diff --git a/modules/telco-ran-sysctls.adoc b/modules/telco-ran-sysctls.adoc new file mode 100644 index 000000000000..087053fa7782 --- /dev/null +++ b/modules/telco-ran-sysctls.adoc @@ -0,0 +1,30 @@ +// Module included in the following assemblies: +// +// * scalability_and_performance/telco-ran-du-rds.adoc + +:_mod-docs-content-type: REFERENCE +[id="telco-ran-sysctls_{context}"] += Kubelet Settings + +Some CNF workloads make use of sysctls which are not in the list of system-wide safe sysctls. +Generally, network sysctls are namespaced and you can enable them using the `kubeletconfig.experimental` annotation in the `PerformanceProfile` Custom Resource (CR) as a string of JSON in the following form: + +.Example snippet showing allowedUnsafeSysctls +[source,yaml] +---- +apiVersion: performance.openshift.io/v2 +kind: PerformanceProfile +metadata: + name: {{ .metadata.name }} + annotations:kubeletconfig.experimental: | + {"allowedUnsafeSysctls":["net.ipv6.conf.all.accept_ra"]} +# ... +---- + +[NOTE] +==== +Although these sysctls are namespaced, they may allow a pod to consume memory or other resources beyond any limits specified in the pod description. +You must ensure that these sysctls do not exhaust platform resources. +==== + +For more information, see "Using sysctls in containers". \ No newline at end of file diff --git a/scalability_and_performance/telco-ran-du-rds.adoc b/scalability_and_performance/telco-ran-du-rds.adoc index c59eec3a3333..2082eb7aad3f 100644 --- a/scalability_and_performance/telco-ran-du-rds.adoc +++ b/scalability_and_performance/telco-ran-du-rds.adoc @@ -39,6 +39,13 @@ include::modules/telco-ran-bios-tuning.adoc[leveloffset=+2] * xref:../scalability_and_performance/cnf-provisioning-low-latency-workloads.adoc#cnf-provisioning-low-latency-workloads[Provisioning real-time and low latency workloads] +include::modules/telco-ran-sysctls.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources + +* xref:../nodes/containers/nodes-containers-sysctls.adoc#nodes-containers-sysctls-about[Using sysctls in containers] + include::modules/telco-ran-node-tuning-operator.adoc[leveloffset=+2] [role="_additional-resources"]