If it’s kernel setting just set it on the host. The kernel used by all containers on given computer is the same.
Containers don’t have access to modify these kinds of settings by default. It’d be too privileged so the default seccomp profile etc. has been tuned to try and optimize the right convenience vs. security sweet spot.
Sort of, but the kernel settings are shared by all containers. Each container is run in a unique network namespace but this is for isolation purposes (e.g., each container can have its own loopback interface / localhost and not interfere with each other), not resource control. sysctl is intended for getting and setting kernel parameters and these are shared by all processes running on the kernel (i.e., all containers since containers on a given box are just processes on the same kernel with some special properties).
I am running Docker 1.11.2 on Centos 7.
I set net.core.somaxconn = 1024 on the host. When I bring up the official Centos 7 container and run sysctl -a | grep somaxconn from inside the container, it shows that it is set to 128.
Is it using the setting on the host despite it saying something else in the container?