Node Group Configmap changes may cause Node network traffic to cease flowing - Red Hat Customer Portal

Issue

Subsequent to editing the ConfigMap object cm/node-config-xxxxxxx in the openshift-node namespace, and adding or changing a parameter ....

Example
 system-reserved:
    - "cpu=500m,memory=1Gi"

Network traffic ceases to flow on those node_group members referencing the edited ConfigMap, when net.ipv4.ip_forward is set to 0 in /etc/sysctl.conf on these nodes, and the following error can be seen

Sep 01 08:16:05 thin-lizzy-comp-001 dockerd-current[1859]: time="2021-09-01T08:16:05.923135961+12:00" level=warning msg="IPv4 forwarding is disabled. Networking will not work"

The file /etc/sysctl.d/99-openshift.conf is often used to enable the net.ipv4.ip_forward parameter in RHOCP, opposed to being set in /etc/sysctl.conf

This issue manifests as a result of the update sequences that are followed when the 'sync' pods update node_group members. Namely that /etc/sysctl.conf is parsed AFTER /etc/sysctl.d/99-openshift.conf.

We do not see this issue manifest when Nodes are rebooted, or when docker or the kubelet is restarted.

This only occurs when the sync pod implements changes made to respective node_group ConfigMaps and propagates them to associated nodes.

Environment

OpenShift Container Platform 3.11.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content

Quick Links

Help

Site Info

Related Sites

Copyright © 2026 Red Hat

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)