Revert "Add instructions for switching to iptables-legacy" #19773
Conversation
|
@danwinship: GitHub didn't allow me to request PR reviews from the following users: praseodym. Note that only kubernetes members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
cncf-cla: yes
|
Deploy preview for kubernetes-io-master-staging ready! Built with commit 38ab1d3 https://deploy-preview-19773--kubernetes-io-master-staging.netlify.com |
|
Haven’t tested the nftables compatibility myself, but I assume that has been well tested already. /lgtm |
|
@praseodym: changing LGTM is restricted to collaborators In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@kubernetes/sig-network-pr-reviews
this was a passage added with the approval of sig-network and sig-release.
sig-release creates kubeadm packages for RedHat* and Debian*. the kubeadm docs can include coverage for kube-proxy or distro specific issues only on a best effort basis, as we cannot test all distros out there.
has to be added to the dev-1.18 branch too, but overall k/website does not maintain older docs release branches. @kubernetes/sig-docs-en-owners |
k8s-ci-robot
added
the
sig/network
|
/sig network cluster-lifecycle |
k8s-ci-robot
added
the
sig/cluster-lifecycle
AIUI it'd be OK to target master and then when dev-1.18 merges into master then the change will persist. |
|
@kubernetes/sig-cluster-lifecycle-pr-reviews - happy to give this a /lgtm ? |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: sftim The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
|
/hold cancel |
k8s-ci-robot
removed
the
do-not-merge/hold
…#16271)" (kubernetes#19773) This reverts commit 9cdaf4e. As of kube 1.17, kubeadm is compatible with iptables-nft
As of kube 1.17, kubeadm supports systems using iptables in nft mode, but we forgot to remove the warnings claiming that it doesn't.
This patch removes the sentence "RHEL 8 does not support switching to legacy mode, and is therefore incompatible with current kubeadm packages.". However, nothing in the doc had claimed that RHEL 8 was supported before this, so I don't know if there are other issues, so I didn't add it to the list of supported platforms at the top.
This should be backported to the 1.17 docs. I'm not sure if that requires more than just "
/cherry-pick release-1.17"? Note that this doesn't require any sort of belated release notes update, because it was already in the 1.17 release notes ("The official kube-proxy image (used by kubeadm, among other things) is now compatible with systems running iptables 1.8 in “nft” mode, and will autodetect which mode it should use.")/cc @praseodym