[update] Node problem detector path for conntrack

The path to get the conntrack value was incorrect. Also the logic of the script is updated to raise conntrack alert. Change-Id: I4d3ea74396eb726458d05df3d9c9a50fec74cf05
2020-09-10 17:19:45 +00:00 · 2020-09-10 17:19:45 +00:00 · 949724ad8f
parent 35235d1532
commit 949724ad8f
1 changed files with 9 additions and 15 deletions
--- a/kubernetes-node-problem-detector/values.yaml
+++ b/kubernetes-node-problem-detector/values.yaml
@ -411,25 +411,19 @@ conf:
            #!/bin/bash

            # This plugin checks for common network issues. Currently, it only checks
-            # if the conntrack table is full.
+            # if the conntrack table is 50% full.
+            set -eu
+            set -o pipefail

-            OK=0
-            NONOK=1
-            UNKNOWN=2
+            conntrack_threshold=$(($(cat /proc/sys/net/netfilter/nf_conntrack_max)/2 ))
+            conntrack_count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)

-            [ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_max ] || exit $UNKNOWN
-            [ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_count ] || exit $UNKNOWN
-
-            conntrack_max=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max)
-            conntrack_count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count)
-
-            if (( conntrack_count >= conntrack_max )); then
-              echo "Conntrack table full"
-              exit $NONOK
+            if [ "$conntrack_count" -ge "$conntrack_threshold" ]; then
+              echo "Conntrack table approaching full"
+              exit 1
            fi

-            echo "Conntrack table available"
-            exit $OK
+            exit 0
      config:
        network-problem-monitor:
          plugin: custom