Browse Source

Added gc_threshold overrides to sysctl.conf

When clouds have a large number of hosts, the default size of the ARP
cache is too small. The cache can overflow, which means that the
system has no way to reach some ip addresses.

Setting the threshold limits higher addresses the situation, in a
reasonably safe way (the maximum impact is 5MB or so of additional RAM
used). Docs on ARP at http://man7.org/linux/man-pages/man7/arp.7.html,
and more discussion of the issue in the bug.

Change-Id: I701141784224f5f870f6da73a24bed8015694409
Closes-Bug: 1780348
changes/85/639985/1
Pete Vander Giessen 7 months ago
parent
commit
53b58388d3
3 changed files with 20 additions and 7 deletions
  1. 9
    1
      config.yaml
  2. 4
    3
      hooks/neutron_hooks.py
  3. 7
    3
      unit_tests/test_neutron_hooks.py

+ 9
- 1
config.yaml View File

@@ -191,7 +191,15 @@ options:
191 191
       Enable metadata on an isolated network (no router ports).
192 192
   sysctl:
193 193
     type: string
194
-    default:
194
+    default: |
195
+      { net.ipv4.neigh.default.gc_thresh1 : 128,
196
+        net.ipv4.neigh.default.gc_thresh2 : 28672,
197
+        net.ipv4.neigh.default.gc_thresh3 : 32768,
198
+        net.ipv6.neigh.default.gc_thresh1 : 128,
199
+        net.ipv6.neigh.default.gc_thresh2 : 28672,
200
+        net.ipv6.neigh.default.gc_thresh3 : 32768,
201
+        net.nf_conntrack_max : 1000000,
202
+        net.netfilter.nf_conntrack_max : 1000000 }
195 203
     description: |
196 204
       YAML-formatted associative array of sysctl key/value pairs to be set
197 205
       persistently e.g. '{ kernel.pid_max : 4194303 }'.

+ 4
- 3
hooks/neutron_hooks.py View File

@@ -122,9 +122,10 @@ def config_changed():
122 122
 
123 123
     update_nrpe_config()
124 124
 
125
-    sysctl_dict = config('sysctl')
126
-    if sysctl_dict:
127
-        create_sysctl(sysctl_dict, '/etc/sysctl.d/50-quantum-gateway.conf')
125
+    sysctl_settings = config('sysctl')
126
+    if sysctl_settings:
127
+        create_sysctl(sysctl_settings,
128
+                      '/etc/sysctl.d/50-quantum-gateway.conf')
128 129
 
129 130
     if config('vendor-data'):
130 131
         write_vendordata(config('vendor-data'))

+ 7
- 3
unit_tests/test_neutron_hooks.py View File

@@ -120,7 +120,10 @@ class TestQuantumHooks(CharmTestCase):
120 120
 
121 121
         def mock_relids(rel):
122 122
             return ['relid']
123
-        self.test_config.set('sysctl', '{ kernel.max_pid: "1337"}')
123
+        self.test_config.set(
124
+            'sysctl',
125
+            '{foo : bar}'
126
+        )
124 127
         self.openstack_upgrade_available.return_value = True
125 128
         self.valid_plugin.return_value = True
126 129
         self.relation_ids.side_effect = mock_relids
@@ -131,8 +134,9 @@ class TestQuantumHooks(CharmTestCase):
131 134
         self.assertTrue(self.configure_ovs.called)
132 135
         self.assertTrue(_amqp_joined.called)
133 136
         self.assertTrue(_amqp_nova_joined.called)
134
-        self.assertTrue(self.create_sysctl.called)
135
-        self.configure_apparmor.assert_called_with()
137
+        self.create_sysctl.assert_called_with(
138
+            '{foo : bar}',
139
+            '/etc/sysctl.d/50-quantum-gateway.conf')
136 140
 
137 141
     def test_config_changed_upgrade(self):
138 142
         self.disable_nova_metadata.return_value = False

Loading…
Cancel
Save