vivekr-splunk
commented
1 week ago To increase the number of TCP connections within a container, you may need to adjust several kernel parameters and container resource limits. Here are steps to help you achieve this:
1. Increase somaxconn in the Host Cluster Node
The somaxconn parameter determines the maximum number of connections that can be queued for acceptance. You already have somaxconn set to 4096, but you may want to increase this further on the host:
sudo sysctl -w net.core.somaxconn=65535You can make this change permanent by adding it to /etc/sysctl.conf:
echo "net.core.somaxconn=65535" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p2. Increase Container-Specific Limits
Depending on the container runtime, the container may inherit the host's somaxconn setting. However, it can also have its own limits:
For Splunk Pod You can set sysctl parameters at the Pod level using the securityContext in your Pod manifest:
apiVersion: v1
kind: Pod
metadata:
name: splunk
spec:
securityContext:
sysctls:
- name: net.core.somaxconn
value: "65535"
containers:
- name: your-container-name
image: your-imageSince you can't pass the securityContext directly to the Splunk pod through the Splunk Operator custom resource at the moment, you might consider these alternative approaches:
Alternative Approaches Apply Settings on the Host: If feasible, you could set the necessary kernel parameters at the host level (if you control the host machines), which the containers inherit. This wouldn't provide per-container granularity but would solve the immediate need to increase connection limits.
we will work on enhancing Custom Resource to take secruitycontext , thank you
yaroslav-nakonechnikov
hello, we see this:
this looks a bit strange and we would like to understand how it would be possible to increase the limits?
this is splunk container on kubernetes engine.