Kubernetes on Jetson TX2 with JetPack4.3

Autonomous Machines Jetson & Embedded Systems Jetson TX2
,
1

Hi, I tried to build up a cluster with Kubernetes.
Below is my environment:
Master node: intel CPU PC (Ubuntu 18.04)
Worker node: NVIDIA Jetson TX2 (JetPack 4.3 L4T32.3.1)

Currently, I have tried to find some related topics but they seemed to be a little bit old.
K8s on Jetson TX2
I tried to change the kernel config with the scripts in this GitHub:
buildJetsonTX2Kernel
I checked the compatibility of docker with this article:
verify-kernel-container-compatibility

This is the result:

nvidia@nvidia-desktop:~/Downloads/k8s_kernel_check$ ./check-config.sh
info: reading kernel config from /proc/config.gz …

Generally Necessary:

  • cgroup hierarchy: properly mounted [/sys/fs/cgroup]
  • CONFIG_NAMESPACES: enabled
  • CONFIG_NET_NS: enabled
  • CONFIG_PID_NS: enabled
  • CONFIG_IPC_NS: enabled
  • CONFIG_UTS_NS: enabled
  • CONFIG_CGROUPS: enabled
  • CONFIG_CGROUP_CPUACCT: enabled
  • CONFIG_CGROUP_DEVICE: enabled
  • CONFIG_CGROUP_FREEZER: enabled
  • CONFIG_CGROUP_SCHED: enabled
  • CONFIG_CPUSETS: enabled
  • CONFIG_MEMCG: enabled
  • CONFIG_KEYS: enabled
  • CONFIG_VETH: enabled (as module)
  • CONFIG_BRIDGE: enabled
  • CONFIG_BRIDGE_NETFILTER: enabled (as module)
  • CONFIG_NF_NAT_IPV4: enabled (as module)
  • CONFIG_IP_NF_FILTER: enabled (as module)
  • CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
  • CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
  • CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
  • CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
  • CONFIG_IP_NF_NAT: enabled (as module)
  • CONFIG_NF_NAT: enabled (as module)
  • CONFIG_NF_NAT_NEEDED: enabled
  • CONFIG_POSIX_MQUEUE: enabled

Optional Features:

  • CONFIG_USER_NS: enabled
  • CONFIG_SECCOMP: enabled
  • CONFIG_CGROUP_PIDS: enabled
  • CONFIG_MEMCG_SWAP: enabled
  • CONFIG_MEMCG_SWAP_ENABLED: enabled
    (cgroup swap accounting is currently enabled)
  • CONFIG_BLK_CGROUP: enabled
  • CONFIG_BLK_DEV_THROTTLING: enabled
  • CONFIG_IOSCHED_CFQ: enabled
  • CONFIG_CFQ_GROUP_IOSCHED: enabled
  • CONFIG_CGROUP_PERF: enabled
  • CONFIG_CGROUP_HUGETLB: enabled
  • CONFIG_NET_CLS_CGROUP: enabled
  • CONFIG_CGROUP_NET_PRIO: enabled
  • CONFIG_CFS_BANDWIDTH: enabled
  • CONFIG_FAIR_GROUP_SCHED: enabled
  • CONFIG_RT_GROUP_SCHED: enabled
  • CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
  • CONFIG_IP_VS: enabled (as module)
  • CONFIG_IP_VS_NFCT: enabled
  • CONFIG_IP_VS_PROTO_TCP: enabled
  • CONFIG_IP_VS_PROTO_UDP: enabled
  • CONFIG_IP_VS_RR: enabled (as module)
  • CONFIG_EXT4_FS: enabled
  • CONFIG_EXT4_FS_POSIX_ACL: enabled
  • CONFIG_EXT4_FS_SECURITY: enabled
  • Network Drivers:
    • “overlay”:
      • CONFIG_VXLAN: enabled
      • CONFIG_BRIDGE_VLAN_FILTERING: enabled
        Optional (for encrypted networks):
        • CONFIG_CRYPTO: enabled
        • CONFIG_CRYPTO_AEAD: enabled
        • CONFIG_CRYPTO_GCM: enabled
        • CONFIG_CRYPTO_SEQIV: enabled
        • CONFIG_CRYPTO_GHASH: enabled
        • CONFIG_XFRM: enabled
        • CONFIG_XFRM_USER: enabled
        • CONFIG_XFRM_ALGO: enabled
        • CONFIG_INET_ESP: enabled (as module)
        • CONFIG_INET_XFRM_MODE_TRANSPORT: enabled
    • “ipvlan”:
      • CONFIG_IPVLAN: enabled
    • “macvlan”:
      • CONFIG_MACVLAN: enabled (as module)
      • CONFIG_DUMMY: enabled
    • “ftp,tftp client in container”:
      • CONFIG_NF_NAT_FTP: enabled (as module)
      • CONFIG_NF_CONNTRACK_FTP: enabled (as module)
      • CONFIG_NF_NAT_TFTP: enabled (as module)
      • CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
  • Storage Drivers:
    • “aufs”:
      • CONFIG_AUFS_FS: missing
    • “btrfs”:
      • CONFIG_BTRFS_FS: enabled (as module)
      • CONFIG_BTRFS_FS_POSIX_ACL: enabled
    • “devicemapper”:
      • CONFIG_BLK_DEV_DM: enabled
      • CONFIG_DM_THIN_PROVISIONING: missing
    • “overlay”:
      • CONFIG_OVERLAY_FS: enabled (as module)
    • “zfs”:
      • /dev/zfs: missing
      • zfs command: missing
      • zpool command: missing

Limits:

  • /proc/sys/kernel/keys/root_maxkeys: 1000000

However, after I tried to join the cluster, the state of Jetson TX2 is always not ready.

(base) charlie@charlie-ASUSPRO-D340MC-C-S340MC:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
charlie-asuspro-d340mc-c-s340mc Ready master 43m v1.17.6
nvidia-desktop NotReady 41m v1.17.6

(base) charlie@charlie-ASUSPRO-D340MC-C-S340MC:~$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6955765f44-54flp 1/1 Running 0 51m
kube-system coredns-6955765f44-gxjf4 1/1 Running 0 51m
kube-system etcd-charlie-asuspro-d340mc-c-s340mc 1/1 Running 0 51m
kube-system kube-apiserver-charlie-asuspro-d340mc-c-s340mc 1/1 Running 0 51m
kube-system kube-controller-manager-charlie-asuspro-d340mc-c-s340mc 1/1 Running 0 51m
kube-system kube-proxy-8rmwr 1/1 Running 0 51m
kube-system kube-proxy-vgw6c 1/1 Running 0 49m
kube-system kube-scheduler-charlie-asuspro-d340mc-c-s340mc 1/1 Running 0 51m
kube-system weave-net-2zww4 2/2 Running 0 50m
kube-system weave-net-pg4j5 1/2 CrashLoopBackOff 14 49m

Also, there is another old GitHub article about the image:
Image Issue for CrashLoopBack
But I am still tried to find the correct image link for
K8S 1.17.6
Docker 18.09.7

Could you please help me? Thanks in advance!

3

Sorry to disturb everyone.
I finally made my Jetson TX2 to work with kernel config.

The config which I overlooked and make all this happen is
CONFIG_NETFILTER_XT_SET=m

It is under

image
image1845×265 77.3 KB

Hope this can help others who overlook this setting.

4

Glad to know you resolved the issue, thanks for the sharing!