Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
b
blue-controller-9088
02/01/2023, 9:16 PMAnybody knows how to change ulimit for memlock in RKE2 (containerd)?
In RKE1 we set it via /etc/docker/daemon.json, something like this:
--
{"log-driver": "json-file","log-opts": {"max-size": "100m","max-file": "3"},"default-ulimits": {"memlock": {"Name": "memlock","Hard": -1,"Soft": -1}}}c
creamy-pencil-82913
02/01/2023, 9:18 PMset them in the rke2 systemd unit
LimitMEMLOCK=
LimitLOCKS=b
blue-controller-9088
02/01/2023, 9:24 PMyou meant in rke2-server unit?
It’s rke2 downstream cluster
c
creamy-pencil-82913
02/01/2023, 9:26 PMrke2-server rke2-agent, whatever you have
b
blue-controller-9088
02/01/2023, 9:27 PMrke2-server what I have. Will try it.
Yep, this works, thanks Brandon!
Well, sort of working. Something is getting restored it back after node reboot. I’m wandering what it could be and how to make it persistent?
c
creamy-pencil-82913
02/01/2023, 10:57 PMsomething is rewriting your systemd unit file?
rke2 doesn’t manage that file, so it would have to be something else
b
blue-controller-9088
02/01/2023, 11:04 PMI suspect it’s system-upgrade-controller
I had to do it in /etc/systemd/system.conf DefaultLimit* instead of unit file
c
creamy-pencil-82913
02/01/2023, 11:06 PMno, that wouldn’t manage it either, that just replaces the binary
If the node was provisioned by Rancher then it would be managed by rancher-system-agent
b
blue-controller-9088
02/01/2023, 11:07 PMyes, it’s rancher downstream cluster
c
creamy-pencil-82913
02/01/2023, 11:07 PMthere are many kinds of downstream clusters
not all of them are provisioned by rancher
b
blue-controller-9088
02/01/2023, 11:08 PMit’s custom, we manage nodes ourselves
c
creamy-pencil-82913
02/01/2023, 11:08 PMso you provisioned it via Rancher, as opposed to installing RKE2 manually and then importing it into Rancher
b
blue-controller-9088
02/01/2023, 11:10 PMyep, create cluster, then install agent via cloud-init. Usual stuff. It’s bare-metal nodes BTW
c
creamy-pencil-82913
02/01/2023, 11:12 PMyeah so that is what we could call a Rancher provisioned cluster, and the config is managed by rancher-system-agent
b
blue-controller-9088
02/01/2023, 11:12 PMyep