talos icon indicating copy to clipboard operation
talos copied to clipboard

Published 20 hours ago verified publisher icon siderolabs

Mount /sys/fs/bpf as shared (or add option to)

Open CheyenneForbes opened this issue 1 year ago • 4 comments

Feature Request

Description

Getting Cilium to work on WSL2 requires following the steps here: https://wsl.dev/wslcilium/. With other distros, its simple since all you need is mount --make-shared /sys/fs/bpf but since Talos is different, that won't work. It would be awesome if it was shared by default or if we had an option to toggle it.

Why do we need to run Talos in WSL2? WSL2 is awesome for local dev/testing in cases where you would prefer not to (or not allowed to) tinker with your system and dual boot or replace windows.

I had a look at Talos' code and it would involve this file https://github.com/siderolabs/talos/blob/main/internal/pkg/mount/bpffs.go

CheyenneForbes avatar Jun 10 '24 01:06 CheyenneForbes

I don't quite understand the problem here. Are you running Talos on WSL and trying to start something else on top of it?

Are you running Talos in Docker on top of WSL? If that's the case, Talos inherits those mounts from the container runtime, so it should be fixed on the host (WSL).

smira avatar Jun 11 '24 14:06 smira

Hi Smira, the goal is to run Talos with Cilium CNI in Docker on top of WSL2. As mentioned in the referenced link, the only way to get Cilium to work on nodes hosted on WSL2 is to have the node (whether Talos or another distro) mount /sys/fs/bpf as shared.

specific section in the referenced documentation:

# Change the bpf mount point to a shared mount
kubectl get nodes -o custom-columns=NAME:.metadata.name --no-headers=true | xargs -I {} docker exec {} mount --make-shared /sys/fs/bpf

CheyenneForbes avatar Jun 11 '24 16:06 CheyenneForbes

@smira Hi, doing a follow up. If you have the time, could you check out the link I shared? it explains how it can't be fixed on just the host

CheyenneForbes avatar Jun 28 '24 01:06 CheyenneForbes

I don't have WSL, but I'm a bit lost still here. Talos doesn't mount /sys/fs/bpf in the container mode itself.

E.g. when running Docker on Linux, the fs is not mounted at all:

$ talosctl -n 10.5.0.2 cat /proc/mounts | grep bpf
<nothing>

smira avatar Jul 02 '24 11:07 smira

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Dec 30 '24 02:12 github-actions[bot]

This issue was closed because it has been stalled for 7 days with no activity.

github-actions[bot] avatar Jan 05 '25 02:01 github-actions[bot]