Add dashboard for monitoring conntrack race failures. #6329
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Connection tracking is an important optimization of the linux kernel to reduce the overhead of applying network filter rules to all network packets. Unfortunately, the connection tracking code in the linux kernel has some race conditions, which can lead to connection attempts loosing their connection tracking entry. This is especially possible when network address translation is used. The result is a failed connection attempt. This is why this change introduces two dashboards for the corresponding metric.
gardener-prow
bot
added
area/networking
|
Node Details: Node Overview: |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rfranzke, wyb1 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
gardener-prow
bot
added
the
approved
krgostev
pushed a commit
to krgostev/gardener
that referenced
this pull request
Sep 8, 2022
* 'master' of github.com:gardener/gardener: (51 commits) Switch extension controller to `logr` and streamline/cleanup logs (gardener#6332) Switch `./test/...` packages to `logr` and drop `github.com/sirupsen/logrus` dependency (gardener#6316) Only check shoot conditions during hibernation integration test (gardener#6325) Add dashboard for monitoring conntrack race failures. (gardener#6329) Reconcile quota before rbac (gardener#6326) Update istio to v1.14.1 (gardener#6271) Update gardenlet's base image to alpine:3.16.0 (gardener#6321) Update envoy proxy to v1.21.4 (gardener#6320) Deploy the metrics server to the kind cluster (gardener#6301) Fix tools download for aarch64 (arm64) (gardener#6314) update with latest CA releases (gardener#6295) Add missing unit tests for the predicates provided by the extensions library (gardener#6249) [GEP-19] Monitoring Stack - Migrating to the `prometheus-operator` (gardener#6151) Revert "Recreate DWD deployment if needed" (gardener#6307) Update to golang 1.18.4 (gardener#6300) Cleaned up imports in vpn-seed-server (gardener#6315) Prepare next Dev Cycle v1.52.0-dev Release v1.51.0 Add pre/post reconciliation/deletion hooks for the Worker resource (gardener#6290) Update the supported values in the usage text of the `--leader-election-resource-lock` flag (gardener#6304) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
How to categorize this PR?
/area networking
/area monitoring
/kind enhancement
What this PR does / why we need it:
Add dashboard for monitoring conntrack race failures.
Connection tracking is an important optimization of the linux kernel to reduce the overhead
of applying network filter rules to all network packets.
Unfortunately, the connection tracking code in the linux kernel has some race conditions,
which can lead to connection attempts loosing their connection tracking entry. This is
especially possible when network address translation is used. The result is a failed
connection attempt.
This is why this change introduces two dashboards for the corresponding metric.
Which issue(s) this PR fixes:
None.
Special notes for your reviewer:
Release note:
/cc @wyb1 @DockToFuture