Browse Source

Added gc_threshold overrides to sysctl.conf

When clouds have a large number of hosts, the default size of the ARP
cache is too small. The cache can overflow, which means that the
system has no way to reach some ip addresses.

Setting the threshold limits higher addresses the situation, in a
reasonably safe way (the maximum impact is 5MB or so of additional RAM
used). Docs on ARP at http://man7.org/linux/man-pages/man7/arp.7.html,
and more discussion of the issue in the bug.

Change-Id: I329ec51eff85a2a99a929c67ff0c68b3b36d7273
Closes-Bug: 1780348
changes/23/639723/5
Pete Vander Giessen 7 months ago
parent
commit
00ca87fec3

+ 14
- 0
config.yaml View File

@@ -295,3 +295,17 @@ options:
295 295
       be scheduled without a requirement for a dedicated network node to host
296 296
       centralized SNAT. This is especially important if only floating IPs are
297 297
       used in the network design and SNAT traffic is minimal or non-existent.
298
+  sysctl:
299
+    type: string
300
+    default: |
301
+      { net.ipv4.neigh.default.gc_thresh1 : 128,
302
+        net.ipv4.neigh.default.gc_thresh2 : 28672,
303
+        net.ipv4.neigh.default.gc_thresh3 : 32768,
304
+        net.ipv6.neigh.default.gc_thresh1 : 128,
305
+        net.ipv6.neigh.default.gc_thresh2 : 28672,
306
+        net.ipv6.neigh.default.gc_thresh3 : 32768,
307
+        net.nf_conntrack_max : 1000000,
308
+        net.netfilter.nf_conntrack_max : 1000000 }
309
+    description: |
310
+      YAML-formatted associative array of sysctl key/value pairs to be set
311
+      persistently e.g. '{ kernel.pid_max : 4194303 }'.

+ 7
- 0
hooks/neutron_ovs_hooks.py View File

@@ -37,6 +37,8 @@ from charmhelpers.core.hookenv import (
37 37
     relation_ids,
38 38
 )
39 39
 
40
+from charmhelpers.core.sysctl import create as create_sysctl
41
+
40 42
 from neutron_ovs_utils import (
41 43
     DHCP_PACKAGES,
42 44
     DVR_PACKAGES,
@@ -117,6 +119,11 @@ def config_changed():
117 119
         purge_packages(packages_to_purge)
118 120
         request_nova_compute_restart = True
119 121
 
122
+    sysctl_settings = config('sysctl')
123
+    if sysctl_settings:
124
+        create_sysctl(sysctl_settings,
125
+                      '/etc/sysctl.d/50-openvswitch.conf')
126
+
120 127
     configure_ovs()
121 128
     CONFIGS.write_all()
122 129
     # NOTE(fnordahl): configure_sriov must be run after CONFIGS.write_all()

+ 11
- 0
unit_tests/test_neutron_ovs_hooks.py View File

@@ -32,6 +32,7 @@ utils.register_configs = _reg
32 32
 utils.restart_map = _map
33 33
 
34 34
 TO_PATCH = [
35
+    'create_sysctl',
35 36
     'config',
36 37
     'CONFIGS',
37 38
     'get_shared_secret',
@@ -111,6 +112,16 @@ class NeutronOVSHooksTests(CharmTestCase):
111 112
         self.assertTrue(self.CONFIGS.write_all.called)
112 113
         self.configure_ovs.assert_called_with()
113 114
 
115
+    def test_config_changed_sysctl_overrides(self):
116
+        self.test_config.set(
117
+            'sysctl',
118
+            '{foo : bar}'
119
+        )
120
+        self._call_hook('config-changed')
121
+        self.create_sysctl.assert_called_with(
122
+            '{foo : bar}',
123
+            '/etc/sysctl.d/50-openvswitch.conf')
124
+
114 125
     @patch.object(hooks, 'neutron_plugin_joined')
115 126
     def test_config_changed_rocky_upgrade(self, _plugin_joined):
116 127
         self.determine_purge_packages.return_value = ['python-neutron']

+ 2
- 2
unit_tests/test_neutron_ovs_utils.py View File

@@ -496,13 +496,13 @@ class TestNeutronOVSUtils(CharmTestCase):
496 496
         ML2CONF = "/etc/neutron/plugins/ml2/openvswitch_agent.ini"
497 497
         _restart_map = nutils.restart_map()
498 498
         expect = OrderedDict([
499
-            (ML2CONF, ['neutron-openvswitch-agent']),
500 499
             (nutils.NEUTRON_CONF, ['neutron-openvswitch-agent']),
500
+            (ML2CONF, ['neutron-openvswitch-agent']),
501 501
         ])
502
-        self.assertEqual(expect, OrderedDict(_restart_map))
503 502
         for item in _restart_map:
504 503
             self.assertTrue(item in _restart_map)
505 504
             self.assertTrue(expect[item] == _restart_map[item])
505
+        self.assertEqual(len(_restart_map.keys()), 2)
506 506
 
507 507
     @patch.object(nutils, 'use_dvr')
508 508
     @patch('charmhelpers.contrib.openstack.context.config')

Loading…
Cancel
Save