Hi,
I am setting up a k3s-cluster with embedded etcd, with calico as CNI.
When changing “allow_ip_forwarding” to true - cni-config keeps resetting to defaults:
setting “allow_ip_forwarding” to false
My initial settings are as follows:
The master node:
k3sup install \
--ip $SERVER_IP_MASTER \
--user $USER \
--ssh-key $SSH_KEY \
--cluster \
--k3s-version=$k3s_version \
--k3s-extra-args "--flannel-backend=none --disable-network-policy --service-cidr=10.43.0.0/16 --cluster-cidr=192.168.0.0/16 --write-kubeconfig-mode 644" \
--local-path $HOME/.kube/config \
--context k3s-ha
Then I create the tigera-operator.yaml with
kubectl create -f docs.projectcalico.org/manifests/tigera-operator.yaml
Edit the custom-resources.yaml to:
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
name: default
spec:
calicoNetwork:
ipPools:
- blockSize: 26
cidr: 192.168.0.0/16
encapsulation: IPIP
natOutgoing: Enabled
nodeSelector: all()
CalicoNetworkSpec:
---
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
name: default
spec: {}
---
create it with:
kubectl create -f custom-resources . yaml
edit /etc/cni/net.d/10-calico.conflist on the server to:
"allow_ip_forwarding": true
....
Edit
KUBE_EDITOR=nano kubectl edit cm cni-config -n calico-system
to:
"allow_ip_forwarding": true'
....
reboot server.
Then when looking at the cni-config file afer boot it had reset the setting to:
"allow_ip_forwarding": false'
....
What am I missing?