Due to the nsenter and other reworks, it appears that

kubelet lost the ability to load kernel modules.  This
puts that back by adding the lib/modules mount to kubelet.

The new variable kubelet_load_modules can be set to true
to enable this item.  It is OFF by default.
This commit is contained in:
Greg Althaus 2017-02-09 09:56:12 -06:00
parent 17dfae6d4e
commit fcd78eb1f7
3 changed files with 15 additions and 0 deletions

View file

@ -92,6 +92,10 @@ Stack](https://github.com/kubernetes-incubator/kargo/blob/master/docs/dns-stack.
``--insecure-registry=myregistry.mydomain:5000``
* *http_proxy/https_proxy/no_proxy* - Proxy variables for deploying behind a
proxy
* *kubelet_load_modules* - For some things, kubelet needs to load kernel modules. For example,
dynamic kernel services are needed for mounting persistent volumes into containers. These may not be
loaded by preinstall kubernetes processes. For example, ceph and rbd backed volumes. Set this variable to
true to let kubelet load kernel modules.
#### User accounts

View file

@ -48,6 +48,14 @@ kube_log_level: 2
# 1.5 default behavior. The flag is actually only added if the used kubernetes version is >= 1.5
kube_api_anonymous_auth: false
#
# For some things, kubelet needs to load kernel modules. For example, dynamic kernel services are needed
# for mounting persistent volumes into containers. These may not be loaded by preinstall kubernetes
# processes. For example, ceph and rbd backed volumes. Uncomment to allow kubelet to load kernel
# modules.
#
#kubelet_load_modules: true
# Users to create for basic auth in Kubernetes API via HTTP
kube_api_pwd: "changeme"
kube_users:

View file

@ -14,6 +14,9 @@
{% for dir in ssl_ca_dirs -%}
-v {{ dir }}:{{ dir }}:ro \
{% endfor -%}
{% if kubelet_load_modules is defined and kubelet_load_modules == true -%}
-v /lib/modules:/lib/modules:ro \
{% endif -%}
-v /sys:/sys:ro \
-v {{ docker_daemon_graph }}:/var/lib/docker:rw \
-v /var/lib/kubelet:/var/lib/kubelet:shared \