Configure tcp_retries2 for all the pods in the OpenShift cluster

Solution Verified - Updated -

Issue

  • After customizing the value of net.ipv4.tcp_retries2 in /etc/sysctl.d/openshift_sysctl.conf file, all the pods in the node do not reflect the updated value:
// configured on all the worker nodes via machine-config, loaded the sysctls and then the nodes underwent reboot
$ sudo cat /etc/sysctl.d/openshift_sysctl.conf; done
# The maximum number of times a TCP  packet  is  retransmitted  in established  state  before  giving up
net.ipv4.tcp_retries2 = 5

$ cat /proc/sys/net/ipv4/tcp_retries2
5

// Does not reflect in the application pods (default value 15 still persists):
$ for a in $(oc get pod --no-headers|grep Running |awk '{print $1}'); do oc rsh $a more /proc/sys/net/ipv4/tcp_retries2; done
15
15
15
15
15

  • Changes to unsafe sysctl parameters are not reflected for specific pods like router, and not for all the pods scheduled on the specific nodes.

  • How to configure namespaced sysctl at node-level instead of per pod?

Environment

  • Red Hat OpenShift Container Platform [RHOCP]
    • 4.7+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content