Container create/system tuning

This change has shown to improve general performance and system stability. Ubuntu 14.04 has some systemD bits within it and there are a few items that can be tuned. These changes add some additional in container tuning the ensure that the pseudo systemD availability within our containers is not impeding container performance. Additionally the netfilter for bridged interfaces was set to 0 which should also improve bridge performance in general. Change-Id: Iad4f0472cf3e38c95c04b29cee8433c0781ff9ff
2015-07-15 15:22:08 -05:00 · 2015-07-15 15:22:08 -05:00 · 4361ed12e0
commit 4361ed12e0
parent a85e50f693
3 changed files with 32 additions and 0 deletions
--- a/playbooks/roles/lxc_container_create/tasks/container_create.yml
+++ b/playbooks/roles/lxc_container_create/tasks/container_create.yml
@ -45,10 +45,22 @@
    - "/openstack/{{ inventory_hostname }}"
    - "/openstack/backup/{{ inventory_hostname }}"
    - "/openstack/log/{{ inventory_hostname }}"
+    - "{{ lxc_container_directory }}/{{ inventory_hostname }}"
  delegate_to: "{{ physical_host }}"
  tags:
    - lxc-container-directories

+- name: LXC autodev setup
+  template:
+    src: "autodev.j2"
+    dest: "/var/lib/lxc/{{ inventory_hostname }}/autodev"
+    owner: "root"
+    group: "root"
+    mode: "0755"
+  delegate_to: "{{ physical_host }}"
+  tags:
+    - lxc-container-autodev
+
 - name: Create container
  lxc_container:
    name: "{{ inventory_hostname }}"
@ -63,7 +75,19 @@
    vg_name: "{{ properties.container_vg_name|default(lxc_container_vg_name) }}"
    template_options: "{{ lxc_container_template_options }}"
    container_command: |
+      if [ -f  "/usr/lib/systemd/system/poweroff.target" ];then
+        ln -sf /usr/lib/systemd/system/poweroff.target /etc/systemd/system/sigpwr.target || true
+      fi
+      ln -s /dev/null /etc/systemd/system/systemd-udevd.service || true
+      ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket || true
+      ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket || true
+      ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount || true
      echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
+    container_config:
+      - "lxc.autodev=1"
+      - "lxc.pts=1024"
+      - "lxc.kmsg=0"
+      - "lxc.hook.autodev=/var/lib/lxc/{{ inventory_hostname }}/autodev"
  delegate_to: "{{ physical_host }}"
  tags:
    - lxc-container-create
--- a/playbooks/roles/lxc_container_create/templates/autodev.j2
+++ b/playbooks/roles/lxc_container_create/templates/autodev.j2
@ -0,0 +1,5 @@
+#!/bin/bash
+cd ${LXC_ROOTFS_MOUNT}/dev
+mkdir net
+mknod net/tun c 10 200
+chmod 0666 net/tun
--- a/playbooks/roles/openstack_hosts/defaults/main.yml
+++ b/playbooks/roles/openstack_hosts/defaults/main.yml
@ -92,6 +92,9 @@ openstack_kernel_options:
  - { key: 'vm.dirty_background_ratio', value: 5 }
  - { key: 'vm.dirty_ratio', value: 10 }
  - { key: 'vm.swappiness', value: 5 }
+  - { key: 'net.bridge.bridge-nf-call-ip6tables', value: 0 }
+  - { key: 'net.bridge.bridge-nf-call-iptables', value: 0 }
+  - { key: 'net.bridge.bridge-nf-call-arptables', value: 0 }
  - { key: 'net.ipv4.neigh.default.gc_thresh1', value: "{{ set_gc_val | int // 2 }}" }
  - { key: 'net.ipv4.neigh.default.gc_thresh2', value: "{{ set_gc_val | int }}" }
  - { key: 'net.ipv4.neigh.default.gc_thresh3', value: "{{ set_gc_val | int * 2 }}" }