Set sysctl key in Kubernetes pod using Kops + Docker 1.11

Question

I'm using Kops 1.4.4 to launch my Kubernetes cluster on AWS. My Elasticsearch pods require me to set the kernel parameter vm.max_map_count to at least 262144. Kubernetes 1.5.1 has systctl feature, but it requires Docker >= 1.12. Kops currently builds my nodes with a lesser Docker version and so I'm stuck trying to figure out how to automate setting the kernel parameter. If I attempt to set it in my Dockerfile using RUN sysctl -w vm.max_map_count=262144, I get the error message: 'sysctl: setting key "vm.max_map_count": Read-only file system'.

Are there any workarounds for this?

prior to you using kops did you use kube-up.sh / kube-down.sh to launch AWS clusters ? I am asking since I am about to migrate off kube-up.sh and onto kops so am interested to hear your perspective — Scott Stensland
I did. Kops is superior in my opinion and the transition was pretty straightforward. — kellanburket

kellanburket kellanburket · Accepted Answer · 2017-01-05T18:37:20

Apparently this can be done using Kubernetes init containers. Following the Kubernetes deployment config posted here this can be done by applying the following annotation to your deployment. Under spec > template > metadata > annotations add:

pod.beta.kubernetes.io/init-containers: '[
  {
  "name": "sysctl",
    "image": "busybox",
    "command": ["sysctl", "-w", "vm.max_map_count=262144"],
    "securityContext": {
      "privileged": true
    }
  }
]'

Set sysctl key in Kubernetes pod using Kops + Docker 1.11

1 Answers