|
|
| Line 93: |
Line 93: |
| "--container-runtime-endpoint unix:///run/containerd/containerd.sock" | | "--container-runtime-endpoint unix:///run/containerd/containerd.sock" |
| ]; | | ]; |
| </syntaxHighlight>
| |
|
| |
| == Network policies ==
| |
|
| |
| The current k3s derivation doesn't include <code>ipset</code> package, which is required by the network policy controller.
| |
|
| |
| k3s logs
| |
| <syntaxHighlight lang=text>
| |
| level=warning msg="Skipping network policy controller start, ipset unavailable: ipset utility not found"
| |
| </syntaxHighlight>
| |
|
| |
| There is an open pull request to fix it https://github.com/NixOS/nixpkgs/pull/176520#pullrequestreview-1304593562. Until then, the package can be added to k3s's path as follows
| |
| <syntaxHighlight lang=nix>
| |
| systemd.services.k3s.path = [ pkgs.ipset ];
| |
| </syntaxHighlight> | | </syntaxHighlight> |
|
| |
|
