Unable to set kernel.core_pattern in K8s
Question
I am trying to modify the kernel.core_pattern but I am unable to modify it as it is Read-Only.
I have tried:
> echo 'kernel.core_pattern=/tmp/core-%e.%p.%h.%t' >> /etc/sysctl.conf
> Reload sysctl: sysctl --system
Applying /etc/sysctl.conf ... sysctl: setting key "kernel.core_pattern": Read-only file system cat /proc/sys/kernel/core_pattern
I am no able to add it to the pod yaml either:
spec:
securityContext:
sysctls:
- name: kernel.core_pattern
value: "/tmp/core-%e.%p.%h.%t"
I keep getting this: SysctlForbidden
I created a PodSecurityPolicy as well:
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: sysctl-psp
spec:
privileged: false # Don't allow privileged pods!
# The rest fills in some required fields.
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
runAsUser:
rule: RunAsAny
fsGroup:
rule: RunAsAny
allowedUnsafeSysctls:
- kernel.*
Still no luck.
Any suggestions?
1 answers
solution1
0 2021-01-29 16:28:20
I was able to edit the kernel.core_pattern on the nodes in the cluster and that was reflected in the pods as well. But is a temporary work around as the core files generated are of zero size.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
update k8s in minikube
When to use external LoadBalancer in K8s?
kubectl apply -f k8s: is unable to recognize service and deployment and has no matches for kind “Service” in version “v1”
Connecting Centos VMs to each other for K8s
Pod redeploy trigger in golang k8s client
core kernel pattern %e on Linux appends PID
Docker K8s optimize images to reduce load time
K8s did not kill my airflow webserver pod
Redirect logs of pods in my k8s to a file with pod name
Calico & K8S on Azure - can't access pods
Related Tags