docs: Add allowedUnsafeSysctls configuration example for AL2023 #8620
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for karpenter-docs-prod canceled.
|
yk-mt12
force-pushed
the
docs/add-allowed-unsafe-sysctls-example
branch
from
7710901 to
ee2b49f
Compare
Add comprehensive documentation showing how to configure allowedUnsafeSysctls using NodeConfig in EC2NodeClass userData for AL2023 AMI family. This documentation includes: - Security warning about using unsafe sysctls - Use case examples (high-performance networking, connection handling) - EC2NodeClass configuration example with allowedUnsafeSysctls - Reference to Kubernetes documentation for Pod usage - Specific error type (SysctlsForbidden) when using disallowed sysctls This addresses the gap in documentation for configuring unsafe sysctls, which is not available in spec.kubelet but can be configured through UserData using the NodeConfig format. Related issue: aws#2099 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
yk-mt12
force-pushed
the
docs/add-allowed-unsafe-sysctls-example
branch
from
a362dc4 to
2e8e74e
Compare
|
Hi @ryan-mist 👋 I hope you're doing well! I wanted to kindly follow up on this PR when you have a chance. This is a documentation update that adds configuration examples for The change is relatively small (41 lines added to the docs) and includes:
Would you be able to take a look when you have some time? No rush at all! Thank you! 🙏 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Add comprehensive documentation for configuring
allowedUnsafeSysctlsin EC2NodeClass using NodeConfig for AL2023 AMI family.This documentation includes:
allowedUnsafeSysctlsvia UserDataThis addresses the documentation gap for configuring unsafe sysctls, which is not available in
spec.kubeletbut can be configured through UserData using the NodeConfig format.How was this change tested?
Does this change impact docs?
Related Issues
#2099
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.