Skip to content

Instantly share code, notes, and snippets.

@alexeldeib

alexeldeib/sysctl.yaml

Created April 9, 2020 17:02
Show Gist options
  • Save alexeldeib/fecddb6ee772e1966d5ed68e1dca0d5c to your computer and use it in GitHub Desktop.
Save alexeldeib/fecddb6ee772e1966d5ed68e1dca0d5c to your computer and use it in GitHub Desktop.
Download ZIP
Pod sysctls
Raw
sysctl.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: &name sysctl
labels:
app: *name
spec:
replicas: 1
selector:
matchLabels:
app: *name
template:
metadata:
labels:
app: *name
spec:
hostNetwork: true
hostPID: true
containers:
- image: ubuntu:18.04
name: ubuntu
command: ["sleep", "infinity"]
resources:
requests:
cpu: 100m
memory: 100Mi
securityContext:
sysctls:
- name: net.core.somaxconn
value: "1024"
- name: net.ipv4.conf.all.accept_redirects
value: "0"
- name: net.ipv4.conf.all.forwarding
value: "1"
- name: net.ipv4.conf.all.route_localnet
value: "1"
- name: net.ipv4.conf.default.forwarding
value: "1"
- name: net.ipv4.ip_forward
value: "1"
- name: net.ipv4.tcp_fin_timeout
value: "60"
- name: net.ipv4.tcp_keepalive_intvl
value: "75"
- name: net.ipv4.tcp_keepalive_probes
value: "9"
- name: net.ipv4.tcp_keepalive_time
value: "7200"
- name: net.ipv4.tcp_max_syn_backlog
value: "128"
- name: net.ipv4.tcp_max_tw_buckets
value: "16384"
- name: net.ipv4.tcp_rmem
value: "4096 87380 6291456"
- name: net.ipv4.tcp_syn_retries
value: "6"
- name: net.ipv4.tcp_tw_reuse
value: "0"
- name: net.ipv4.tcp_wmem
value: "4096 16384 4194304"
- name: net.ipv4.udp_rmem_min
value: "4096"
- name: net.ipv4.udp_wmem_min
value: "4096"
- name: net.netfilter.nf_conntrack_generic_timeout
value: "600"
- name: net.netfilter.nf_conntrack_tcp_timeout_close_wait
value: "3600"
- name: net.netfilter.nf_conntrack_tcp_timeout_established
value: "86400"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment