Operation not permitted in drbd-module-loader on deploy

[utegental]

Install operator. Create empty linstorcluster object and wait for pods to appear. Maybe it just coincidence, but all pods on nodes with amd64 cpu and Ubuntu 22.04 or 22.10 couldn't start with errors:

insmod: ERROR: could not insert module ./drbd.ko: Operation not permitted insmod: ERROR: could not insert module ./drbd_transport_tcp.ko: Operation not permitted

All pods on nodes with aarch64 cpu and same OS versions started without any issues. Also pod on same amd64 device but with Ubuntu 20.04 started without issue. Tried to google that, but had no luck.

Also tried to install drbd stuff from linbit ppa manually, but probably operator doesn't check it existence on node.

log.log

[WanzenBug]

This is probably related to SecureBoot. I expect the nodes where you get the error, running mokutil --sb-state will report SecureBoot enabled.

When Linux is started with SecureBoot, it will refuse to load any new kernel modules, unless they are signed by a trusted key. So you have two options:

• Disable SecureBoot during reboot.
• Sign the DRBD module after building. We are currently missing a guide on how to do that, but it's not too complicated. Only issue is you will need to "enroll" the key on every host, which still requires a reboot.

[utegental]

Thanks! That solved the issue. I just disabled SecureBoot as it's not so important for me.