Kubernetes: Cap nf_conntrack Limits on High-core Machines

Problem

On machines with many CPU cores, nf_conntrack connection tracking limits could grow unchecked, consuming excessive memory. The default formula scaled with core count without an upper bound.

Solution

Added caps to nf_conntrack limits to prevent excessive memory usage. The caps are calculated based on reasonable memory budgets rather than core count alone.

Result

Consistent memory usage across different machine configurations. No more runaway memory consumption on high-core systems.

Commit: kubernetes/kubernetes@65564e2