New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubelet fails to start when set --protect-kernel-defaults=true. #66241
Comments
/sig node |
Please close it as |
Can't find any docs on what "some system configuration" means in this case, anyone care to share anything on that? By NOT setting that fail one CIS security benchmark test so it would be nice to be able to set on a cluster. |
Fortunately the log line itself makes this clear:
So cat > /etc/sysctl.d/90-kubelet.conf << EOF
vm.overcommit_memory=1
kernel.panic=10
kernel.panic_on_oops=1
EOF
sysctl -p /etc/sysctl.d/90-kubelet.conf |
EKS AMI fix: awslabs/amazon-eks-ami#392 |
Is this a BUG REPORT or FEATURE REQUEST?:
What happened:
--protect-kernel-defaults=true
in kubelet.service, reload & restart kubelet.service, it runs well.journalctl -u kubelet
--protect-kernel-defaults=true
, and restart host, kubelet.service can run successfully.Why this happens? Below is my kubelet.service file
What you expected to happen:
Add
--protect-kernel-defaults=true
and restart host, kubelet.service and can run.How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
kubectl version
):1.11
uname -a
):The text was updated successfully, but these errors were encountered: