diff --git a/docs/vars.md b/docs/vars.md index c904e9336..2f19d1348 100644 --- a/docs/vars.md +++ b/docs/vars.md @@ -92,6 +92,10 @@ Stack](https://github.com/kubernetes-incubator/kargo/blob/master/docs/dns-stack. ``--insecure-registry=myregistry.mydomain:5000`` * *http_proxy/https_proxy/no_proxy* - Proxy variables for deploying behind a proxy +* *kubelet_load_modules* - For some things, kubelet needs to load kernel modules. For example, + dynamic kernel services are needed for mounting persistent volumes into containers. These may not be + loaded by preinstall kubernetes processes. For example, ceph and rbd backed volumes. Set this variable to + true to let kubelet load kernel modules. #### User accounts diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index c2fc56bf9..88a357a82 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -48,6 +48,14 @@ kube_log_level: 2 # 1.5 default behavior. The flag is actually only added if the used kubernetes version is >= 1.5 kube_api_anonymous_auth: false +# +# For some things, kubelet needs to load kernel modules. For example, dynamic kernel services are needed +# for mounting persistent volumes into containers. These may not be loaded by preinstall kubernetes +# processes. For example, ceph and rbd backed volumes. Set to true to allow kubelet to load kernel +# modules. +# +kubelet_load_modules: false + # Users to create for basic auth in Kubernetes API via HTTP kube_api_pwd: "changeme" kube_users: diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml index d60b76208..da1ed6d07 100644 --- a/roles/kubernetes/node/defaults/main.yml +++ b/roles/kubernetes/node/defaults/main.yml @@ -33,3 +33,5 @@ etcd_config_dir: /etc/ssl/etcd # A port range to reserve for services with NodePort visibility. # Inclusive at both ends of the range. kube_apiserver_node_port_range: "30000-32767" + +kubelet_load_modules: false diff --git a/roles/kubernetes/node/templates/kubelet-container.j2 b/roles/kubernetes/node/templates/kubelet-container.j2 index 1e2e13a93..5126f1b59 100644 --- a/roles/kubernetes/node/templates/kubelet-container.j2 +++ b/roles/kubernetes/node/templates/kubelet-container.j2 @@ -14,6 +14,9 @@ {% for dir in ssl_ca_dirs -%} -v {{ dir }}:{{ dir }}:ro \ {% endfor -%} + {% if kubelet_load_modules -%} + -v /lib/modules:/lib/modules:ro \ + {% endif -%} -v /sys:/sys:ro \ -v {{ docker_daemon_graph }}:/var/lib/docker:rw \ -v /var/lib/kubelet:/var/lib/kubelet:shared \