From 3ef4a75a172718dccd049047c70152939ca8b558 Mon Sep 17 00:00:00 2001 From: Mikhail Ushanov Date: Sat, 8 Feb 2020 23:09:08 +0300 Subject: [PATCH] fix(elements): fix nf_conntrack sysctl param names Remove net.ipv4.tcp_tw_recycle because it has been removed from kernel since 4.12. Change for tcp_timeout_time_wait/tcp_timeout_fin_wait to net.netfilter.nf_*. Change-Id: I0e3cde5aad9e9b6007f975eafb0205e2912b19d3 Signed-off-by: Mikhail Ushanov --- .../haproxy-octavia/post-install.d/20-haproxy-tune-kernel | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel b/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel index d1b5bd63e6..e08cb16b2d 100755 --- a/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel +++ b/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel @@ -7,7 +7,6 @@ sysctl-write-value net.ipv4.tcp_max_tw_buckets 5800000 sysctl-write-value net.ipv4.tcp_max_orphans 5800000 sysctl-write-value net.ipv4.tcp_max_syn_backlog 100000 sysctl-write-value net.ipv4.tcp_keepalive_time 300 -sysctl-write-value net.ipv4.tcp_tw_recycle 0 sysctl-write-value net.ipv4.tcp_tw_reuse 1 sysctl-write-value net.core.somaxconn 65534 sysctl-write-value net.ipv4.tcp_synack_retries 3 @@ -18,8 +17,8 @@ sysctl-write-value fs.nr_open 2097152 # It's ok for these to fail if conntrack module isn't loaded sysctl-write-value net.netfilter.nf_conntrack_buckets 125000 || true -sysctl-write-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5 || true -sysctl-write-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5 || true +sysctl-write-value net.netfilter.nf_conntrack_tcp_timeout_time_wait 5 || true +sysctl-write-value net.netfilter.nf_conntrack_tcp_timeout_fin_wait 5 || true sysctl-write-value net.ipv4.tcp_fin_timeout 5 sysctl-write-value net.ipv4.ip_nonlocal_bind 1