d1cd6a9617
For swift storage hosts we are seeing a lot of connections in TIME WAIT status, violating nf_conntrack. Setting tcp_tw_reuse should help alleviate this. Additionally, in order for tcp_tw_reuse to be set safely we need to ensure nf_conntrack is loaded. Change-Id: I4392c4022a9a5a884d07eb6fbf27093f0b16f914 Closes-Bug: #1441363
80 lines
2.3 KiB
YAML
80 lines
2.3 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: "Enable nf_conntrack"
|
|
modprobe:
|
|
name: "nf_conntrack"
|
|
state: present
|
|
|
|
- name: "Set sysctl tcp_tw_reuse"
|
|
sysctl:
|
|
name: "net.ipv4.tcp_tw_reuse"
|
|
state: present
|
|
value: "1"
|
|
sysctl_set: yes
|
|
|
|
# We need swift_vars to exist for the "swift_vars.drives is defined check" to work
|
|
- name: "Set swift_vars if undefined"
|
|
set_fact:
|
|
swift_vars: "{}"
|
|
when: swift_vars is not defined
|
|
|
|
- name: "Put /etc/rsyncd.conf in place"
|
|
template:
|
|
src: "rsyncd.conf.j2"
|
|
dest: "/etc/rsyncd.conf"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
notify: Restart rsync service
|
|
|
|
- name: "Enable rsync in defaults"
|
|
lineinfile:
|
|
dest: "/etc/default/rsync"
|
|
line: "RSYNC_ENABLE=true"
|
|
regexp: "^RSYNC_ENABLE*"
|
|
notify: Restart rsync service
|
|
|
|
# We need the location of swift-recon-cron
|
|
- name: "Get location of swift-recon-cron"
|
|
shell: which swift-recon-cron
|
|
register: recon_cron_path
|
|
|
|
- name: "Setup swift-recon-cron cron job"
|
|
cron:
|
|
name: "swift-recon-cron run"
|
|
minute: "*/5"
|
|
user: "swift"
|
|
job: "{{ recon_cron_path.stdout }} /etc/swift/object-server/object-server.conf"
|
|
cron_file: "swift_recon_cron"
|
|
|
|
- name: "Set ownership on mounted drives"
|
|
file:
|
|
dest: "{{ swift_vars.mount_point | default(swift.mount_point) }}/{{ item.name }}"
|
|
owner: "{{ swift_system_user_name }}"
|
|
group: "{{ swift_system_group_name }}"
|
|
state: "directory"
|
|
with_items: swift_vars.drives
|
|
when: swift_vars.drives is defined
|
|
|
|
- name: "Set ownership on default mounted drives"
|
|
file:
|
|
dest: "{{ swift_vars.mount_point | default(swift.mount_point) }}/{{ item.name }}"
|
|
owner: "{{ swift_system_user_name }}"
|
|
group: "{{ swift_system_group_name }}"
|
|
state: "directory"
|
|
with_items: swift.drives
|
|
when: swift_vars.drives is not defined
|