assets: Ensure BPFFS mount (bsc#1146991) #1101
Conversation
vadorovsky
force-pushed
the
fix-bpffs-mount
branch
3 times, most recently
from
282d11d to
2569cf0
Compare
| @@ -23,6 +23,7 @@ Description=kubelet: The Kubernetes Node Agent | |||
| Documentation=http://kubernetes.io/docs/ | |||
|
|
|||
| [Service] | |||
| ExecStartPre=/bin/bash -c "findmnt -t bpf --mountpoint /sys/fs/bpf || mount bpffs /sys/fs/bpf -t bpf" | |||
There was a problem hiding this comment.
NIT: this prints a message, we might want to do this as
/bin/bash -c "findmnt -t bpf --mountpoint /sys/fs/bpf > /dev/null || mount bpffs /sys/fs/bpf -t bpf"
|
So it looks like this is a missing feature in systemd. Starting with systemd 238, the bpffs is mounted by default. did we ask the systemd maintainers whether they'd be interested in backporting the fixes? that would fix all CaaSP releases at once. |
We didn't. |
Cilium DaemonSet has the host mount from /sys/fs/bpf directory and it expects a mount of BPFFS type. Otherwise, it creates its own BPFFS mount, but it's not persistent. To avoid any issues with lack of the mount on the host, ensure it in kubelet service. Fixes: SUSE#712 Signed-off-by: Michal Rostecki <mrostecki@suse.de>
vadorovsky
force-pushed
the
fix-bpffs-mount
branch
from
2569cf0 to
9f6de2a
Compare
|
I asked now about a backport for systemd/systemd@43b7f24 which would fix all caasp releases at the same time without having to get the caasp team to release updates on all caasp versions (which will take weeks to months) |
|
I thought we were not allowed to backport systemd changes (or update systemd on stable)! That's amazing! Should we just drop this? |
|
@evrardjp Its not clear whether we can do the systemd backport (systemd is maintained by the systemd maintainers at SUSE). they have any right to reject such a backport or delay it until the next SP. however we need a solution in the caasp product nontheless. if it won't be done by systemd then there needs to be a caasp specific solution. it doesn't hurt to continue with this change though, a systemd fix will cause the code to become obsolete but it will not hurt anyone. once the systemd update is released (and sufficient time has passed to assume that customers have updated) the patch could simply be reverted. |
|
tl;dr: I agree. (In fact I agreed else I wouldn't have merged). I am not sure this change will be easily backportable into older branches for fixing caasp4. I encourage the network team to think about the fact this won't fix CaaSP4, as this PR's target is master. |
Cilium DaemonSet has the host mount from /sys/fs/bpf directory and it
expects a mount of BPFFS type. Otherwise, it creates its own BPFFS
mount, but it's not persistent. To avoid any issues with lack of the
mount on the host, ensure it in kubelet service
Signed-off-by: Michal Rostecki mrostecki@suse.de