From bc76a1b60451aa3df5bf85b37009eb298de86a2b Mon Sep 17 00:00:00 2001 From: Prow Bot Date: Wed, 19 Apr 2023 12:28:28 -0500 Subject: [PATCH 3/3] Patch haproxy maxconn value to avoid ulimit issue EKS-A uses haproxy 2.5 which errors if the maxconn value requires more FDs than allowed by the ulimit setting of docker. 100k maxconn is too high for the default ulimit on an al2 node. --- images/haproxy/haproxy.cfg | 5 ++++- pkg/cluster/internal/loadbalancer/config.go | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/images/haproxy/haproxy.cfg b/images/haproxy/haproxy.cfg index aa9796ae..18647828 100755 --- a/images/haproxy/haproxy.cfg +++ b/images/haproxy/haproxy.cfg @@ -16,7 +16,10 @@ # kind will rewrite this config at runtime global # limit memory usage to approximately 18 MB - maxconn 100000 + # EKS-A Change to 10k instead of 100k to avoid needing to raise default + # ulimits on al2 nodes and 10k seems like a reasonable default for + # our use cases + maxconn 10000 frontend controlPlane bind 0.0.0.0:6443 diff --git a/pkg/cluster/internal/loadbalancer/config.go b/pkg/cluster/internal/loadbalancer/config.go index 185565f6..d8714f6e 100644 --- a/pkg/cluster/internal/loadbalancer/config.go +++ b/pkg/cluster/internal/loadbalancer/config.go @@ -37,7 +37,10 @@ global log /dev/log local1 notice daemon # limit memory usage to approximately 18 MB - maxconn 100000 + # EKS-A Change to 10k instead of 100k to avoid needing to raise default + # ulimits on al2 nodes and 10k seems like a reasonable default for + # our use cases + maxconn 10000 resolvers docker nameserver dns 127.0.0.11:53 -- 2.39.2