Commit c85e8582 authored by Thomas Goirand's avatar Thomas Goirand

Add some sysctl customization (low swappiness, higher conntrack, etc.).

parent e4a9cd3b
......@@ -11,6 +11,7 @@ openstack-cluster-installer (21) UNRELEASED; urgency=medium
* Add option to perform ipmitool settings in the target image when running on
the slave image.
* Add option to show the calculated IPMI console command.
* Add some sysctl customization (low swappiness, higher conntrack, etc.).
[ Oliver Chaze ]
* swift: do not log in syslog general logs
......
......@@ -44,6 +44,8 @@ class oci::cephmon(
$mon_keyring_path = "/tmp/ceph-${machine_hostname}.keyring"
::oci::sysctl { 'oci-rox': }
class { 'ceph':
fsid => $ceph_fsid,
ensure => 'present',
......
......@@ -37,6 +37,8 @@ class oci::cephosd(
$ceph_mon_host = undef,
){
::oci::sysctl { 'oci-rox': }
class { 'ceph':
fsid => $ceph_fsid,
ensure => 'present',
......
......@@ -62,6 +62,9 @@ class oci::compute(
$keystone_auth_uri = "${base_url}:${api_port}/identity"
$keystone_admin_uri = "${base_url}:${api_port}/identity-admin"
# Some useful sysctl customization
::oci::sysctl { 'oci-rox': }
# We need haproxy for proxying the metadata proxy server
# because of TLS + Eventlet + Python 3
class { 'haproxy':
......
......@@ -328,6 +328,8 @@ export OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem
}
}
::oci::sysctl { 'oci-rox': }
# Add haproxy that will listen on that virtual IP, and load balance
# to the different API daemons using tcp mode (as the APIs will do
# full SSL already).
......
......@@ -39,6 +39,8 @@ class oci::swiftproxy(
$keystone_admin_uri = "${base_url}/identity-admin"
$memcached_servers = ["127.0.0.1:11211"]
::oci::sysctl { 'oci-rox': }
package { 'rsyslog':
ensure => present,
}
......
......@@ -11,6 +11,8 @@ class oci::swiftstore(
$use_ssl = true,
){
::oci::sysctl { 'oci-rox': }
package { 'rsyslog':
ensure => present,
}
......
define oci::sysctl(
){
# Setup some useful sysctl customization
sysctl::value { 'net.ipv4.neigh.default.gc_thresh1':
value => '2048',
target => '/etc/sysctl.d/40-ipv4-neigh-1.conf',
}
sysctl::value { 'net.ipv4.neigh.default.gc_thresh2':
value => '4096',
target => '/etc/sysctl.d/40-ipv4-neigh-2.conf',
}
sysctl::value { 'net.ipv4.neigh.default.gc_thresh3':
value => '8192',
target => '/etc/sysctl.d/40-ipv4-neigh-3.conf',
}
sysctl::value { 'net.netfilter.nf_conntrack_max':
value => '1048576',
target => '/etc/sysctl.d/40-nf-conntrack-max-1.conf',
}
sysctl::value { 'net.nf_conntrack_max':
value => '1048576',
target => '/etc/sysctl.d/40-nf-conntrack-max-2.conf',
}
sysctl::value { 'vm.swappiness':
value => '1',
target => '/etc/sysctl.d/50-vm-swappiness.conf',
}
}
......@@ -43,6 +43,8 @@ class oci::volume(
$keystone_auth_uri = "${base_url}:${api_port}/identity"
$keystone_admin_uri = "${base_url}:${api_port}/identity-admin"
::oci::sysctl { 'oci-rox': }
include ::cinder::client
# Cinder main class (ie: cinder-common config)
class { '::cinder':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment