cmd/k8s-operator/deploy/manifests: check if IPv6 module is loaded before using it
Before attempting to enable IPv6 forwarding in the proxy init container check if the relevant module is found, else the container crashes on hosts that don't have it. Updates#11860 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
This commit is contained in:
parent
5d4b4ffc3c
commit
2fa7d1d836
|
@ -14,10 +14,8 @@ spec:
|
|||
- name: sysctler
|
||||
securityContext:
|
||||
privileged: true
|
||||
command: ["/bin/sh"]
|
||||
args:
|
||||
- -c
|
||||
- sysctl -w net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1
|
||||
command: ["/bin/sh", "-c"]
|
||||
args: [sysctl -w net.ipv4.ip_forward=1; if sysctl net.ipv6.conf.all.forwarding; then sysctl -w net.ipv6.conf.all.forwarding=1; fi]
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
|
|
|
@ -184,8 +184,8 @@ func expectedSTS(t *testing.T, cl client.Client, opts configOpts) *appsv1.Statef
|
|||
{
|
||||
Name: "sysctler",
|
||||
Image: "tailscale/tailscale",
|
||||
Command: []string{"/bin/sh"},
|
||||
Args: []string{"-c", "sysctl -w net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1"},
|
||||
Command: []string{"/bin/sh", "-c"},
|
||||
Args: []string{"sysctl -w net.ipv4.ip_forward=1; if sysctl net.ipv6.conf.all.forwarding; then sysctl -w net.ipv6.conf.all.forwarding=1; fi"},
|
||||
SecurityContext: &corev1.SecurityContext{
|
||||
Privileged: ptr.To(true),
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue