通过pod的安全上下文修改pod内部被动tcp发起端口范围
apiVersion: v1
kind: Pod
metadata:
name: my-pod
# annotations:
# security.alpha.kubernetes.io/sysctls: net.ipv4.ip_local_port_range= 1024 65535
labels:
test: liveness-exec
spec:
securityContext:
sysctls:
- name: net.ipv4.ip_local_port_range
value: "1024 65535"
containers:
- name: my-pod
image: centos
...