2021-05-16 19:07:59 +00:00
|
|
|
# CentOS 8 and derivatives
|
2020-04-07 12:49:43 +00:00
|
|
|
|
2021-05-16 19:07:59 +00:00
|
|
|
CentOS 8 / Oracle Linux 8 / AlmaLinux 8 ship only with iptables-nft (ie without iptables-legacy similar to RHEL8)
|
2020-04-07 12:49:43 +00:00
|
|
|
The only tested configuration for now is using Calico CNI
|
2021-05-16 19:07:59 +00:00
|
|
|
You need to add `calico_iptables_backend: "NFT"` or `calico_iptables_backend: "Auto"` to your configuration.
|
2020-04-07 12:49:43 +00:00
|
|
|
|
|
|
|
If you have containers that are using iptables in the host network namespace (`hostNetwork=true`),
|
|
|
|
you need to ensure they are using iptables-nft.
|
2020-05-06 18:17:25 +00:00
|
|
|
An example how k8s do the autodetection can be found [in this PR](https://github.com/kubernetes/kubernetes/pull/82966)
|