A sysctl element to manage settings via sysctl.d.

Very useful when fine tuning TripleO to run on specific hardware and networks. There are 2 ways to make use of this element: 1) Calling sysctl-set-value directly. This is useful for in-element sysctl settings and will ensure conflicting values aren't created across elements. 2) Via Heat metadata. In this case sysctl-set-data is used to apply sysctl settings at configuration time. Change-Id: Ic64a7a48f24002c927a8d5417ffd599bb53621a1
2014-04-01 21:23:54 -04:00 · 2014-04-01 21:23:54 -04:00 · e20084f21a
parent 6e86ba6438
commit e20084f21a
5 changed files with 86 additions and 0 deletions
--- a/elements/sysctl/README.md
+++ b/elements/sysctl/README.md
@ -0,0 +1,24 @@
+Manages sysctl settings.
+
+Two ways to make use of this element:
+
+1) Elements can make use of sysctl-set-value directly by requiring
+this element and calling /usr/local/bin/sysctl-set-value. This will
+help ensure conflicting sysctl values are not in use across elements.
+
+2) Alternately you can make use of the element via Heat by adding
+metadata in the configuration example below. The sysctl-set-data
+binary will take care of applying these settings during
+configuration time.
+
+Configuration example
+---------------------
+sysctl:
+    net.ipv4.conf.all.arp_filter: 1
+    net.ipv4.conf.all.arp_ignore: 2
+    net.ipv4.conf.all.arp_announce: 2
+    net.ipv4.conf.default.arp_filter: 1
+    net.ipv4.conf.default.arp_ignore: 2
+    net.ipv4.conf.default.arp_announce: 2
+
+** Any valid sysctl key/value may be specified in this configuration format.
--- a/elements/sysctl/bin/sysctl-set-value
+++ b/elements/sysctl/bin/sysctl-set-value
@ -0,0 +1,45 @@
+#!/bin/bash
+
+# Validate and manage setting sysctl settings.
+#
+# The script is called with name/value pairs which are stored
+# in the system default sysctl.d directory. Before adding new
+# settings a validation is done to ensure that conflicting
+# sysctl settings have not been requested. Once finished sysctl
+# is used to activate the changes.
+set -eu
+
+NAME=${1:-}
+VALUE=${2:-}
+# Optional comment used to describe the setting
+COMMENT=${3:-"This file is managed via the TripleO sysctl image element."}
+
+if [ -z "$NAME" -o -z "$VALUE" ]; then
+    echo "NAME and VALUE are required."
+    exit 1
+fi
+
+FILENAME="/etc/sysctl.d/$NAME"
+
+if [ -f $FILENAME ]; then
+    # check to make sure the settings match... otherwise fail
+    if ! cat $FILENAME | grep -q "^$NAME = $VALUE"; then
+        echo "Conflicting sysctl.conf setting for $NAME == $VALUE. Found:"
+        cat $FILENAME | grep "^$NAME"
+        exit 1
+    fi
+else
+
+    if ! sysctl -a | grep -q "^$NAME"; then
+        echo "Invalid sysctl key: $NAME"
+        exit 1
+    fi
+
+    cat > $FILENAME <<-EOF_CAT
+# $COMMENT
+$NAME = $VALUE
+EOF_CAT
+
+    sysctl --load=$FILENAME
+
+fi
--- a/elements/sysctl/element-deps
+++ b/elements/sysctl/element-deps
@ -0,0 +1 @@
+os-refresh-config
--- a/elements/sysctl/install.d/10-sysctl-install
+++ b/elements/sysctl/install.d/10-sysctl-install
@ -0,0 +1,4 @@
+#!/bin/bash
+set -eux
+
+install-packages jq
--- a/elements/sysctl/os-refresh-config/configure.d/10-sysctl-apply-config
+++ b/elements/sysctl/os-refresh-config/configure.d/10-sysctl-apply-config
@ -0,0 +1,12 @@
+#!/bin/bash
+
+# Configure sysctl settings based on Heat metadata.
+set -eu
+SYSCTL_DATA=$(os-apply-config --key sysctl --type raw --key-default '' | sed "s/u'/'/g"|sed "s/'/\"/g")
+SYSCTL_KEYS=$(jq keys <<< $SYSCTL_DATA)
+COUNT=$(($(jq length <<< $SYSCTL_KEYS) - 1))
+for i in $(seq 0 $COUNT); do
+    KEY=$(jq -r ".[$i]" <<< $SYSCTL_KEYS)
+    VALUE=$(jq -r -a ".[\"$KEY\"]" <<< $SYSCTL_DATA)
+    sysctl-set-value "$KEY" "$VALUE"
+done