Skip to content
Snippets Groups Projects
Verified Commit 4aebe591 authored by Maarten de Waard's avatar Maarten de Waard :angel:
Browse files

set necessary sysctl stuff

parent ed0432d0
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
ansible/roles/rke_configuration/tasks/main.yml
+ 18
0
View file @ 4aebe591
......@@ -28,6 +28,24 @@
when: rke_version.stdout != rke.version
become: true
# https://rancher.com/docs/rancher/v2.x/en/security/hardening-2.3.3/#1-1-rancher-rke-kubernetes-cluster-host-configuration
- name: Configure sysctl for kubelet
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
loop:
- name: vm.overcommit_memory
value: 1
- name: vm.panic_on_oom
value: 0
- name: kernel.panic
value: 10
- name: kernel.panic_on_oops
value: 1
- name: kernel.keys.root_maxkeys
value: 1000000
- name: kernel.keys.root_maxbytes
value: 25000000
- name: Deploy rke cluster configuration file
tags:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment