From dc8a8011be5574ca71eb4a8a18569433017c5695 Mon Sep 17 00:00:00 2001
From: Egor <iam@aylium.net>
Date: Wed, 12 Dec 2018 16:33:54 +0300
Subject: [PATCH] Load nf_conntrack module if nf_conntrack_ipv4 failed (#3764)

---
 roles/kubernetes/node/tasks/main.yml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml
index bea7d4097..840e8b9f5 100644
--- a/roles/kubernetes/node/tasks/main.yml
+++ b/roles/kubernetes/node/tasks/main.yml
@@ -100,11 +100,26 @@
     - ip_vs_rr
     - ip_vs_wrr
     - ip_vs_sh
-    - nf_conntrack_ipv4
   when: kube_proxy_mode == 'ipvs'
   tags:
     - kube-proxy
 
+- name: Modprobe nf_conntrack_ipv4 for kernels < 4.19
+  modprobe:
+    name: nf_conntrack_ipv4
+    state: present
+  register: enable_nf_conntrack
+  ignore_errors: yes
+  when: kube_proxy_mode == 'ipvs'
+
+- name: Modprobe nf_conntrack for kernels >= 4.19
+  modprobe:
+    name: nf_conntrack
+    state: present
+  when: 
+    - enable_nf_conntrack is failed
+    - kube_proxy_mode == 'ipvs'
+
 - name: Persist ip_vs modules
   copy:
     dest: /etc/modules-load.d/kube_proxy-ipvs.conf
@@ -113,7 +128,11 @@
       ip_vs_rr
       ip_vs_wrr
       ip_vs_sh
+      {% if enable_nf_conntrack is failed -%}
+      nf_conntrack
+      {%-   else -%}
       nf_conntrack_ipv4
+      {%-   endif -%}
   when: kube_proxy_mode == 'ipvs'
   tags:
     - kube-proxy
-- 
GitLab