Getting Cilium to work on Ubuntu Cloud Image

1 min read

How to get Cilium working on Ubuntu Cloud Images Focal (20.04) or Jammy (22.04).

If you are running one of the Ubuntu Cloud Images and you are trying to install Cilium as your CNI network plugin on your Kubernetes cluster. You might have noticed that you get CrashLoopBackOff from your cilium pods when issuing a kubectl get pods -n kube-system

kubectl get pods output

Upon further troubleshooting on the problem pod with a kubectl logs cilium-jgcdm -n kube-system you might see the below messages.

cilium pod logs display

cilium pod logs daemon qdisk

There is a very good chance you are missing some kernel configuration options. Have a look at https://docs.cilium.io/en/stable/operations/system_requirements/#linux-kernel for more information.

The base requirements are:

cilium required kernel options

On a Ubuntu system running 20.04, you can check your kernel configurations with:
cat /lib/modules/$(uname -r)/build/.config – Note: if you are not running as root, prepend sudo before the command.

You can look for specific config options by prepending a pipe to grep:
cat /lib/modules/$(uname -r)/build/.config | grep -i config_bpf_jit.

The Fix

After checking, you will noticed that certain options are not enabled. To solve, let’s replace our kernel variant with the ‘generic’ version. If not running as root, prepend sudo.

apt update && apt install linux-generic or sudo apt update && sudo apt install linux-generic -y if not running as root.

Now let’s build initramfs for the kernel. You will want to use the generic kernel version that was installed, you should see the version from the install screen. You can also check under ‘/boot’ directory with the command ls /boot:

Note: at the time of this writing, ‘5.4.0-204-generic’ is the installed kernel version.
update-initramfs -u -k 5.4.0-204-generic or sudo update-initramfs -u -k 5.4.0-204-generic for non-root user.

Note: If you want to remove ‘linux-kvm’ variant, issue
sudo apt purge linux-kvm
If you plan to keep the ‘linux-kvm’ kernel around, don’t issue the apt purge command and move any files ending in ‘-kvm’ in the /boot directory to a different folder.
mkdir /boot/kvm-kernel
mv /boot/*-kvm /boot/kvm-kernel/

Now, let’s update grub
update-grub or sudo update-grub

Reboot the system
reboot or sudo reboot

Repeat the above steps for each of the nodes you have in the cluster.

After installing ‘generic’ kernel and rebooting, check your cilium pods again and they all should be running.

kubectl get pods -n kube-system -owide – the ‘-owide’ option will show which node the pods are running on.

kubectl info with cilium pod running state

Leave a Reply

Your email address will not be published. Required fields are marked *