Microk8s calico nodes failing to start on ubuntu 22.04. Microk8s 1.29 stable is missing ipt_set and possibly other CONFIG_NETFILTER_XT_MATCH. The calico-node-xxxxx pod is failing 0/1 with error "errorOutput="iptables-restore v1.8.4 (le
load match `set’:No such file or directory\n\nError occurred at line: 31. CONFIG_NETFILTER_XT_Match_SET is not available in “grep CONFIG_NETFILTER_XT_MATCH /boot/config-$(uname -r)”. Nat rules are not being applied. Any way to get that added and any other required iptables configs or instructions?
I assume both ipv4 and ipv6. From Calico:
- The
iptablesmodules (both the “legacy” and “nft” variants are supported). These are typically broken up into many small modules, one for each type of match criteria and one for each type of action. Calico requires:- The “base” modules (including the IPv6 versions if IPv6 is enabled in your cluster).
- At least the following match criteria:
set,rpfilter,addrtype,comment,conntrack,icmp,tcp,udp,ipvs,icmpv6(if IPv6 is enabled in your kernel),mark,multiport,rpfilter,sctp,ipvs(if usingkube-proxyin IPVS mode). - At least the following actions:
REJECT,ACCEPT,DROP,LOG.
Thanks