Merge pull request #128818 from NixOS/backport-128546-to-release-21.05
[Backport release-21.05] kubernetes: make tests pass by fixing a conntrack-tools dep and a missing dir
This commit is contained in:
commit
0a532d8b22
@ -189,6 +189,7 @@ in
|
|||||||
# manually paste it in place. Just symlink.
|
# manually paste it in place. Just symlink.
|
||||||
# otherwise, create the target file, ready for users to insert the token
|
# otherwise, create the target file, ready for users to insert the token
|
||||||
|
|
||||||
|
mkdir -p $(dirname ${certmgrAPITokenPath})
|
||||||
if [ -f "${cfsslAPITokenPath}" ]; then
|
if [ -f "${cfsslAPITokenPath}" ]; then
|
||||||
ln -fs "${cfsslAPITokenPath}" "${certmgrAPITokenPath}"
|
ln -fs "${cfsslAPITokenPath}" "${certmgrAPITokenPath}"
|
||||||
else
|
else
|
||||||
|
@ -59,7 +59,7 @@ in
|
|||||||
description = "Kubernetes Proxy Service";
|
description = "Kubernetes Proxy Service";
|
||||||
wantedBy = [ "kubernetes.target" ];
|
wantedBy = [ "kubernetes.target" ];
|
||||||
after = [ "kube-apiserver.service" ];
|
after = [ "kube-apiserver.service" ];
|
||||||
path = with pkgs; [ iptables conntrack_tools ];
|
path = with pkgs; [ iptables conntrack-tools ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Slice = "kubernetes.slice";
|
Slice = "kubernetes.slice";
|
||||||
ExecStart = ''${top.package}/bin/kube-proxy \
|
ExecStart = ''${top.package}/bin/kube-proxy \
|
||||||
|
@ -40,7 +40,7 @@ let
|
|||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
10250 # kubelet
|
10250 # kubelet
|
||||||
];
|
];
|
||||||
trustedInterfaces = ["docker0"];
|
trustedInterfaces = ["mynet"];
|
||||||
|
|
||||||
extraCommands = concatMapStrings (node: ''
|
extraCommands = concatMapStrings (node: ''
|
||||||
iptables -A INPUT -s ${node.config.networking.primaryIPAddress} -j ACCEPT
|
iptables -A INPUT -s ${node.config.networking.primaryIPAddress} -j ACCEPT
|
||||||
@ -61,6 +61,13 @@ let
|
|||||||
advertiseAddress = master.ip;
|
advertiseAddress = master.ip;
|
||||||
};
|
};
|
||||||
masterAddress = "${masterName}.${config.networking.domain}";
|
masterAddress = "${masterName}.${config.networking.domain}";
|
||||||
|
# workaround for:
|
||||||
|
# https://github.com/kubernetes/kubernetes/issues/102676
|
||||||
|
# (workaround from) https://github.com/kubernetes/kubernetes/issues/95488
|
||||||
|
kubelet.extraOpts = ''\
|
||||||
|
--cgroups-per-qos=false \
|
||||||
|
--enforce-node-allocatable="" \
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
(optionalAttrs (any (role: role == "master") machine.roles) {
|
(optionalAttrs (any (role: role == "master") machine.roles) {
|
||||||
|
Loading…
Reference in New Issue
Block a user