diff --git a/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel b/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel
index 7248b5f02d..35cd16bcf8 100755
--- a/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel
+++ b/elements/haproxy-octavia/post-install.d/20-haproxy-tune-kernel
@@ -30,3 +30,11 @@ sysctl-write-value net.core.wmem_max 67108864
 sysctl-write-value net.ipv4.tcp_rmem "4096 87380 33554432"
 sysctl-write-value net.ipv4.tcp_wmem "4096 87380 33554432"
 sysctl-write-value net.ipv4.ip_local_port_range "1025 65534"
+
+# Allow unprivileged users to send ICMP echo requests
+# https://bugzilla.redhat.com/show_bug.cgi?id=2037807
+# This sysctl is already included in /usr/lib/sysctl.d/50-default.conf on Centos
+# 8 Stream (with a '-'' prefix that prevents sysctl from throwing an error if
+# the setting doesn't exist in the kernel), but sysctl --system doesn't apply it
+# correctly when creating the amphora-haproxy namespace.
+sysctl-write-value net.ipv4.ping_group_range "0 2147483647"
diff --git a/releasenotes/notes/fix-ping-hm-on-centos-stream-6624f19c8da86e22.yaml b/releasenotes/notes/fix-ping-hm-on-centos-stream-6624f19c8da86e22.yaml
new file mode 100644
index 0000000000..e8b775b4b9
--- /dev/null
+++ b/releasenotes/notes/fix-ping-hm-on-centos-stream-6624f19c8da86e22.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fix an issue with PING health-monitors on Centos 8 Stream. Changes in
+    Centos and systemd prevent an unprivileged user from sending ping requests
+    from a network namespace.