diff options
| author | Niklas Hambüchen <mail@nh2.me> | 2021-07-27 16:18:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-27 16:18:00 +0200 |
| commit | 0a532d8b2231d7d02700af4c4385e299508aa3fe (patch) | |
| tree | 8cb9e08c54f6a5f23b52d299996194984f1fb856 | |
| parent | Merge pull request #130829 from NixOS/backport-130273-to-release-21.05 (diff) | |
| parent | kubernetes: fix conntrack-tools package name, missing dir, and tests (diff) | |
| download | nixpkgs-0a532d8b2231d7d02700af4c4385e299508aa3fe.tar.gz | |
Merge pull request #128818 from NixOS/backport-128546-to-release-21.05
[Backport release-21.05] kubernetes: make tests pass by fixing a conntrack-tools dep and a missing dir
| -rw-r--r-- | nixos/modules/services/cluster/kubernetes/pki.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/cluster/kubernetes/proxy.nix | 2 | ||||
| -rw-r--r-- | nixos/tests/kubernetes/base.nix | 9 |
3 files changed, 10 insertions, 2 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 8de6a3ba0d80..d9311d3e3a04 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -189,6 +189,7 @@ in # manually paste it in place. Just symlink. # otherwise, create the target file, ready for users to insert the token + mkdir -p $(dirname ${certmgrAPITokenPath}) if [ -f "${cfsslAPITokenPath}" ]; then ln -fs "${cfsslAPITokenPath}" "${certmgrAPITokenPath}" else diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix index 7aa449f9aa21..42729f54643b 100644 --- a/nixos/modules/services/cluster/kubernetes/proxy.nix +++ b/nixos/modules/services/cluster/kubernetes/proxy.nix @@ -59,7 +59,7 @@ in description = "Kubernetes Proxy Service"; wantedBy = [ "kubernetes.target" ]; after = [ "kube-apiserver.service" ]; - path = with pkgs; [ iptables conntrack_tools ]; + path = with pkgs; [ iptables conntrack-tools ]; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = ''${top.package}/bin/kube-proxy \ diff --git a/nixos/tests/kubernetes/base.nix b/nixos/tests/kubernetes/base.nix index 8cfac10b6dc4..1f23ca55fb23 100644 --- a/nixos/tests/kubernetes/base.nix +++ b/nixos/tests/kubernetes/base.nix @@ -40,7 +40,7 @@ let allowedTCPPorts = [ 10250 # kubelet ]; - trustedInterfaces = ["docker0"]; + trustedInterfaces = ["mynet"]; extraCommands = concatMapStrings (node: '' iptables -A INPUT -s ${node.config.networking.primaryIPAddress} -j ACCEPT @@ -61,6 +61,13 @@ let advertiseAddress = master.ip; }; masterAddress = "${masterName}.${config.networking.domain}"; + # workaround for: + # https://github.com/kubernetes/kubernetes/issues/102676 + # (workaround from) https://github.com/kubernetes/kubernetes/issues/95488 + kubelet.extraOpts = ''\ + --cgroups-per-qos=false \ + --enforce-node-allocatable="" \ + ''; }; } (optionalAttrs (any (role: role == "master") machine.roles) { |