This repository has been archived by the owner on Jun 20, 2024. It is now read-only.
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.
Deal better with IP forwarding being disabled #3280
Open
Description
A colleague was puzzled when their Kubernetes cluster did not work, and the root cause was sysctl net.ipv4.ip_forward
set to 0.
I don't think we should universally turn it on, since IP forwarding is a security concern. But the current model of Kubernetes+Weave Net definitely requires it, so at least a warning or exit with error when it is found turned off in the kernel.
Activity
jml commentedon Apr 21, 2018
Probably a separate issue, but I'd also suggest amending https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#pod-network to document that it should be turned on.
jml commentedon Apr 21, 2018
Although @bboreham points out in another forum that the instruction might not be necessary for all distros.
bboreham commentedon Apr 22, 2018
The default for Docker is to turn it on: https://docs.docker.com/v17.09/engine/userguide/networking/default_network/container-communication/#communicating-to-the-outside-world