PhilipSchmid/rke2-disable-kube-proxy.md

Created November 18, 2021 07:14

Star (4) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/PhilipSchmid/c15e2c06b32022eaa90ed9b9262968d8.js"></script>
Save PhilipSchmid/c15e2c06b32022eaa90ed9b9262968d8 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

rke2-disable-kube-proxy.md

How to disable Kube-Proxy in RKE2

Example use case: Running the Cilium CNI without any kube-proxy

On all RKE2 servers (master nodes), add the following configuration to your /etc/rancher/rke2/config.yaml file:

disable-kube-proxy: "true"

Now the important step: If you already had stared the RKE2 service before (without this flag and with kube-proxy enabled), ensure to also delete the kube-proxy.yaml static pod manifest:

rm -f /var/lib/rancher/rke2/agent/pod-manifests/kube-proxy.yaml

Finally restart the rke2-server service on all RKE2 server (master) nodes:

systemctl restart rke2-server

megabreit commented Apr 28, 2026

Don't forget to delete the old kube-proxy iptables rules on ALL nodes with

iptables-save | grep -v KUBE | iptables-restore

See https://docs.cilium.io/en/stable/network/kubernetes/kubeproxy-free/

It also maybe be necessary to restart all running pods on any node... or simply reboot the node.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment