Set up kernel default protections¶
To protect kernel parameters from being overridden by kublet, you can either
invoke the --kube-protect-kernel-defaults
command option at the time of
MKE install, or following MKE install you can adjust the cluster_config |
kube_protect_kernel_defaults
parameter in the MKE configuration file.
Important
When enabled, kubelet can fail to start if the kernel parameters on the nodes are not properly set. You must set those kernel parameters on the nodes before you install MKE or before adding a new node to an existing cluster.
Create a configuration file called
/etc/sysctl.d/90-kubelet.conf
and add the following snippet to it:vm.panic_on_oom=0 vm.overcommit_memory=1 kernel.panic=10 kernel.panic_on_oops=1 kernel.keys.root_maxkeys=1000000 kernel.keys.root_maxbytes=25000000
Run sysctl -p /etc/sysctl.d/90-kubelet.conf.