19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
# File 'manifests/object/tweaking.pp', line 19
class cloud::object::tweaking {
file {'/etc/sysctl.d/swift-tuning.conf':
content => "
# disable TIME_WAIT.. wait..
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_tw_reuse=1
# disable syn cookies
net.ipv4.tcp_syncookies = 0
# double amount of allowed conntrack
net.ipv4.netfilter.ip_conntrack_max = 524288
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 2
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 2
net.ipv4.ip_local_port_range = 1024 65000
## 10Gb Tuning
net.core.netdev_max_backlog = 300000
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_sack = 0
",
owner => 'root',
group => 'root',
}
exec{'update-etc-modules-with-ip_conntrack':
command => '/bin/echo ip_conntrack >> /etc/modules',
unless => '/bin/grep -qFx "ip_conntrack" /etc/modules',
}
# Load sysctl and module only the first time
exec{'load-ip_conntrack':
command => '/sbin/modprobe ip_conntrack',
unless => '/bin/grep -qFx "ip_conntrack" /etc/modules',
require => File['/etc/sysctl.d/swift-tuning.conf']
}
exec{'reload-sysctl-swift-tunning':
command => '/sbin/sysctl -p /etc/sysctl.d/swift-tuning.conf',
unless => '/bin/grep -qFx "ip_conntrack" /etc/modules',
require => File['/etc/sysctl.d/swift-tuning.conf']
}
file{'/var/log/swift':
ensure => directory,
owner => swift,
group => swift,
}
file{'/etc/logrotate.d/swift':
content => "
/var/log/swift/proxy.log /var/log/swift/proxy.error.log /var/log/swift/account-server.log /var/log/swift/account-server.error.log /var/log/swift/container-server.log /var/log/swift/container-server.error.log /var/log/swift/object-server.log /var/log/swift/object-server.error.log
{
rotate 7
daily
missingok
notifempty
delaycompress
compress
postrotate
endscript
}
"
}
}
|