Add support for configuration of sysctl parameters

These are group-specific, and configured via the following variables: controller_sysctl_parameters monitoring_sysctl_parameters seed_sysctl_parameters seed_hypervisor_parameters
2017-08-31 17:43:18 +00:00 · 2017-08-31 17:43:18 +00:00 · 316d16c0ec
parent fa69ee2775
commit 316d16c0ec
18 changed files with 136 additions and 6 deletions
--- a/ansible/group_vars/all/controllers
+++ b/ansible/group_vars/all/controllers
@ -110,3 +110,9 @@ controller_lvm_group_data_lv_docker_volumes_size: 75%VG

 # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
 controller_lvm_group_data_lv_docker_volumes_fs: ext4
+
+###############################################################################
+# Controller node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+controller_sysctl_parameters: {}
--- a/ansible/group_vars/all/monitoring
+++ b/ansible/group_vars/all/monitoring
@ -69,3 +69,9 @@ monitoring_lvm_groups_default: "{{ controller_lvm_groups_default }}"
 # Additional list of monitoring node volume groups. See mrlesmithjr.manage-lvm
 # role for format.
 monitoring_lvm_groups_extra: "{{ controller_lvm_groups_extra }}"
+
+###############################################################################
+# Monitoring node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+monitoring_sysctl_parameters: {}
--- a/ansible/group_vars/all/seed
+++ b/ansible/group_vars/all/seed
@ -67,3 +67,9 @@ seed_lvm_group_data_lv_docker_volumes_size: 75%VG

 # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
 seed_lvm_group_data_lv_docker_volumes_fs: ext4
+
+###############################################################################
+# Seed node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+seed_sysctl_parameters: {}
--- a/ansible/group_vars/all/seed-hypervisor
+++ b/ansible/group_vars/all/seed-hypervisor
@ -57,3 +57,9 @@ seed_hypervisor_libvirt_networks: >
     net_select_bridges |
     map('net_libvirt_network') |
     list }}
+
+###############################################################################
+# Seed hypervisor sysctl configuration.
+
+# Dict of sysctl parameters to set.
+seed_hypervisor_sysctl_parameters: {}
--- a/ansible/group_vars/controllers/sysctl
+++ b/ansible/group_vars/controllers/sysctl
@ -0,0 +1,3 @@
+---
+# Dict of sysctl parameters to set.
+sysctl_parameters: "{{ controller_sysctl_parameters }}"
--- a/ansible/group_vars/monitoring/sysctl
+++ b/ansible/group_vars/monitoring/sysctl
@ -0,0 +1,3 @@
+---
+# Dict of sysctl parameters to set.
+sysctl_parameters: "{{ monitoring_sysctl_parameters }}"
--- a/ansible/group_vars/seed-hypervisor/sysctl
+++ b/ansible/group_vars/seed-hypervisor/sysctl
@ -0,0 +1,3 @@
+---
+# Dict of sysctl parameters to set.
+sysctl_parameters: "{{ seed_hypervisor_sysctl_parameters }}"
--- a/ansible/group_vars/seed/sysctl
+++ b/ansible/group_vars/seed/sysctl
@ -0,0 +1,3 @@
+---
+# Dict of sysctl parameters to set.
+sysctl_parameters: "{{ seed_sysctl_parameters }}"
--- a/ansible/roles/sysctl/README.md
+++ b/ansible/roles/sysctl/README.md
@ -0,0 +1,42 @@
+Sysctl
+======
+
+This role configures sysctl parameters.
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+`sysctl_file` is the name of a file in which to persist sysctl parameters.
+
+`sysctl_set` is whether to verify token value with the sysctl command and set
+with -w if necessary.
+
+`sysctl_parameters` is a dict of sysctl parameters to set.
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+This playbook will set the `net.ipv4.ip_forward` parameter to `1`.
+
+    ---
+    - hosts: all
+      roles:
+        - role: sysctl
+          sysctl_set: yes
+          sysctl_parameters:
+            net.ipv4.ip_forward: 1
+
+Author Information
+------------------
+
+- Mark Goddard (<mark@stackhpc.com>)
--- a/ansible/roles/sysctl/defaults/main.yml
+++ b/ansible/roles/sysctl/defaults/main.yml
@ -0,0 +1,9 @@
+---
+# File in which to write sysctl parameters.
+sysctl_file:
+
+# Verify token value with the sysctl command and set with -w if necessary.
+sysctl_set:
+
+# Dict of parameters to set via sysctl.
+sysctl_parameters: {}
--- a/ansible/roles/sysctl/tasks/main.yml
+++ b/ansible/roles/sysctl/tasks/main.yml
@ -0,0 +1,10 @@
+---
+- name: Ensure sysctl parameters are configured
+  sysctl:
+    name: "{{ item.key }}"
+    state: "present"
+    sysctl_file: "{{ sysctl_file or omit }}"
+    sysctl_set: "{{ sysctl_set or omit }}"
+    value: "{{ item.value }}"
+  with_dict: "{{ sysctl_parameters }}"
+  become: True
--- a/ansible/sysctl.yml
+++ b/ansible/sysctl.yml
@ -0,0 +1,7 @@
+---
+- name: Ensure sysctl parameters are configured
+  hosts: seed:seed-hypervisor:overcloud
+  roles:
+    - role: sysctl
+      sysctl_file: "/etc/sysctl.d/kayobe"
+      sysctl_set: "yes"
--- a/doc/source/control-plane-service-placement.rst
+++ b/doc/source/control-plane-service-placement.rst
@ -65,6 +65,7 @@ hosts in the ``monitoring`` group.
                          for format.
   ``network_interfaces`` List of names of networks to which the host is
                          connected.
+   ``sysctl_parameters``  Dict of sysctl parameters to set.
   ====================== =====================================================

 If configuring BIOS and RAID via ``kayobe overcloud bios raid configure``, the
@ -182,6 +183,7 @@ providing the necessary variables for a control plane host.
   bootstrap_user: "{{ controller_bootstrap_user }}"
   lvm_groups: "{{ controller_lvm_groups }}"
   network_interfaces: "{{ controller_network_host_network_interfaces }}"
+   sysctl_parameters: "{{ controller_sysctl_parameters }}"

 Here we are using the controller-specific values for some of these variables,
 but they could equally be different.
--- a/etc/kayobe/controllers.yml
+++ b/etc/kayobe/controllers.yml
@ -86,6 +86,12 @@
 # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
 #controller_lvm_group_data_lv_docker_volumes_fs:

+###############################################################################
+# Controller node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+#controller_sysctl_parameters:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
--- a/etc/kayobe/monitoring.yml
+++ b/etc/kayobe/monitoring.yml
@ -63,6 +63,12 @@
 # role for format.
 #monitoring_lvm_groups_extra:

+###############################################################################
+# Monitoring node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+#monitoring_sysctl_parameters:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
--- a/etc/kayobe/seed-hypervisor.yml
+++ b/etc/kayobe/seed-hypervisor.yml
@ -44,6 +44,12 @@
 # List of libvirt networks for the seed hypervisor.
 #seed_hypervisor_libvirt_networks:

+###############################################################################
+# Seed hypervisor sysctl configuration.
+
+# Dict of sysctl parameters to set.
+#seed_hypervisor_sysctl_parameters:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
--- a/etc/kayobe/seed.yml
+++ b/etc/kayobe/seed.yml
@ -51,6 +51,12 @@
 # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
 #seed_lvm_group_data_lv_docker_volumes_fs:

+###############################################################################
+# Seed node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+#seed_sysctl_parameters:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@ -226,8 +226,8 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
    def take_action(self, parsed_args):
        self.app.LOG.debug("Configuring seed hypervisor host OS")
        playbooks = _build_playbook_list(
-            "ip-allocation", "ssh-known-host", "dev-tools", "network", "ntp",
-            "seed-hypervisor-libvirt-host")
+            "ip-allocation", "ssh-known-host", "dev-tools", "network",
+            "sysctl", "ntp", "seed-hypervisor-libvirt-host")
        self.run_kayobe_playbooks(parsed_args, playbooks,
                                  limit="seed-hypervisor")

@ -285,8 +285,8 @@ class SeedHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
        if parsed_args.wipe_disks:
            playbooks += _build_playbook_list("wipe-disks")
        playbooks += _build_playbook_list(
-            "dev-tools", "disable-selinux", "network", "ip-routing", "snat",
-            "disable-glean", "ntp", "lvm")
+            "dev-tools", "disable-selinux", "network", "sysctl", "ip-routing",
+            "snat", "disable-glean", "ntp", "lvm")
        self.run_kayobe_playbooks(parsed_args, playbooks, limit="seed")
        playbooks = _build_playbook_list("kolla-ansible")
        self.run_kayobe_playbooks(parsed_args, playbooks, tags="config")
@ -465,8 +465,8 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
        if parsed_args.wipe_disks:
            playbooks += _build_playbook_list("wipe-disks")
        playbooks += _build_playbook_list(
-            "dev-tools", "disable-selinux", "network", "disable-glean", "ntp",
-            "lvm")
+            "dev-tools", "disable-selinux", "network", "sysctl",
+            "disable-glean", "ntp", "lvm")
        self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud")
        playbooks = _build_playbook_list("kolla-ansible")
        self.run_kayobe_playbooks(parsed_args, playbooks, tags="config")