Raise k3s memlock rlimit for eBPF tracing on ringtail
Beyla (alloy-tracing) has been failing since April 13 with "failed to set memlock rlimit: operation not permitted" because k3s inherits the default 8MB memlock limit. Set LimitMEMLOCK=infinity on the k3s systemd service so privileged containers can use eBPF. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
a72a2c2bd4
commit
24f3f9b24a
1 changed files with 4 additions and 0 deletions
|
|
@ -153,6 +153,10 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
# Raise memlock rlimit for k3s so eBPF workloads (Beyla/Alloy tracing) can
|
||||
# call setrlimit(RLIMIT_MEMLOCK, unlimited) inside privileged containers.
|
||||
systemd.services.k3s.serviceConfig.LimitMEMLOCK = "infinity";
|
||||
|
||||
# K3s containerd registry mirrors (pull through Zot on indri)
|
||||
environment.etc."rancher/k3s/registries.yaml".source = ./k3s-registries.yaml;
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue