mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
32 lines
1.2 KiB
Plaintext
32 lines
1.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * nodes/containers/nodes-containers-sysctls.adoc
|
|
|
|
:_mod-docs-content-type: CONCEPT
|
|
|
|
[id="namespaced-and-node-level-sysctls"]
|
|
= Namespaced and node-level sysctls
|
|
|
|
A number of sysctls are _namespaced_ in the Linux kernels. This means that you can set them independently for each pod on a node. Being namespaced is a requirement for sysctls to be accessible in a pod context within Kubernetes.
|
|
|
|
The following sysctls are known to be namespaced:
|
|
|
|
- `_kernel.shm*_`
|
|
- `_kernel.msg*_`
|
|
- `_kernel.sem_`
|
|
- `_fs.mqueue.*_`
|
|
|
|
Additionally, most of the sysctls in the `net.*` group are known to be namespaced. Their namespace adoption differs based on the kernel version and distributor.
|
|
|
|
Sysctls that are not namespaced are called _node-level_ and must be set
|
|
manually by the cluster administrator, either by means of the underlying Linux
|
|
distribution of the nodes, such as by modifying the `_/etc/sysctls.conf_` file,
|
|
or by using a daemon set with privileged containers. You can use the Node Tuning Operator to set _node-level_ sysctls.
|
|
|
|
|
|
[NOTE]
|
|
====
|
|
Consider marking nodes with special sysctls as tainted. Only schedule pods onto
|
|
them that need those sysctl settings. Use the taints and toleration feature to mark the nodes.
|
|
====
|