Hi,
I just discovered that GitLab tries to also set the following during "sysctl -e --system" command:
cat /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf kernel.sem = 250 32000 32 262
And also:
cat /etc/sysctl.d/protect-links.conf ################################################################### # Protected links # # Protects against creating or following links under certain conditions # Debian kernels have both set to 1 (restricted) # See https://www.kernel.org/doc/Documentation/sysctl/fs.txt fs.protected_hardlinks = 1 fs.protected_symlinks = 1
You maybe want to change this as well in the host & container?
I disabled the command "reload all sysctrl conf" for now in in the GitLab recipes (Ruby code): /opt/gitlab/embedded/cookbooks/package/recipes/sysctl.rb
As well as, I commented-out where "reload all sysctrl conf" is used in: /opt/gitlab/embedded/cookbooks/package/resources/gitlab_sysctl.rb
I will create a GitLab issue or comment on an existing GitLab issue regarding support LXC containers without this much hassle.
Next issue I'm facing is regarding Let's Encrypt. But the terminal is now in use by somebody else...
Regards, Melroy van den Berg
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ Op dinsdag, juni 9, 2020 5:56 AM, Mike Gabriel <mike.gabriel@das-netzwerkteam.de> schreef:
On Di 09 Jun 2020 01:11:48 CEST, Melroy van den Berg wrote:
But I rather like to get this working in a correct manner. Maybe somebody add at this shmmax statement above to the host > /etc/sysctl.conf file?
Done + echo'ed to /proc/sys/kernel/shmmax.
Mike
DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de