Process ID (PIDs) Limits are not set

General Discussions
1

Asking for help? Comment out what you need so we can get more information to help you!

Cluster information:

Kubernetes version:1.18
Cloud being used: (put bare-metal if not on a public cloud)
Installation method: on premise
Host OS: Ubuntu
CNI and version:
CRI and version:

You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.

we have to mitigate the below security defects in our K8s cluster env

Process ID (PIDs) Limits are not set

PIDs are a fundamental resource on nodes. Kubelet can be configured to limit the number of PIDs a given Pod / Node can consume.

Does anyone has any idea about how to fix this on premise k8s cluster?

Regards
Rohit Thakur

2

Theres a page on it in the k8s docs:

3

Thank you
we are able to use PID in version 1.20 and we upgraded the ingress controller version to v.48. now we are getting different while accessing the APIs,

2021/08/10 14:13:49 [error] 172#172: *54854 upstream timed out (110: Operation timed out) while connecting to upstream, client: 192.168.16.21, server: _, request: “GET /abc/xyz/r4/Location?address-city=MA HTTP/1.1”, upstream: “http://X.X.X.X:8081/xyz/r4/Location?address-city=MA”, host: “192.168.16.21:31613”

Ingress version :- ingress-controller-v0.48.1.yaml

please let me know how to solve this issue.

Regards
Rohit