diff --git a/charts/opensearch-cluster/README.md b/charts/opensearch-cluster/README.md
index 5f7a43251..a067db709 100644
--- a/charts/opensearch-cluster/README.md
+++ b/charts/opensearch-cluster/README.md
@@ -77,9 +77,9 @@ The following table lists the configurable parameters of the Helm chart.
| `cluster.initHelper.imagePullSecrets` | list | `[]` | initHelper image pull secret |
| `cluster.initHelper.resources` | object | `{}` | initHelper pod cpu and memory resources |
| `cluster.initHelper.version` | string | `"1.36"` | initHelper version |
-| `cluster.nodePools` | list | `[{"annotations":{},"component":"masters","diskSize":"30Gi","replicas":3,"resources":{"limits":{"cpu":"500m","memory":"2Gi"},"requests":{"cpu":"500m","memory":"2Gi"},"sidecarContainers":[]},"roles":["master","data"]}]` | Opensearch nodes configuration |
+| `cluster.nodePools` | list | `[{"annotations":{},"component":"masters","diskSize":"30Gi","replicas":3,"resources":{"limits":{"cpu":"500m","memory":"2Gi"},"requests":{"cpu":"500m","memory":"2Gi"}},"roles":["master","data"],"sidecarContainers":[]}]` | Opensearch nodes configuration |
| `cluster.nodePools[0].annotations` | object | `{}` | node pool pod annotations |
-| `cluster.nodePools[0].resources.sidecarContainers` | list | `[]` | These containers will be deployed as sidecars in the same pod as the OpenSearch container |
+| `cluster.nodePools[0].sidecarContainers` | list | `[]` | These containers will be deployed as sidecars in the same pod as the OpenSearch container |
| `cluster.security.config.adminCredentialsSecret` | object | `{}` | Secret that contains fields username and password to be used by the operator to access the opensearch cluster for node draining. Must be set if custom securityconfig is provided. |
| `cluster.security.config.adminSecret` | object | `{}` | TLS Secret that contains a client certificate (tls.key, tls.crt, ca.crt) with admin rights in the opensearch cluster. Must be set if http certificates are provided by user and not generated |
| `cluster.security.config.securityConfigSecret` | object | `{}` | Secret that contains the differnt yml files of the opensearch-security config (config.yml, internal_users.yml, etc) |
diff --git a/charts/opensearch-cluster/values.yaml b/charts/opensearch-cluster/values.yaml
index c6300357c..c533779ff 100644
--- a/charts/opensearch-cluster/values.yaml
+++ b/charts/opensearch-cluster/values.yaml
@@ -267,34 +267,34 @@ cluster:
limits:
memory: "2Gi"
cpu: "500m"
- # -- These containers will be deployed as sidecars in the same pod as the OpenSearch container
- sidecarContainers: [ ]
- # Example configurations:
- # - name: log-shipper
- # image: fluent/fluent-bit:latest
- # resources:
- # requests:
- # memory: "64Mi"
- # cpu: "100m"
- # limits:
- # memory: "128Mi"
- # cpu: "200m"
- # volumeMounts:
- # - name: varlog
- # mountPath: /var/log
- # readOnly: true
- # - name: metrics-collector
- # image: prom/node-exporter:latest
- # ports:
- # - containerPort: 9100
- # name: metrics
- # resources:
- # requests:
- # memory: "32Mi"
- # cpu: "50m"
- # limits:
- # memory: "64Mi"
- # cpu: "100m"
+ # -- These containers will be deployed as sidecars in the same pod as the OpenSearch container
+ sidecarContainers: []
+ # Example configurations:
+ # - name: log-shipper
+ # image: fluent/fluent-bit:latest
+ # resources:
+ # requests:
+ # memory: "64Mi"
+ # cpu: "100m"
+ # limits:
+ # memory: "128Mi"
+ # cpu: "200m"
+ # volumeMounts:
+ # - name: varlog
+ # mountPath: /var/log
+ # readOnly: true
+ # - name: metrics-collector
+ # image: prom/node-exporter:latest
+ # ports:
+ # - containerPort: 9100
+ # name: metrics
+ # resources:
+ # requests:
+ # memory: "32Mi"
+ # cpu: "50m"
+ # limits:
+ # memory: "64Mi"
+ # cpu: "100m"
# Opensearch security configuration
security:
diff --git a/charts/opensearch-operator/files/opensearch.opster.io_opensearchclusters.yaml b/charts/opensearch-operator/files/opensearch.opster.io_opensearchclusters.yaml
index 2a2a416a2..468539561 100644
--- a/charts/opensearch-operator/files/opensearch.opster.io_opensearchclusters.yaml
+++ b/charts/opensearch-operator/files/opensearch.opster.io_opensearchclusters.yaml
@@ -4515,6 +4515,7 @@ spec:
serviceName:
type: string
setVMMaxMapCount:
+ default: true
type: boolean
snapshotRepositories:
items:
diff --git a/docs/designs/crd.md b/docs/designs/crd.md
index e77bf4201..f07ee9a62 100644
--- a/docs/designs/crd.md
+++ b/docs/designs/crd.md
@@ -167,7 +167,7 @@ GeneralConfig defines global Opensearch cluster configuration
| SetVMMaxMapCount |
bool |
will add VMmaxMapCount |
- false |
+ true |
|
| additionalConfig |
diff --git a/docs/userguide/main.md b/docs/userguide/main.md
index 881b7aad0..2de7d6349 100644
--- a/docs/userguide/main.md
+++ b/docs/userguide/main.md
@@ -395,15 +395,15 @@ We don't support dynamic values depending on the node type for now.
### Deal with `max virtual memory areas vm.max_map_count` errors
-OpenSearch requires the Linux kernel `vm.max_map_count` option [to be set to at least 262144](https://opensearch.org/docs/1.0/opensearch/install/important-settings/). You can either set this yourself on the Kubernetes hosts using sysctl or you can let the operator take care of it by adding the following option to your cluster spec:
+OpenSearch requires the Linux kernel `vm.max_map_count` option [to be set to at least 262144](https://opensearch.org/docs/1.0/opensearch/install/important-settings/). The operator sets this option as 262144 in default using an init container for each opensearch pod. If you already set this option yourself on the Kubernetes hosts using sysctl and don't want to change it by the operator again, you can disable by adding the following option to your cluster spec:
```yaml
spec:
general:
- setVMMaxMapCount: true
+ setVMMaxMapCount: false
```
-This will configure an init container for each opensearch pod that executes the needed `sysctl` command. By default the init container uses a busybox image. If you want to change that (for example to use an image from a private registry), see [Custom init helper](#custom-init-helper).
+By default the init container uses a busybox image. If you want to change that (for example to use an image from a private registry), see [Custom init helper](#custom-init-helper).
### Configuring Snapshot Repositories
diff --git a/opensearch-operator/api/v1/opensearch_types.go b/opensearch-operator/api/v1/opensearch_types.go
index cb6bbdecc..bc4f4148a 100644
--- a/opensearch-operator/api/v1/opensearch_types.go
+++ b/opensearch-operator/api/v1/opensearch_types.go
@@ -47,10 +47,11 @@ type GeneralConfig struct {
//+kubebuilder:default=9200
HttpPort int32 `json:"httpPort,omitempty"`
//+kubebuilder:validation:Enum=Opensearch;Op;OP;os;opensearch
- Vendor string `json:"vendor,omitempty"`
- Version string `json:"version,omitempty"`
- ServiceAccount string `json:"serviceAccount,omitempty"`
- ServiceName string `json:"serviceName"`
+ Vendor string `json:"vendor,omitempty"`
+ Version string `json:"version,omitempty"`
+ ServiceAccount string `json:"serviceAccount,omitempty"`
+ ServiceName string `json:"serviceName"`
+ //+kubebuilder:default=true
SetVMMaxMapCount bool `json:"setVMMaxMapCount,omitempty"`
DefaultRepo *string `json:"defaultRepo,omitempty"`
// Disable SSL for the cluster
diff --git a/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml b/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
index 2a2a416a2..468539561 100644
--- a/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
+++ b/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
@@ -4515,6 +4515,7 @@ spec:
serviceName:
type: string
setVMMaxMapCount:
+ default: true
type: boolean
snapshotRepositories:
items: