Ensure performance tuning is always applied

Previously, with the patch from #43146, it was possible for a network configured with a single ingress or load balancer on a distribution which does not have the `ip_vs` kernel module loaded by default to try to apply sysctls which did not exist yet, and subsequently dynamically load the module as part of ipvs/netlink.go. This module is vendored, and not a great place to try to tie back into core libnetwork functionality, so also ensure that the sysctls (which are idempotent) are called after ingress/lb creation once `ipvs` has been initialized. Signed-off-by: Ryan Barry <rbarry@mirantis.com>
2022-11-09 12:21:53 -05:00 · 2022-05-31 11:44:34 -04:00 · 2022-05-31 11:44:34 -04:00 · 293cfd6c76
commit 293cfd6c76
parent 235f86270d
1 changed files with 4 additions and 0 deletions
--- a/libnetwork/service_linux.go
+++ b/libnetwork/service_linux.go
@ -167,6 +167,10 @@ func (n *network) addLBBackend(ip net.IP, lb *loadBalancer) {
 	if err := i.NewDestination(s, d); err != nil && err != syscall.EEXIST {
 		logrus.Errorf("Failed to create real server %s for vip %s fwmark %d in sbox %.7s (%.7s): %v", ip, lb.vip, lb.fwMark, sb.ID(), sb.ContainerID(), err)
 	}
+
+	// Ensure that kernel tweaks are applied in case this is the first time
+	// we've initialized ip_vs
+	sb.osSbox.ApplyOSTweaks(sb.oslTypes)
 }

 // Remove loadbalancer backend the load balancing endpoint for this