Dynamically Loading the Kernel Module ​

Function Description ​

Services in a container may depend on some kernel modules. You can set environment variables to dynamically load the kernel modules required by services in the container to the host before the system container starts. This feature must be used together with isulad-hooks. For details, see Dynamically Managing Container Resources (syscontainer-tools).

Parameter Description ​

Constraints ​

• If loaded kernel modules are not verified or conflict with existing modules on the host, an unpredictable error may occur on the host. Therefore, exercise caution when loading kernel modules.
• Dynamic kernel module loading transfers kernel modules to be loaded to containers. This function is implemented by capturing environment variables for container startup using isulad-tools. Therefore, this function relies on the proper installation and deployment of isulad-tools.
• Loaded kernel modules need to be manually deleted.

Example ​

When starting a system container, specify the -e KERNEL_MODULES parameter. After the system container is started, the ip_vs module is successfully loaded to the kernel.

[root@localhost ~]# lsmod | grep ip_vs
[root@localhost ~]# isula run -tid -e KERNEL_MODULES=ip_vs,ip_vs_wrr --hook-spec /etc/isulad-tools/hookspec.json --system-container --external-rootfs /root/myrootfs none init
ae18c4281d5755a1e153a7bff6b3b4881f36c8e528b9baba8a3278416a5d0980
[root@localhost ~]# lsmod | grep ip_vs
ip_vs_wrr              16384  0
ip_vs                 176128  2 ip_vs_wrr
nf_conntrack          172032  7 xt_conntrack,nf_nat,nf_nat_ipv6,ipt_MASQUERADE,nf_nat_ipv4,nf_conntrack_netlink,ip_vs
nf_defrag_ipv6         20480  2 nf_conntrack,ip_vs
libcrc32c              16384  3 nf_conntrack,nf_nat,ip_vs

• isulad-tools must be installed on the host.
• --hooks-spec must be set to isulad hooks.