siderolabs / talos

Talos Linux is a modern Linux distribution built for Kubernetes.
https://www.talos.dev
Mozilla Public License 2.0
6.97k stars 564 forks source link

KernelParamSpecController fails to handle sysctl params that can't be read before being written #9347

Open michaelbeaumont opened 2 months ago

michaelbeaumont commented 2 months ago

Bug Report

On trying to set net.ipv6.conf.enp1s0.stable_secret I see:

user: warning: [2024-09-20T21:23:10.724128463Z]: [talos] controller failed
 {"component": "controller-runtime", "controller":
 "runtime.KernelParamSpecController", "error": "1 error occurred:\n\t* read /
 proc/sys/net/ipv6/conf/enp1s0/stable_secret: input/output error\n\n"}

It appears if this param is read before it's written, it returns input/output error, as described in the commit introducing the param

I solved this by baking it into the kernel params, which is more solid anyway, but the behavior isn't ideal.

Description

Logs

Environment

smira commented 2 months ago

Thanks for submitting that, Talos tries to read sysctl to find the value as it was before the change, so that it can revert the change.

Some sysctls don't support this, so we need another way to handle it.