AWS kube-up: set net.ipv4.neigh.default.gc_thresh1=0

This works around a linux kernel bug with overly aggressive caching of ARP entries, which was causing problems when we reused IP addresses in VPCs, for example with an ASG in a relatively small subnet. See #23395 for more explanation. Fixes #23395
2025-07-23 11:50:44 +00:00 · 2016-06-19 00:20:16 -04:00 · 2016-06-19 00:20:16 -04:00 · d62fe2a315
commit d62fe2a315
parent 6bdb9b0b8d
1 changed files with 14 additions and 0 deletions
--- a/cluster/saltbase/salt/base.sls
+++ b/cluster/saltbase/salt/base.sls
@ -23,6 +23,20 @@ pkg-core:
      - git
 {% endif %}

+# Fix ARP cache issues on AWS by setting net.ipv4.neigh.default.gc_thresh1=0
+# See issue #23395
+{% if grains.get('cloud') == 'aws' %}
+# Work around Salt #18089: https://github.com/saltstack/salt/issues/18089
+# (we also have to give it a different id from the same fix elsewhere)
+99-salt-conf-with-a-different-id:
+  file.touch:
+    - name: /etc/sysctl.d/99-salt.conf
+
+net.ipv4.neigh.default.gc_thresh1:
+  sysctl.present:
+    - value: 0
+{% endif %}
+
 /usr/local/share/doc/kubernetes:
  file.directory:
    - user: root