Hello, cluster v1.21.5+k3s2 is installed, after restarting the service ( k3s) it applies the default kernel parameters ( net.netfilter.nf_conntrack_max). Ubuntu 18.04.5 LTS root@drm-set1-master01:~# sysctl -p net.core.somaxconn = 65535 net.ipv4.ip_local_port_range = 1024 65535 net.nf_conntrack_max = 4194304 net.netfilter.nf_conntrack_max = 4194304 fs.file-max = 2097152 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 65535 net.ipv4.ip_forward = 1 net.ipv4.ip_local_reserved_ports = 30000-32767 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-arptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 root@drm-set1-master01:~# systemctl restart k3s root@drm-set1-master01:~# sysctl -a | grep net.netfilter.nf_conntrack_max sysctl: reading key "net.ipv6.conf.all.stable_secret" sysctl: reading key "net.ipv6.conf.cni0.stable_secret" sysctl: reading key "net.ipv6.conf.default.stable_secret" sysctl: reading key "net.ipv6.conf.ens160.stable_secret" sysctl: reading key "net.ipv6.conf.flannel/1.stable_secret" sysctl: reading key "net.ipv6.conf.kube-ipvs0.stable_secret" sysctl: reading key "net.ipv6.conf.lo.stable_secret" sysctl: reading key "net.ipv6.conf.veth000ece3e.stable_secret" sysctl: reading key "net.ipv6.conf.veth1412c3ee.stable_secret" sysctl: reading key "net.ipv6.conf.veth3d3b54df.stable_secret" net.netfilter.nf_conntrack_max = 131072

Is there a question?

Yes. What could be the problem?

what is the problem?

i set the kernel parameter net.netfilter.nf _conntrack_max = 4194304, apply it and after restarting the k3s service, the value is reset

Yes, kube-proxy manages the configuration of those sysctls. See the CLI flags for conntrack in the docs: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/