search

box / kube-iptables-tailer

A service for better network visibility for your Kubernetes clusters.
https://kubernetes.io/blog/2019/04/19/introducing-kube-iptables-tailer/
Apache License 2.0
552 stars 59 forks source link

No drops detected with systemd >= 246 #28

Open robinelfrink opened 3 years ago

robinelfrink commented 3 years ago

When running kube-iptables-tailer on a system with systemd >= 246 no drops are detected.

My workaround is adding an override for systemd-journald and restarting the service:

# cat /etc/systemd/system/systemd-journald.service.d/override.conf
[Service]
Environment="SYSTEMD_JOURNAL_KEYED_HASH=0"
[Journal]
Compress=no

From https://github.com/systemd/systemd/blob/main/NEWS#L1493:

        * systemd-journald gained support for zstd compression of large fields
          in journal files. The hash tables in journal files have been hardened
          against hash collisions. This is an incompatible change and means
          that journal files created with new systemd versions are not readable
          with old versions. If the $SYSTEMD_JOURNAL_KEYED_HASH boolean
          environment variable for systemd-journald.service is set to 0 this
          new hardening functionality may be turned off, so that generated
          journal files remain compatible with older journalctl
          implementations.
NickMeves commented 3 years ago

I'm very glad I stumbled across this 😄

I got hit by the same issue. Updating our docker builder image for CGO to use ubuntu:groovy had a high enough version of libsystemd-dev to be compatible again and resume seeing systemd entries.

mtparet commented 2 years ago

You can use https://hub.docker.com/repository/docker/honestica/kube-iptables-tailer build from https://github.com/honestica/kube-iptables-tailer