Merge pull request #49647 from dougbtv/interface-sysctls

bergerhoffer · web-flow · commit 7ff945ce29bb · 2023-01-09T16:38:52.000-05:00
Tuning CNI IFNAME clarification (omits using eth0)
diff --git a/modules/nodes-safe-sysctls-list.adoc b/modules/nodes-safe-sysctls-list.adoc
@@ -111,5 +111,5 @@ a| Define behavior for gratuitous ARP frames with an IPv6 address that is not al
 
 [NOTE]
 ====
-The interface name is represented by the `IFNAME` token, and is replaced with the actual name of the interface at runtime.
+When setting these values using the `tuning` CNI plugin, use the value `IFNAME` literally. The interface name is represented by the `IFNAME` token, and is replaced with the actual name of the interface at runtime.
 ====
diff --git a/nodes/containers/nodes-containers-sysctls.adoc b/nodes/containers/nodes-containers-sysctls.adoc
@@ -11,7 +11,7 @@ Sysctl settings are exposed through Kubernetes, allowing users to modify certain
 Network sysctls are a special category of sysctl. Network sysctls include:
 
 * System-wide sysctls, for example `net.ipv4.ip_local_port_range`, that are valid for all networking. You can set these independently for each pod on a node.
-* Interface-specific sysctls, for example `net.ipv4.conf.eth0.accept_local`, that only apply to a specific interface. You cannot set these independently for each pod on a node. You set these by using a configuration in the `tuning-cni` after the network interfaces are created.
+* Interface-specific sysctls, for example `net.ipv4.conf.IFNAME.accept_local`, that only apply to a specific additional network interface for a given pod. You can set these independently for each additional network configuration. You set these by using a configuration in the `tuning-cni` after the network interfaces are created.
 
 Moreover, only those sysctls considered _safe_ are whitelisted by default; you
 can manually enable other _unsafe_ sysctls on the node to be available to the
@@ -51,4 +51,4 @@ include::modules/nodes-containers-sysctls-unsafe.adoc[leveloffset=+1]
 [id="additional-resources_nodes-containers-sysctls"]
 == Additional resources
 
-* xref:../../networking/setting-interface-level-network-sysctls.adoc#nodes-setting-interface-level-network-sysctls[Setting interface-level network sysctls]
+* xref:../../networking/setting-interface-level-network-sysctls.adoc#nodes-setting-interface-level-network-sysctls[Setting interface-level network sysctls]
