Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
b
boundless-eye-27124
12/14/2022, 2:41 AMHow to enable sysctl in RKE2. seeing
forbidden sysctl: "net.ipv4.tcp_rmem" not allowlistedkubectl patch psp global-unrestricted-psp --patch '{"spec": {"allowedUnsafeSysctls": ["net.*", "net.core.rmem_max",
"net.core.wmem_max",
"net.ipv4.tcp_rmem",
"net.ipv4.tcp_wmem",
"net.core.somaxconn",
"net.core.netdev_max_backlog",
"net.ipv4.tcp_syncookies",
"net.ipv4.ip_local_port_range",
"net.ipv4.tcp_tw_recycle",
"net.ipv4.tcp_tw_reuse",
"net.ipv4.tcp_congestion_control",
"net.ipv4.tcp_max_syn_backlog",
"net.netfilter.nf_conntrack_tcp_be_liberal",
"net.ipv4.tcp_slow_start_after_idle"]}}'^^ Patched config
c
creamy-pencil-82913
12/14/2022, 3:28 AMIf I remember correctly there's also a whitelist in the kubelet that needs to be changed
b
boundless-eye-27124
12/14/2022, 8:13 PMthanks, it helped