How to get Cilium working on Ubuntu Cloud Images Focal (20.04) or Jammy (22.04).
If you are running one of the Ubuntu Cloud Images and you are trying to install Cilium as your CNI network plugin on your Kubernetes cluster. You might have noticed that you get CrashLoopBackOff from your cilium pods when issuing a kubectl get pods -n kube-system
Upon further troubleshooting on the problem pod with a kubectl logs cilium-jgcdm -n kube-system
you might see the below messages.
There is a very good chance you are missing some kernel configuration options. Have a look at https://docs.cilium.io/en/stable/operations/system_requirements/#linux-kernel for more information.
The base requirements are:
On a Ubuntu system running 20.04, you can check your kernel configurations with:
cat /lib/modules/$(uname -r)/build/.config
– Note: if you are not running as root, prepend sudo
before the command.
You can look for specific config options by prepending a pipe to grep:
cat /lib/modules/$(uname -r)/build/.config | grep -i config_bpf_jit
.
The Fix
After checking, you will noticed that certain options are not enabled. To solve, let’s replace our kernel variant with the ‘generic’ version. If not running as root, prepend sudo
.
apt update && apt install linux-generic
or sudo apt update && sudo apt install linux-generic -y
if not running as root.
Now let’s build initramfs for the kernel. You will want to use the generic kernel version that was installed, you should see the version from the install screen. You can also check under ‘/boot’ directory with the command ls /boot
:
Note: at the time of this writing, ‘5.4.0-204-generic’ is the installed kernel version.
update-initramfs -u -k 5.4.0-204-generic
or sudo update-initramfs -u -k 5.4.0-204-generic
for non-root user.
Note: If you want to remove ‘linux-kvm’ variant, issue
sudo apt purge linux-kvm
If you plan to keep the ‘linux-kvm’ kernel around, don’t issue the apt purge command and move any files ending in ‘-kvm’ in the /boot directory to a different folder.
mkdir /boot/kvm-kernel
mv /boot/*-kvm /boot/kvm-kernel/
Now, let’s update grub
update-grub
or sudo update-grub
Reboot the system
reboot
or sudo reboot
Repeat the above steps for each of the nodes you have in the cluster.
After installing ‘generic’ kernel and rebooting, check your cilium pods again and they all should be running.
kubectl get pods -n kube-system -owide
– the ‘-owide’ option will show which node the pods are running on.