type sysctl … var safeSysctls … // SafeSysctlAllowlist returns the allowlist of safe sysctls and safe sysctl patterns (ending in *). // // A sysctl is called safe iff // - it is namespaced in the container or the pod // - it is isolated, i.e. has no influence on any other pod on the same node. func SafeSysctlAllowlist() []string { … } func getSafeSysctlAllowlist(getVersion func() (*version.Version, error)) []string { … }
Codebase Browser
kubernetes