--- Sysctl::Parameters[kube_proxy_icmp].orig
+++ Sysctl::Parameters[kube_proxy_icmp]
+ priority => 75
+ ensure => present
+ values => {'net.ipv4.conf.all.send_redirects': 0, 'net.ipv4.conf.default.send_redirects': 0, 'net.ipv4.conf.eno3.send_redirects': 0}
Exec[udev_reload]
- Parameters differences:
--- Exec[udev_reload].orig
+++ Exec[udev_reload]
+ command => /usr/bin/udevadm control --reload && /usr/bin/udevadm trigger
+ refreshonly => True
- File[/etc/sysctl.d/75-kube_proxy_icmp.conf]
- Parameters differences:
--- File[/etc/sysctl.d/75-kube_proxy_icmp.conf].orig
+++ File[/etc/sysctl.d/75-kube_proxy_icmp.conf]
+ group => root
+ ensure => present
+ notify => Exec[update_sysctl]
+ owner => root
- Content differences:
--- /etc/sysctl.d/75-kube_proxy_icmp.conf.orig
+++ /etc/sysctl.d/75-kube_proxy_icmp.conf
@@ -0,0 +1,4 @@
+# sysctl parameters managed by Puppet.
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
+net.ipv4.conf.eno3.send_redirects = 0
- File[/etc/udev/rules.d/75-kube_proxy_conntrack.rules]
- Parameters differences:
--- File[/etc/udev/rules.d/75-kube_proxy_conntrack.rules].orig
+++ File[/etc/udev/rules.d/75-kube_proxy_conntrack.rules]
+ notify => Exec[udev_reload]
+ owner => root
+ mode => 0444
+ group => root
+ ensure => present
- Content differences:
--- /etc/udev/rules.d/75-kube_proxy_conntrack.rules.orig
+++ /etc/udev/rules.d/75-kube_proxy_conntrack.rules
@@ -0,0 +1,2 @@
+ACTION=="add", SUBSYSTEM=="module", KERNEL=="nf_conntrack", \
+ RUN+="/usr/lib/systemd/systemd-sysctl --prefix net.netfilter.nf_conntrack_max"
- Udev::Rule[ferm_conntrack]
- Parameters differences:
--- Udev::Rule[ferm_conntrack].orig
+++ Udev::Rule[ferm_conntrack]
+ priority => 70
+ ensure => present
- File[/etc/sysctl.d/75-kube_proxy_conntrack.conf]
- Content differences:
--- /etc/sysctl.d/75-kube_proxy_conntrack.conf.orig
+++ /etc/sysctl.d/75-kube_proxy_conntrack.conf
@@ -1,5 +1,2 @@
# sysctl parameters managed by Puppet.
-net.ipv4.conf.all.send_redirects = 0
-net.ipv4.conf.default.send_redirects = 0
-net.ipv4.conf.eno3.send_redirects = 0
net.netfilter.nf_conntrack_max = 1048576
- File[/etc/udev/rules.d/70-ferm_conntrack.rules]
- Parameters differences:
--- File[/etc/udev/rules.d/70-ferm_conntrack.rules].orig
+++ File[/etc/udev/rules.d/70-ferm_conntrack.rules]
+ notify => Exec[udev_reload]
+ owner => root
+ mode => 0444
+ group => root
+ ensure => present
- Content differences:
--- /etc/udev/rules.d/70-ferm_conntrack.rules.orig
+++ /etc/udev/rules.d/70-ferm_conntrack.rules
@@ -0,0 +1,2 @@
+ACTION=="add", SUBSYSTEM=="module", KERNEL=="nf_conntrack", \
+ RUN+="/usr/lib/systemd/systemd-sysctl --prefix net.netfilter"
- Sysctl::Conffile[kube_proxy_icmp]
- Parameters differences:
--- Sysctl::Conffile[kube_proxy_icmp].orig
+++ Sysctl::Conffile[kube_proxy_icmp]
+ priority => 75
+ ensure => present
- Sysctl::Parameters[ferm_conntrack]
- Parameters differences:
--- Sysctl::Parameters[ferm_conntrack].orig
+++ Sysctl::Parameters[ferm_conntrack]
+ module => nf_conntrack
- Udev::Rule[kube_proxy_conntrack]
- Parameters differences:
--- Udev::Rule[kube_proxy_conntrack].orig
+++ Udev::Rule[kube_proxy_conntrack]
+ priority => 75
+ ensure => present
- Sysctl::Conffile[kube_proxy_conntrack]
- Sysctl::Parameters[kube_proxy_conntrack]
- Parameters differences:
--- Sysctl::Parameters[kube_proxy_conntrack].orig
+++ Sysctl::Parameters[kube_proxy_conntrack]
+ module => nf_conntrack
@@
- values => {'net.netfilter.nf_conntrack_max': 1048576, 'net.ipv4.conf.all.send_redirects': 0, 'net.ipv4.conf.default.send_redirects': 0, 'net.ipv4.conf.eno3.send_redirects': 0}
+ values => {'net.netfilter.nf_conntrack_max': 1048576}