1.2.2. Linux Requirements

The initial Linux requirements to use Virtual Accelerator is to have TC + EBPF support, a feature introduced in Linux 4.9. Depending on the function in use, additional bug fixes and improvements may be required. They are listed in the tables below.

Features

Linux features patches

Function

Description

Linux

Ubuntu HWE

Red Hat 8 CentOS 8

Link

Core

Flag reflects NIC carrier

5.0

5.0.0-23

4.18.0-80.18.el8

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=26d31925cd5e

IPsec

IPsec output delegation using netfilter

4.20

Ubuntu 5.0

4.18.0-152.el8

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=02b408fae3d5 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6c47260250fc

QoS

Mark transfer from kernel to fp

5.2

Ubuntu 5.3

4.18.0-193.el8

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=58dfc900faff

Container

New capability CAP_BPF

5.8

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a17b53c4a4b5

Container

Netns: option to inherit sysctl from current netns

5.8

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9efd6a3cecdd

About CentOS 8

While CentOS-8 follows closely Red Hat 8 releases, e.g 8.1 end of 2019, CentOS 8-stream is a preview of next Red Hat 8. CentOS 8-stream is interesting for having the latest packages, in particular the latest kernel.

For example, you can verify the bump of kernel version after switching to 8-stream (version number will change overtime):

dnf  list available|grep kernel.x86_64
kernel.x86_64                                        4.18.0-147.3.1.el8_1
dnf install -y centos-release-stream
dnf  list available|grep kernel.x86_64
kernel.x86_64                                        4.18.0-168.el8                                    Stream-BaseOS

When a newer kernel is still required, then CentOS Elrepo can be used to install a mainline kernel. For example (version number will change overtime):

dnf  list available|grep kernel.x86_64
kernel.x86_64                                        4.18.0-147.3.1.el8_1
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
dnf install -y https://www.elrepo.org/elrepo-release-8.0-2.el8.elrepo.noarch.rpm   Complete!
dnf --enablerepo=elrepo-kernel --enablerepo=elrepo-extras list available | grep kernel-ml.x86_64
kernel-ml.x86_64                                     5.5.1-1.el8.elrepo
dnf install --enablerepo=elrepo-kernel --enablerepo=elrepo-extras kernel-ml

iptables legacy

iptables legacy is required to benefit from Fast Path Filtering module. It is not delivered under Red Hat 8 / CentOS 8. It can be installed with the following procedure:

wget https://netfilter.org/projects/iptables/files/iptables-1.8.4.tar.bz2
echo "SHA256 (iptables-1.8.4.tar.bz2) = 993a3a5490a544c2cbf2ef15cf7e7ed21af1845baf228318d5c36ef8827e157c" > iptables-1.8.4.tar.bz2.txt
sha256sum -c iptables-1.8.4.tar.bz2.txt
tar xf iptables-1.8.4.tar.bz2
cd iptables-1.8.4/
./configure --disable-nftables
make
make install
reboot
iptables --version
iptables v1.8.4 (legacy)