From 10e54eca26faa6f3e19c825e068ff54e6b6a0e3a Mon Sep 17 00:00:00 2001
From: mohsen <32030892+mohsenmottaghi@users.noreply.github.com>
Date: Tue, 16 Jun 2020 12:04:06 +0430
Subject: [PATCH] make better condition for applying nf_conntrack kernel tweak 
 (#6267)

* MINOR: Check kernel version before enable modprobe nf_conntrack

* CLEANUP: no more need to ignore error of this task

* MINOR: Fixing yaml and ansible lint error - remove trailling-space
---
 roles/kubernetes/node/tasks/main.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml
index bf7d51262..2c54100d9 100644
--- a/roles/kubernetes/node/tasks/main.yml
+++ b/roles/kubernetes/node/tasks/main.yml
@@ -108,8 +108,9 @@
     name: nf_conntrack_ipv4
     state: present
   register: enable_nf_conntrack
-  ignore_errors: yes
-  when: kube_proxy_mode == 'ipvs'
+  when:
+    - ansible_kernel.split('.')[0:3] | join('.')  < '4.19'
+    - kube_proxy_mode == 'ipvs'
   tags:
     - kube-proxy
 
@@ -118,7 +119,7 @@
     name: nf_conntrack
     state: present
   when:
-    - enable_nf_conntrack is failed
+    - ansible_kernel.split('.')[0:3] | join('.')  >= '4.19'
     - kube_proxy_mode == 'ipvs'
   tags:
     - kube-proxy
-- 
GitLab