From 949724ad8fb5fe5c01c5d2fd3f7e89e8b0626534 Mon Sep 17 00:00:00 2001 From: radhika pai Date: Thu, 10 Sep 2020 17:19:45 +0000 Subject: [PATCH] [update] Node problem detector path for conntrack The path to get the conntrack value was incorrect. Also the logic of the script is updated to raise conntrack alert. Change-Id: I4d3ea74396eb726458d05df3d9c9a50fec74cf05 --- kubernetes-node-problem-detector/values.yaml | 24 ++++++++------------ 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/kubernetes-node-problem-detector/values.yaml b/kubernetes-node-problem-detector/values.yaml index 712d8ad19..bebe34f01 100644 --- a/kubernetes-node-problem-detector/values.yaml +++ b/kubernetes-node-problem-detector/values.yaml @@ -411,25 +411,19 @@ conf: #!/bin/bash # This plugin checks for common network issues. Currently, it only checks - # if the conntrack table is full. + # if the conntrack table is 50% full. + set -eu + set -o pipefail - OK=0 - NONOK=1 - UNKNOWN=2 + conntrack_threshold=$(($(cat /proc/sys/net/netfilter/nf_conntrack_max)/2 )) + conntrack_count=$(cat /proc/sys/net/netfilter/nf_conntrack_count) - [ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_max ] || exit $UNKNOWN - [ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_count ] || exit $UNKNOWN - - conntrack_max=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max) - conntrack_count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count) - - if (( conntrack_count >= conntrack_max )); then - echo "Conntrack table full" - exit $NONOK + if [ "$conntrack_count" -ge "$conntrack_threshold" ]; then + echo "Conntrack table approaching full" + exit 1 fi - echo "Conntrack table available" - exit $OK + exit 0 config: network-problem-monitor: plugin: custom