Thanks so much for the update! 👌 I pinned the .55 package on my clusters and spread the news to my clients. But this could really mess up a lot of on prem clusters where folks upgrade selfhosted servers regularly.
Depending on which container network interface they use I guess. A lot of them use iptables or nftables and if that doesn't work, then the networking magic sauce in a cluster stops working. (the kubeproxy pods if you use for instance Canal). I am surprised I haven't seen a lot more chatter around this. I know this impacts a lot of things, but peoples on prem kubernetes clusters ought to be heavily impacted. So there is an easy fix, but like me, it will take folks an hour or two with sweaty hands to figure out that it was an apt upgrade that did their production workloads in. Hoping to get -58.60 into the updates pocket soon. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2104282 Title: iptables incompatibility Status in linux package in Ubuntu: Confirmed Status in linux source package in Noble: Fix Committed Bug description: After upgrading to linux-image-6.8.0-56-generic my RKE2 based kubernetes cluster on Ubuntu 24.04.2 LTS started having some problems. The kubeproxy pods started crashlooping with an error that said "Failed to execute iptables-restore" err=<exit status 2: Warning: Extension MARK revision 0 not supported, missing kernel module? ip6tables-restore v1.8.9 (nf_tables): unknown option "--xor-mark" Bringing the kernel back to linux-image-6.8.0-55-generic immediately solved the issue. Booting it back to linux-image-6.8.0-56-generic brought it back. Had to test again to be certain as there was other changes to the cluster in the last few hours. cat /proc/version_signature: Ubuntu 6.8.0-55.57-generic 6.8.12 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2104282/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
