AKS support sysctls via az nodepool add via --kubelet-config

Unfortunately, you won't be able to use az nodepool update to set this configuration. This is only available when you create a nodepool and you get a chance to specify kubelet-config which allows you to enable "unsafe" options such as net.ipv4.tcp_keepalive_time.

For example, let's say you have the following configuration kubelet.config

{ "cpuManagerPolicy": "static", "cpuCfsQuota": true, "cpuCfsQuotaPeriod": "200ms", "imageGcHighThreshold": 90, "imageGcLowThreshold": 70, "topologyManagerPolicy": "best-effort", "allowedUnsafeSysctls": [ "kernel.msg*", "net.*" ], "failSwapOn": false }

To roll this out, simply execute the following:

az aks nodepool add --name testpool --cluster-name mydev-aks-cluster --resource-group mydevaks-unsafe --kubelet-config ./testkubelet.config


Then execute nodepool show to display your settings:

az aks nodepool show --cluster-name mydev-aks-cluster --name testpool --resource-group mydevaks-unsafe





Comments

Post a Comment

Popular posts from this blog

The specified initialization vector (IV) does not match the block size for this algorithm

Image
If you're getting  exception when trying to assigned key to a symmetric key and getting error message below :- The specified initialization vector (IV) does not match the block size for this algorithm And your code probably look like something below :- Then you need to go into debug mode and start looking into the supported size for IV as shown in diagram below :- As you can see, IV is 16 bytes, so you need to provide 16 bytes. The same goes for Key field too, if you're adding anything to it. As long as you provide a valid key size, then we're good and you're code will be ready.
Read more