kubeadm complains about bridge-nf-call and ip_forward if not using docker runtime

 

Error

After booting a clean system, running kubeadm init with a CRI runtime other than docker configured produces the following pair of error messages:

                    [ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist

                    [ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1

 

Solution

Those two pre-flight checks to pass because they could be satisfied automatically.

Obviously, these are handled automatically by the starting of the docker daemon normally, but for openSUSE Kubic we are investigating using CRI-O by default, where we do not have the luxury of an overbearing daemon to meddle with such things.

Therefore this bug report is either an opportunity for kubeadm to handle things itself. I think there is a case to be that because kubeadm knows what it needs, kubeadm should modprobe br_netfilter and echo '1' > /proc/sys/net/ipv4/ip_forward automatically rather than complaining about the issues.