github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Load kernel modules automatically inside a kube-proxy pod

Browse Source 
This change will mount `/lib/modules` on host to the kube-proxy pod,
so that a kube-proxy pod can load kernel modules by need
or when `modprobe <kmod>` is run inside the pod.

This will be convenient for kube-proxy running in IPVS mode.
Users will don't have to run `modprobe ip_vs` on nodes before starting
a kube-proxy pod.
This commit is contained in:
Yuxiang Zhu 2017-09-06 13:38:40 +08:00 committed by Yuxiang Zhu
parent 5d8046e482
commit eeab4a60f7
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/addons/kube-proxy/kube-proxy-ds.yaml
View File

@ -53,6 +53,9 @@ spec:
- mountPath: /run/xtables.lock - mountPath: /run/xtables.lock
name: xtables-lock name: xtables-lock
readOnly: false readOnly: false
- mountPath: /lib/modules
name: lib-modules
readOnly: true
volumes: volumes:
- name: varlog - name: varlog
hostPath: hostPath:
@ -64,4 +67,7 @@ spec:
hostPath: hostPath:
path: /run/xtables.lock path: /run/xtables.lock
type: FileOrCreate type: FileOrCreate
- name: lib-modules
hostPath:
path: /lib/modules
serviceAccountName: kube-proxy serviceAccountName: kube-proxy

6
cluster/saltbase/salt/kube-proxy/kube-proxy.manifest
View File

@ -96,6 +96,9 @@ spec:
- mountPath: /run/xtables.lock - mountPath: /run/xtables.lock
name: iptableslock name: iptableslock
readOnly: false readOnly: false
- mountPath: /lib/modules
name: lib-modules
readOnly: true
volumes: volumes:
- hostPath: - hostPath:
path: /usr/share/ca-certificates path: /usr/share/ca-certificates
@ -114,3 +117,6 @@ spec:
path: /run/xtables.lock path: /run/xtables.lock
type: FileOrCreate type: FileOrCreate
name: iptableslock name: iptableslock
- name: lib-modules
hostPath:
path: /lib/modules