mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
43 lines
1.7 KiB
Plaintext
43 lines
1.7 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * scalability_and_performance/telco-ran-du-rds.adoc
|
|
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="telco-ran-sysctls_{context}"]
|
|
= Kubelet Settings
|
|
|
|
New in this release::
|
|
Support for configuring `systemReserved` settings (cpu and memory).
|
|
|
|
Some CNF workloads make use of sysctls which are not in the list of system-wide safe sysctls.
|
|
Generally, network sysctls are namespaced and you can enable them using the `kubeletconfig.experimental` annotation in the `PerformanceProfile` Custom Resource (CR).
|
|
|
|
Additionally, the `systemReserved` memory can be configured through the same `kubeletconfig.experimental` annotation to reserve memory for system daemons and kernel processes. An example setting of these parameters as a string of JSON is shown here:
|
|
.Example snippet showing allowedUnsafeSysctls and systemReserved
|
|
|
|
|
|
.Example snippet showing allowedUnsafeSysctls and systemReserved
|
|
[source,yaml]
|
|
----
|
|
apiVersion: performance.openshift.io/v2
|
|
kind: PerformanceProfile
|
|
metadata:
|
|
name: {{ .metadata.name }}
|
|
annotations:
|
|
# allowedUnsafeSysctls: some pods want the kernel stack to ignore IPv6 router Advertisement.
|
|
# systemReserved: when used, it should be tailored for each environment.
|
|
kubeletconfig.experimental: |
|
|
{
|
|
"allowedUnsafeSysctls":["net.ipv6.conf.all.accept_ra"],
|
|
"systemReserved":{"memory":"11Gi"}
|
|
}
|
|
# ...
|
|
----
|
|
|
|
[NOTE]
|
|
====
|
|
Although these sysctls are namespaced, they may allow a pod to consume memory or other resources beyond any limits specified in the pod description.
|
|
You must ensure that these sysctls do not exhaust platform resources.
|
|
====
|
|
|
|
For more information, see "Using sysctls in containers". |