100 lines
2.8 KiB
Puppet
100 lines
2.8 KiB
Puppet
#
|
|
# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
|
|
#
|
|
# Authors: Mehdi Abaakouk <mehdi.abaakouk@enovance.com>
|
|
# Emilien Macchi <emilien.macchi@enovance.com>
|
|
# Francois Charlier <francois.charlier@enovance.com>
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# Swift nodes
|
|
|
|
class os_role_swift {
|
|
|
|
class { 'ssh::server::install': }
|
|
|
|
class { 'swift':
|
|
swift_hash_suffix => $os_params::swift_hash_suffix,
|
|
package_ensure => latest,
|
|
}
|
|
class {"os_swift_system::tweaking": }
|
|
}
|
|
|
|
class os_swift_system::tweaking {
|
|
file {"/etc/sysctl.d/swift-tuning.conf":
|
|
content => "
|
|
# disable TIME_WAIT.. wait..
|
|
net.ipv4.tcp_tw_recycle=1
|
|
net.ipv4.tcp_tw_reuse=1
|
|
|
|
# disable syn cookies
|
|
net.ipv4.tcp_syncookies = 0
|
|
|
|
# double amount of allowed conntrack
|
|
net.ipv4.netfilter.ip_conntrack_max = 524288
|
|
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 2
|
|
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 2
|
|
|
|
net.ipv4.ip_local_port_range = 1024 65000
|
|
|
|
## 10Gb Tuning
|
|
net.core.netdev_max_backlog = 300000
|
|
net.ipv4.tcp_timestamps = 0
|
|
net.ipv4.tcp_sack = 0
|
|
|
|
",
|
|
owner => "root",
|
|
group => "root",
|
|
}
|
|
|
|
exec{"update-etc-modules-with-ip_conntrack":
|
|
command => "/bin/echo ip_conntrack >> /etc/modules",
|
|
unless => "/bin/grep -qFx 'ip_conntrack' /etc/modules",
|
|
}
|
|
|
|
# Load sysctl and module only the first time
|
|
exec{"load-ip_conntrack":
|
|
command => "/sbin/modprobe ip_conntrack",
|
|
unless => "/bin/grep -qFx 'ip_conntrack' /etc/modules",
|
|
require => File['/etc/sysctl.d/swift-tuning.conf']
|
|
}
|
|
exec{"reload-sysctl-swift-tunning":
|
|
command => "/sbin/sysctl -p /etc/sysctl.d/swift-tuning.conf",
|
|
unless => "/bin/grep -qFx 'ip_conntrack' /etc/modules",
|
|
require => File['/etc/sysctl.d/swift-tuning.conf']
|
|
}
|
|
|
|
file{"/var/log/swift":
|
|
ensure => directory,
|
|
owner => swift,
|
|
group => swift,
|
|
}
|
|
|
|
file{"/etc/logrotate.d/swift":
|
|
content => "
|
|
/var/log/swift/proxy.log /var/log/swift/proxy.error.log /var/log/swift/account-server.log /var/log/swift/account-server.error.log /var/log/swift/container-server.log /var/log/swift/container-server.error.log /var/log/swift/object-server.log /var/log/swift/object-server.error.log
|
|
{
|
|
rotate 7
|
|
daily
|
|
missingok
|
|
notifempty
|
|
delaycompress
|
|
compress
|
|
postrotate
|
|
endscript
|
|
}
|
|
"
|
|
}
|
|
|
|
}
|