Difference between --cap-add=NET_ADMIN and add capabilities in .yml

Question

i have a question and a problem about capabilities.

Why my program work when i run docker run --cap-add=NET_ADMIN ... ?

And it\'s doesn\'t work

Answer 1

Ok, sorry i know all of this and you don't answer correctly to my question.

When i run with docker my program use TC NETWORK ( RTNETLINK) and it's work.

But when i use with kubernetes, it's doesn't work and tell me RTNETLINK answers: No such file or directory

or modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.15.0/modules.dep.bin' modprobe: FATAL: Module sch_netem not found in directory /lib/modules/4.15.0