Add --allow-privileged=true
to:
# kubelet config
sudo vim /var/snap/microk8s/current/args/kubelet
#kube-apiserver config
sudo vim /var/snap/microk8s/current/args/kube-apiserver
Restart services:
([]interface {}) (len=1 cap=1) { | |
(*ast.RawStmt)(0x14000370ea0)({ | |
Stmt: (*ast.InsertStmt)(0x1400032d480)({ | |
Relation: (*ast.RangeVar)(0x1400047b890)({ | |
Catalogname: (*string)(<nil>), | |
Schemaname: (*string)(0x14000438f40)(""), | |
Relname: (*string)(0x14000438f50)((len=5) "event"), | |
Inh: (bool) false, | |
Relpersistence: (uint8) 0, | |
Alias: (*ast.Alias)(<nil>), |
╰─ TF_LOG=trace terraform init ─╯ | |
2023-01-29T16:29:09.899+0200 [INFO] Terraform version: 1.3.7 | |
2023-01-29T16:29:09.899+0200 [DEBUG] using github.com/hashicorp/go-tfe v1.9.0 | |
2023-01-29T16:29:09.899+0200 [DEBUG] using github.com/hashicorp/hcl/v2 v2.15.0 | |
2023-01-29T16:29:09.899+0200 [DEBUG] using github.com/hashicorp/terraform-config-inspect v0.0.0-20210209133302-4fd17a0faac2 | |
2023-01-29T16:29:09.899+0200 [DEBUG] using github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 | |
2023-01-29T16:29:09.899+0200 [DEBUG] using github.com/zclconf/go-cty v1.12.1 | |
2023-01-29T16:29:09.899+0200 [INFO] Go runtime version: go1.19.4 | |
2023-01-29T16:29:09.899+0200 [INFO] CLI args: []string{"terraform", "init"} | |
2023-01-29T16:29:09.899+0200 [TRACE] Stdout is a terminal of width 186 |
###################################################################################### | |
# THIS IS SAMPLE OF THE CONFIGURATION # | |
# IT'S NOT A DEFAULT CONFIGURATION, IT'S JUST A REFERENCE TO ALL OPTIONS AND PLUGINS # | |
# MORE DOCS CAN BE FOUND HERE: <https://roadrunner.dev/docs/intro-config> # | |
###################################################################################### | |
# Production usage guide: https://roadrunner.dev/docs/beep-beep-production | |
# Hint: RR will replace any config options using reference to environment variables, | |
# eg.: `option_key: ${ENVIRONMENT_VARIABLE_NAME}`. |
version: '3.9' | |
services: | |
app: | |
working_dir: /app | |
build: | |
dockerfile: Dockerfile | |
context: . | |
volumes: | |
- .:/app | |
command: ["/bin/sh", "-c", "composer install -o && php vendor/bin/rr get-binary -n && chmod +x ./rr && ./rr serve"] |
FROM php:8.0-cli-alpine | |
WORKDIR /app | |
ENV COMPOSER_VERSION="2.2.6" | |
RUN apk update && apk add --no-cache --no-progress --virtual .build-deps \ | |
git \ | |
make \ | |
automake \ |
apiVersion: kustomize.config.k8s.io/v1beta1 | |
kind: Kustomization | |
namespace: mainapp | |
nameSuffix: -web | |
commonLabels: | |
environment: web | |
customer: main | |
bases: |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
labels: | |
app: main | |
name: mainapp | |
spec: | |
template: | |
spec: | |
containers: |
--- | |
# deployment | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
labels: | |
app: main | |
name: mainapp | |
spec: | |
replicas: 1 |
Add --allow-privileged=true
to:
# kubelet config
sudo vim /var/snap/microk8s/current/args/kubelet
#kube-apiserver config
sudo vim /var/snap/microk8s/current/args/kube-apiserver
Restart services:
#!/bin/bash | |
sysctl -w net.core.netdev_max_backlog="150000" | |
sysctl -w net.core.rmem_max="16777216" | |
sysctl -w net.core.somaxconn="65535" | |
sysctl -w net.core.wmem_max="16777216" | |
sysctl -w net.ipv4.ip_local_port_range="1025 65535" | |
sysctl -w net.ipv4.tcp_fin_timeout="20" | |
sysctl -w net.ipv4.tcp_keepalive_time="30" | |
sysctl -w net.ipv4.tcp_max_syn_backlog="20480" |