docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7469 from docker/FW_LO_NOTRACK 

Update system-requirements.md
This commit is contained in:
Traci Morrison 2019-12-13 12:42:05 -05:00 committed by GitHub
parent 278c8184e0 c59e639560
commit 03a6e01a7c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ee/ucp/admin/install/system-requirements.md
View File

@ -123,6 +123,19 @@ Number 4 for IP-in-IP encapsulation.
If you're deploying to AWS or another cloud provider, enable IP-in-IP
traffic for your cloud provider's security group.
## Enable connection tracking on the loopback interface for SLES
Calico's Kubernetes controllers can't reach the Kubernetes API server
unless connection tracking is enabled on the loopback interface. SLES
disables connection tracking by default.
On each node in the cluster:
```
sudo mkdir -p /etc/sysconfig/SuSEfirewall2.d/defaults
echo FW_LO_NOTRACK=no | sudo tee /etc/sysconfig/SuSEfirewall2.d/defaults/99-docker.cfg
sudo SuSEfirewall2 start
```
## Timeout settings
Make sure the networks you're using allow the UCP components enough time