From b87463b23c74caa54662e7eede5dc2702eb781d8 Mon Sep 17 00:00:00 2001
From: Bryan Boreham <bjboreham@gmail.com>
Date: Mon, 27 Feb 2017 11:20:49 +0000
Subject: [PATCH] Ensure we have the br_netfilter modules loaded

---
 prog/weave-kube/launch.sh            | 6 ++++++
 prog/weave-kube/weave-daemonset.yaml | 5 +++++
 2 files changed, 11 insertions(+)

diff --git a/prog/weave-kube/launch.sh b/prog/weave-kube/launch.sh
index afbf3f59de..23a24a1c6d 100755
--- a/prog/weave-kube/launch.sh
+++ b/prog/weave-kube/launch.sh
@@ -15,6 +15,12 @@ CONN_LIMIT=${CONN_LIMIT:-30}
 # Default for network policy
 EXPECT_NPC=${EXPECT_NPC:-1}
 
+# Ensure we have the required modules for NPC
+if [ "${EXPECT_NPC}" != "0" ]; then
+    modprobe --dirname /host br_netfilter
+    modprobe --dirname /host xt_set
+fi
+
 # kube-proxy requires that bridged traffic passes through netfilter
 if ! BRIDGE_NF_ENABLED=$(cat /proc/sys/net/bridge/bridge-nf-call-iptables); then
     echo "Cannot detect bridge-nf support - network policy and iptables mode kubeproxy may not work reliably" >&2
diff --git a/prog/weave-kube/weave-daemonset.yaml b/prog/weave-kube/weave-daemonset.yaml
index 15140679ff..15dd2dce05 100644
--- a/prog/weave-kube/weave-daemonset.yaml
+++ b/prog/weave-kube/weave-daemonset.yaml
@@ -46,6 +46,8 @@ spec:
               mountPath: /host/etc
             - name: dbus
               mountPath: /host/var/lib/dbus
+            - name: lib-modules
+              mountPath: /host/lib/modules
           resources:
             requests:
               cpu: 10m
@@ -73,3 +75,6 @@ spec:
         - name: dbus
           hostPath:
             path: /var/lib/dbus
+        - name: lib-modules
+          hostPath:
+            path: /lib/modules