPv6 {
enableSystemControl("/proc/sys/net/ipv6/conf/all/forwarding")
enableSystemControl("/proc/sys/net/ipv6/conf/default/forwarding")
enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-ip6tables")
}
2019-01-01 08:23:01 +00:00
}