running libipvs inside the containers fail

Question

running libipvs inside the containers fail

murali-reddy opened this issue 8 years ago · 5 comments

I was trying to an application build with libipvs and observed that it will fail, even if you run container with "--privileged --cap-add=ALL".

"panic: Running modprobe ip_vs failed with message: modprobe: can't change directory to '/lib/modules': No such file or directory, error: exit status 1"

Reason for failure is use of modprobe (https://github.com/mqliang/libipvs/blob/master/ipvs.go#L45). Perhaps "modinfo ip_vs" is safe check that works both on host and container.

Answer 1 · 2017-04-24T06:36:19.000Z

My bad. Even modinfo fails.

modinfo: can't open '/lib/modules/4.4.0-72-generic/modules.dep': No such file or directory

Answer 2 · 2017-04-24T07:30:50.000Z

Maybe it's safe to remove the modprobe -va ip_vs check, after all, If ipvs kernel module is not installed on host, following Netlink call will failed. I have no time at this moment to verify this, you are welcomed to check this and post a PR .

Answer 3 · 2017-04-25T07:53:03.000Z

Closing the bug. There is work arond for this issue.

Mount /lib/modules from host to container. For e.g i added below lines to daemonset to fix this.

    volumeMounts:
      - mountPath: /lib/modules
        name: lib-modules
        readOnly: true
  volumes:
    - name: lib-modules
      hostPath:
          path: /lib/modules

Answer 4 · 2019-03-25T07:29:20.000Z

Closing the bug. There is work arond for this issue.

Mount /lib/modules from host to container. For e.g i added below lines to daemonset to fix this.
    volumeMounts:
      - mountPath: /lib/modules
        name: lib-modules
        readOnly: true
  volumes:
    - name: lib-modules
      hostPath:
          path: /lib/modules

Hi,
I am still getting following error after mounting the above volume:
Running modprobe ip_vs failed with message: modprobe: invalid option -- 'a'\nBusyBox v1.30.0 (2018-12-31 17:51:13 UTC) multi-call binary.\n\nUsage: modprobe [-rq] MODULE [SYMBOL=VALUE]...\n\n\t-r\tRemove MODULE\n\t-q\tQuiet, error: exit status 1"

What might be the reason?

Answer 5 · 2019-03-29T05:41:53.000Z

Closing the bug. There is work arond for this issue.
Mount /lib/modules from host to container. For e.g i added below lines to daemonset to fix this.
    volumeMounts:
      - mountPath: /lib/modules
        name: lib-modules
        readOnly: true
  volumes:
    - name: lib-modules
      hostPath:
          path: /lib/modules
Hi,
I am still getting following error after mounting the above volume:
Running modprobe ip_vs failed with message: modprobe: invalid option -- 'a'\nBusyBox v1.30.0 (2018-12-31 17:51:13 UTC) multi-call binary.\n\nUsage: modprobe [-rq] MODULE [SYMBOL=VALUE]...\n\n\t-r\tRemove MODULE\n\t-q\tQuiet, error: exit status 1"

What might be the reason?

Resolved it. Somehow, the base image I was using had only, -q and -r options for modprobe, not -a. So, I changed the base image. Now its working fine.