Merge pull request #40323 from asa3311/sync-sysctl-cluster.md

[zh-cn] sync sysctl-cluster.md
2023-03-26 20:05:56 -07:00 · 2023-03-26 20:05:56 -07:00 · 133e93b764
parent 8c63a0494d 59acbf4645
commit 133e93b764
1 changed files with 7 additions and 1 deletions
--- a/content/zh-cn/docs/tasks/administer-cluster/sysctl-cluster.md
+++ b/content/zh-cn/docs/tasks/administer-cluster/sysctl-cluster.md
@ -207,8 +207,14 @@ in future versions of the Linux kernel.
 - `kernel.msg*`,
 - `kernel.sem`,
 - `fs.mqueue.*`,
+<!--
+- The parameters under `net.*` that can be set in container networking
+  namespace. However, there are exceptions (e.g., before Linux 5.12.2,
+  `net.netfilter.nf_conntrack_max` and `net.netfilter.nf_conntrack_expect_max`
+  can be set in container networking namespace but they are unnamespaced).
+-->
 - `net.*`（内核中可以在容器命名空间里被更改的网络配置项相关参数）。然而也有一些特例
-  （例如，`net.netfilter.nf_conntrack_max` 和 `net.netfilter.nf_conntrack_expect_max`
+  （例如，在 Linux 5.12.2 前，`net.netfilter.nf_conntrack_max` 和 `net.netfilter.nf_conntrack_expect_max`
  可以在容器命名空间里被更改，但它们是非命名空间的）。

 <!--