Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 2f1cfea41bead876a24875751c7cdd71728a6141^! / .
commit2f1cfea41bead876a24875751c7cdd71728a6141[log] [tgz]
authorricolin <rlin@vexxhost.com>Sat Nov 26 03:35:56 2022 +0800
committerMohammed Naser <mnaser@vexxhost.com>Tue Nov 29 17:54:42 2022 -0500
treed8b63cd5514e74ab48a589ce9d49b7ecf990b050
parent431ab87e61a2029952d22e0151b309b3c2e5ef00 [diff]
Tuning sysctl for all node

Tuning sysctl on all nodes.

The tuning factors and values are reference from:
https://opendev.org/openstack/charm-ceph-osd/src/branch/master/lib/charms_ceph/utils.py#L115-L144

diff --git a/playbooks/kubernetes.yml b/playbooks/kubernetes.yml
index ebd5dc1..6761047 100644
--- a/playbooks/kubernetes.yml
+++ b/playbooks/kubernetes.yml

@@ -15,6 +15,7 @@
 - hosts: all
   become: true
   roles:
+    - role: sysctl
     - role: ethtool
       tags:
         - ethtool

diff --git a/roles/kubernetes/defaults/main.yml b/roles/kubernetes/defaults/main.yml
index 79c2a9a..abc45b9 100644
--- a/roles/kubernetes/defaults/main.yml
+++ b/roles/kubernetes/defaults/main.yml

@@ -36,28 +36,12 @@
 kubernetes_sysctls:
   - name: net.ipv4.ip_forward
     value: 1
-  - name: net.ipv4.tcp_l3mdev_accept
-    value: 1
-  - name: net.ipv4.udp_l3mdev_accept
-    value: 1
   - name: net.bridge.bridge-nf-call-iptables
     value: 1
   - name: net.bridge.bridge-nf-call-ip6tables
     value: 1
   - name: net.ipv4.conf.all.rp_filter
     value: 0
-  - name: net.ipv4.neigh.default.gc_thresh1
-    value: 128
-  - name: net.ipv4.neigh.default.gc_thresh2
-    value: 28872
-  - name: net.ipv4.neigh.default.gc_thresh3
-    value: 32768
-  - name: net.ipv6.neigh.default.gc_thresh1
-    value: 128
-  - name: net.ipv6.neigh.default.gc_thresh2
-    value: 28872
-  - name: net.ipv6.neigh.default.gc_thresh3
-    value: 32768
 
                                                                    # ]]]
 # .. envvar:: kubernetes_control_plane_group [[[

diff --git a/roles/sysctl/README.md b/roles/sysctl/README.md
new file mode 100644
index 0000000..e52d01e
--- /dev/null
+++ b/roles/sysctl/README.md

@@ -0,0 +1 @@
+# `sysctl`

diff --git a/roles/sysctl/defaults/main.yml b/roles/sysctl/defaults/main.yml
new file mode 100644
index 0000000..787082f
--- /dev/null
+++ b/roles/sysctl/defaults/main.yml

@@ -0,0 +1,54 @@
+---
+# .. vim: foldmarker=[[[,]]]:foldmethod=marker
+
+# .. Copyright (C) 2022 VEXXHOST, Inc.
+# .. SPDX-License-Identifier: Apache-2.0
+
+# Default variables
+# =================
+
+# .. contents:: Sections
+#    :local:
+
+
+# .. envvar:: sysctls [[[
+#
+# List of ``sysctl`` parameters to set
+sysctls:
+  - name: net.ipv4.tcp_timestamps
+    value: 0
+  - name: net.ipv4.tcp_sack
+    value: 1
+  - name: net.core.netdev_max_backlog
+    value: 250000
+  - name: net.core.rmem_max
+    value: 4194304
+  - name: net.core.wmem_max
+    value: 4194304
+  - name: net.core.rmem_default
+    value: 4194304
+  - name: net.core.wmem_default
+    value: 4194304
+  - name: net.core.optmem_max
+    value: 4194304
+  - name: net.ipv4.tcp_rmem
+    value: 4096 87380 4194304
+  - name: net.ipv4.tcp_wmem
+    value: 4096 65536 4194304
+  - name: net.ipv4.tcp_low_latency
+    value: 1
+  - name: net.ipv4.tcp_adv_win_scale
+    value: 1
+  - name: net.ipv4.neigh.default.gc_thresh1
+    value: 128
+  - name: net.ipv4.neigh.default.gc_thresh2
+    value: 28872
+  - name: net.ipv4.neigh.default.gc_thresh3
+    value: 32768
+  - name: net.ipv6.neigh.default.gc_thresh1
+    value: 128
+  - name: net.ipv6.neigh.default.gc_thresh2
+    value: 28872
+  - name: net.ipv6.neigh.default.gc_thresh3
+    value: 32768
+                                                                   # ]]]

diff --git a/roles/sysctl/meta/main.yml b/roles/sysctl/meta/main.yml
new file mode 100644
index 0000000..f0d4658
--- /dev/null
+++ b/roles/sysctl/meta/main.yml

@@ -0,0 +1,24 @@
+# Copyright (c) 2022 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+galaxy_info:
+  author: VEXXHOST, Inc.
+  description: Ansible role for sysctl tuning
+  license: Apache-2.0
+  min_ansible_version: 5.5.0
+  standalone: false
+  platforms:
+    - name: Ubuntu
+      versions:
+        - focal

diff --git a/roles/sysctl/tasks/main.yml b/roles/sysctl/tasks/main.yml
new file mode 100644
index 0000000..46ea348
--- /dev/null
+++ b/roles/sysctl/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: Configure sysctl values
+  ansible.posix.sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    state: present
+  loop: "{{ sysctls }}"