Set sysctl key in Kubernetes pod using Kops + Docker 1.11

Question

I'm using Kops 1.4.4 to launch my Kubernetes cluster on AWS. My Elasticsearch pods require me to set the kernel parameter vm.max_map_count to at least 262144. Kubernetes 1.5.1 has systctl feature, but it requires Docker >= 1.12. Kops currently builds my nodes with a lesser Docker version and so I'm stuck trying to figure out how to automate setting the kernel parameter. If I attempt to set it in my Dockerfile using RUN sysctl -w vm.max_map_count=262144, I get the error message: 'sysctl: setting key "vm.max_map_count": Read-only file system'.

Are there any workarounds for this?

prior to you using kops did you use kube-up.sh / kube-down.sh to launch AWS clusters ? I am asking since I am about to migrate off kube-up.sh and onto kops so am interested to hear your perspective — Scott Stensland, Jan 10 '17 at 22:30
I did. Kops is superior in my opinion and the transition was pretty straightforward. — kellanburket, Jan 11 '17 at 15:11

kellanburket · Accepted Answer · 2017-01-05T18:42:50.867

Apparently this can be done using Kubernetes init containers. Following the Kubernetes deployment config posted here this can be done by applying the following annotation to your deployment. Under spec > template > metadata > annotations add:

pod.beta.kubernetes.io/init-containers: '[
  {
  "name": "sysctl",
    "image": "busybox",
    "command": ["sysctl", "-w", "vm.max_map_count=262144"],
    "securityContext": {
      "privileged": true
    }
  }
]'

Set sysctl key in Kubernetes pod using Kops + Docker 1.11

1 Answers1