Set systctl in Kubenetes for pod

Question

Hi I have problem. I want to defind kernel paramenter in pod "net.ipv4.tcp_tw_reuse=1" . I test on vm is very good. But I config in manifest file in not work . please help me.

cat test_sysctl4.yml

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: ppp-mon
  name: ppp-mon
spec:
  securityContext:
    sysctls:
    sysctls:
    - name: kernel.shm_rmid_forced
      value: "0"
    - name: net.core.somaxconn
      value: "1024"
    - name: kernel.msgmax
      value: "65536"
    - name: net.ipv4.tcp_tw_reuse
      value: "1"
  containers:
  - image:  ppp-mon
    name: ppp-mon

Deployment:

kubectl apply -n ppp -f test_sysctl4.yml

Check pod :

#kubectl get pod -n ppp ppp-mon
NAME      READY   STATUS            RESTARTS   AGE
ppp-mon   0/1     SysctlForbidden   0          54s

Thank you.

score 0 · Answer 1 · answered Sep 20 '22 at 10:30

0

this is a bit old, but just for reference: i think net.ipv4.tcp_tw_reuse is considered an "unsafe sysctl" and thus must be enabled in the cluster by the admin before use. see: https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/

answered Sep 20 '22 at 10:30

Blafasel42

187
7

Set systctl in Kubenetes for pod

1 Answers1