apiVersion: v1
kind: Pod
metadata:
name: sysctls1
spec:
containers:
- image: registry.k8s.io/pause
name: container1
initContainers:
- image: registry.k8s.io/pause
name: initcontainer1
securityContext:
sysctls:
- name: kernel.shm_rmid_forced
value: "0"
- name: net.ipv4.ip_local_port_range
value: 1024 65535
- name: net.ipv4.tcp_syncookies
value: "0"
- name: net.ipv4.ping_group_range
value: 1 0
- name: net.ipv4.ip_unprivileged_port_start
value: "1024"
- name: net.ipv4.ip_local_reserved_ports
value: 1024-4999
- name: net.ipv4.tcp_keepalive_time
value: "7200"
- name: net.ipv4.tcp_fin_timeout
value: "60"
- name: net.ipv4.tcp_keepalive_intvl
value: "75"
- name: net.ipv4.tcp_keepalive_probes
value: "9"