How to prevent NetworkManager from interfering with Kubernetes cluster networking interfaces
This document (000020017) is provided subject to the disclaimer at the end of this document.
Situation
Issue
NetworkManager can interfere with Kubernetes cluster networking, by attempting to manage interfaces created on cluster nodes by the CNI (Container Network Interface) plugin. This article details how to prevent NetworkManager from managing CNI interfaces, in clusters running with the Canal, Calico, Flannel or Weave CNI plugins.
Pre-requisites
- A Linux node with NetworkManager running
Resolution
-
Create the file
/etc/NetworkManager/conf.d/cni.conf
on each of the Linux nodes in the cluster, with the content below, depending upon the CNI plugin used:Canal:
[keyfile] unmanaged-devices=interface-name:flannel.1;interface-name:cali*
Calico:
[keyfile] unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico
Flannel:
[keyfile] unmanaged-devices=interface-name:flannel.1;interface-name:veth*;interface-name:cni0
Weave:
[keyfile] unmanaged-devices=interface-name:weave;interface-name:datapath;interface-name:veth*;interface-name:vxlan-*
-
Restart the NetworkManager service:
systemctl restart NetworkManager
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020017
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com