DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add sysctl exemptions to controller PSP

Browse source 
I would like to be able to support this construction in my DaemonSet, I have coontrol over the host and this is the easiest way yo bump the socket properties.
```yaml
securityContext:
  sysctls:
    - name: net.core.somaxconn
      value: "8192"
```
This commit is contained in:
Tobias Wolf 2020-06-12 09:45:55 +02:00
parent c0035d29c3
commit 1d54d8b565
6 changed files with 38 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
charts/ingress-nginx/templates/controller-deployment.yaml
View file

@ -46,8 +46,18 @@ spec:
{{- if .Values.controller.priorityClassName }}
priorityClassName: {{ .Values.controller.priorityClassName }}
{{- end }}
{{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }}
securityContext:
{{- end }}
{{- if .Values.controller.podSecurityContext }}
securityContext: {{ toYaml .Values.controller.podSecurityContext | nindent 8 }}
{{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
{{- end }}
{{- if .Values.controller.sysctls }}
sysctls:
{{- range $sysctl, $value := .Values.controller.sysctls }}
- name: {{ $sysctl }}
value: {{ $value }}
{{- end }}
{{- end }}
containers:
- name: controller