Ensure all Kubelet required kernel values are configured when enabling protectKernelDefaults (#8692)

This commit is contained in:
Unai Arríen 2022-04-07 17:33:59 +02:00 committed by GitHub
parent 0481dd946f
commit 19d5a1c7c3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -113,9 +113,12 @@
state: present state: present
reload: yes reload: yes
with_items: with_items:
- { name: vm.overcommit_memory, value: 1 } - { name: kernel.keys.root_maxbytes, value: 25000000 }
- { name: kernel.keys.root_maxkeys, value: 1000000 }
- { name: kernel.panic, value: 10 } - { name: kernel.panic, value: 10 }
- { name: kernel.panic_on_oops, value: 1 } - { name: kernel.panic_on_oops, value: 1 }
- { name: vm.overcommit_memory, value: 1 }
- { name: vm.panic_on_oom, value: 0 }
when: kubelet_protect_kernel_defaults|bool when: kubelet_protect_kernel_defaults|bool
- name: Check dummy module - name: Check dummy module