I have EKS cluster and want to enable Unsafe Sysctls [1]. At first, I try to use kubelet --allowed-unsafe-sysctls 'net.ipv4.tcp_keepalive_intvl'
on worker node. But, following error occured because it’s deperecated [2].
Flag --allowed-unsafe-sysctls has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kube
Thus, I tried kubelet --config config.yaml
. But the error occurred.
I0311 13:00:55.484190 5534 exclusion.go:84] No environment variable set, using default exclusion rules
E0311 13:00:55.484226 5534 exclusion.go:94] Invalid webhook admission exclusion rule, scope not set
E0311 13:00:55.484235 5534 exclusion.go:94] Invalid webhook admission exclusion rule, scope not set
I0311 13:00:55.899202 5534 server.go:446] "Kubelet version" kubeletVersion="v1.23.16-eks-48e63af"
I0311 13:00:55.899690 5534 server.go:606] "Standalone mode, no API client"
E0311 13:00:55.899842 5534 server.go:302] "Failed to run kubelet" err="failed to run Kubelet: no client provided, cannot use webhook authentication"
<config.yaml>
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
allowedUnsafeSysctls:
- "net.ipv4.tcp_keepalive_intvl"
What did i miss? I would appreciate if you could give me any advice.
kubelet version: v1.23.16-eks-48e63af
container runtime: Docker
[1] Using sysctls in a Kubernetes Cluster | Kubernetes
[2] kubelet | Kubernetes