New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow to configure bpf-nat-global-max using Helm #10511
Conversation
quick-install.yaml wasn't re-generated after commit 6cd69ed ("Implement policy audit mode for the daemon") introducing the policy-audit-node option. Do so now. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Set the value to the current value of option.NATMapEntriesGlobalDefault A successive PR will reduce it for #10056 Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should reduce it by default to 2/3 of TCP CT map size, and add some notes to the doc wrt customizing.
Agree, will do that as part of #10289 which reduces the default for Lines 505 to 507 in ed74481
will also add a separate section to the upgrade docs as agreed with @joestringer |
Allow to configure the
bpf-nat-global-max
option using Helm. Set the value to the current value ofoption.NATMapEntriesGlobalDefault
. This will allow to reduce it in PR #10289 in accordance withbpf-ct-global-tcp-max
.Also, as a preparatory commit re-generate quick-install.yaml after PR #9970 for the newly added
policy-audit-node
option.To be merged before PR #10289
This change is