Hello Julien, On 08.07.21 09:36, wb wrote: > Hello Thomas, > > Currently with Proxmox, I have a Kubernetes node running on LXC. However, I > have encountered an issue on the Container Network Interface (CNI) side and > in order for it to work, the parameter > /proc/sys/net/netfilter/nf_conntrack_max must be raised. > > You know that the container settings are managed by the hypervisor. However, > something prevents to go above 262144. By searching a bit in your code, I > found the limitation in Firewall.pm. I raised this value and the CNI works > again. > > The last change was in this commit that you made. > https://lists.proxmox.com/pipermail/pve-devel/2019-October/039748.html > > Is it possible to take into consideration the increase of this parameter in > your code? >
FYI, you can already override that setting in the node firewall options in the web-interface, if set manually that vaile will always be preferred, at least as long the value is bigger than the default of 262144. cheers, Thomas _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
