From a1faf0b0a7bec61d5ac93e8479fe065853a8ca0b Mon Sep 17 00:00:00 2001 From: Gael Chamoulaud Date: Mon, 25 Feb 2019 15:08:38 +0100 Subject: [PATCH] Add controller-ulimits role This patch adds this new role created from: - validations/controller-ulimits.yaml Change-Id: Iaa7506b428f8cfa6a8c703dcfdd13d4412969889 Implements: blueprint validation-framework Signed-off-by: Gael Chamoulaud --- playbooks/controller-ulimits.yaml | 13 ++++++++++ roles/controller-ulimits/defaults/main.yml | 3 +++ roles/controller-ulimits/meta/main.yml | 27 +++++++++++++++++++++ roles/controller-ulimits/tasks/main.yml | 28 ++++++++++++++++++++++ roles/controller-ulimits/vars/main.yml | 7 ++++++ 5 files changed, 78 insertions(+) create mode 100644 playbooks/controller-ulimits.yaml create mode 100644 roles/controller-ulimits/defaults/main.yml create mode 100644 roles/controller-ulimits/meta/main.yml create mode 100644 roles/controller-ulimits/tasks/main.yml create mode 100644 roles/controller-ulimits/vars/main.yml diff --git a/playbooks/controller-ulimits.yaml b/playbooks/controller-ulimits.yaml new file mode 100644 index 000000000..2ded38d3f --- /dev/null +++ b/playbooks/controller-ulimits.yaml @@ -0,0 +1,13 @@ +--- +- hosts: Controller + vars: + metadata: + name: Check controller ulimits + description: > + This will check the ulimits of each controller. + groups: + - post-deployment + nofiles_min: 1024 + nproc_min: 2048 + roles: + - controller-ulimits diff --git a/roles/controller-ulimits/defaults/main.yml b/roles/controller-ulimits/defaults/main.yml new file mode 100644 index 000000000..ca0d52b12 --- /dev/null +++ b/roles/controller-ulimits/defaults/main.yml @@ -0,0 +1,3 @@ +--- +nofiles_min: 1024 +nproc_min: 2048 diff --git a/roles/controller-ulimits/meta/main.yml b/roles/controller-ulimits/meta/main.yml new file mode 100644 index 000000000..b3d5ccc9f --- /dev/null +++ b/roles/controller-ulimits/meta/main.yml @@ -0,0 +1,27 @@ +galaxy_info: + author: TripleO Validations Team + company: Red Hat + license: Apache + min_ansible_version: 2.4 + + platforms: + - name: CentOS + versions: + - 7 + - name: RHEL + versions: + - 7 + + categories: + - cloud + - baremetal + - system + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] diff --git a/roles/controller-ulimits/tasks/main.yml b/roles/controller-ulimits/tasks/main.yml new file mode 100644 index 000000000..2c91845bb --- /dev/null +++ b/roles/controller-ulimits/tasks/main.yml @@ -0,0 +1,28 @@ +--- +- name: Get nofiles limit + become: true + # NOTE: `ulimit` is a shell builtin so we have to invoke it like this: + command: sh -c "ulimit -n" + register: nofilesval + changed_when: False + +- name: Check nofiles limit + fail: + msg: > + nofiles is set to {{ nofilesval.stdout }}. It should be at least + {{ nofiles_min }} or higher, depending on available resources. + failed_when: "nofilesval.stdout|int < nofiles_min" + +- name: Get nproc limit + become: true + # NOTE: `ulimit` is a shell builtin so we have to invoke it like this: + command: sh -c "ulimit -u" + register: nprocval + changed_when: False + +- name: Check nproc limit + fail: + msg: > + nproc is set to {{ nprocval.stdout }}. It should be at least + {{ nproc_min }} or higher, depending on available resources. + failed_when: "nprocval.stdout|int < nproc_min" diff --git a/roles/controller-ulimits/vars/main.yml b/roles/controller-ulimits/vars/main.yml new file mode 100644 index 000000000..3f00b888a --- /dev/null +++ b/roles/controller-ulimits/vars/main.yml @@ -0,0 +1,7 @@ +--- +metadata: + name: Check controller ulimits + description: > + This will check the ulimits of each controller. + groups: + - post-deployment