kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #27376 from sftim/20210401_tidy_sysctl_task 

Tidy sysctl task page for GA
This commit is contained in:
Kubernetes Prow Robot 2021-04-01 13:27:10 -07:00 committed by GitHub
parent 8cadfc4ffd 8f913ba982
commit adbf10dbfe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
content/en/docs/tasks/administer-cluster/sysctl-cluster.md
View File

@ -7,17 +7,19 @@ content_type: task
<!-- overview --> <!-- overview -->
{{< feature-state for_k8s_version="v1.21" state="stable" >}}
This document describes how to configure and use kernel parameters within a This document describes how to configure and use kernel parameters within a
Kubernetes cluster using the {{< glossary_tooltip term_id="sysctl" >}} Kubernetes cluster using the {{< glossary_tooltip term_id="sysctl" >}}
interface. interface.
## {{% heading "prerequisites" %}} ## {{% heading "prerequisites" %}}
{{< include "task-tutorial-prereqs.md" >}} {{< version-check >}} {{< include "task-tutorial-prereqs.md" >}}
For some steps, you also need to be able to reconfigure the command line
options for the kubelets running on your cluster.
<!-- steps --> <!-- steps -->
@ -165,6 +167,8 @@ to schedule those pods onto the right nodes.
## PodSecurityPolicy ## PodSecurityPolicy
{{< feature-state for_k8s_version="v1.21" state="deprecated" >}}
You can further control which sysctls can be set in pods by specifying lists of You can further control which sysctls can be set in pods by specifying lists of
sysctls or sysctl patterns in the `forbiddenSysctls` and/or sysctls or sysctl patterns in the `forbiddenSysctls` and/or
`allowedUnsafeSysctls` fields of the PodSecurityPolicy. A sysctl pattern ends `allowedUnsafeSysctls` fields of the PodSecurityPolicy. A sysctl pattern ends