Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / opencontrail / 6c09e035ea52dba45195e2a273401a0972836fba / . / opencontrail / common.sls
blob: b3ae6a7311f9c5b4acbb68a46d2a52da4eab27be [file] [log] [blame]
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1{%- from "opencontrail/map.jinja" import common with context %}
2
Pavel Svimbersky50198682017-10-26 10:18:59 +0200[diff] [blame]3{%- if not common.get('config_only', False) %}
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]4opencontrail_common_packages:
5 pkg.installed:
6 - names: {{ common.pkgs }}
Pavel Svimbersky50198682017-10-26 10:18:59 +0200[diff] [blame]7{% endif %}
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]8
Jakub Pavlik00d97c92016-05-27 14:33:50 +0200[diff] [blame]9
10/var/crashes:
11 file.directory
12
13{%- if not grains.get('noservices', False) %}
14
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]15iptables:
16 service.dead:
17 - enable: false
18 - name: iptables
Olivier Bourdon02ed6bb2016-11-10 13:57:20 +0100[diff] [blame]19 - onlyif: service iptables status
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]20
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]21net.ipv4.ip_forward:
22 sysctl.present:
23 - value: 1
24
25kernel.core_pattern:
26 sysctl.present:
27 - value: "/var/crashes/core.%e.%p.%h.%t"
28
29net.netfilter.nf_conntrack_max:
30 sysctl.present:
31 - value: 256000
32
33{% if not pillar.opencontrail.compute is defined %}
34
35net.netfilter.nf_conntrack_tcp_timeout_time_wait:
36 sysctl.present:
37 - value: 30
38
39{% endif %}
40
41net.ipv4.tcp_syncookies:
42 sysctl.present:
43 - value: 1
44
45net.ipv4.tcp_tw_recycle:
46 sysctl.present:
47 - value: 1
48
49net.ipv4.tcp_tw_reuse:
50 sysctl.present:
51 - value: 1
52
53net.ipv4.tcp_fin_timeout:
54 sysctl.present:
55 - value: 30
56
57net.unix.max_dgram_qlen:
58 sysctl.present:
59 - value: 1000
60
61net.ipv4.tcp_keepalive_time:
62 sysctl.present:
63 - value: 5
64
65net.ipv4.tcp_keepalive_probes:
66 sysctl.present:
67 - value: 5
68
69net.ipv4.tcp_keepalive_intvl:
70 sysctl.present:
71 - value: 1
72
73fs.file-max:
74 sysctl.present:
Jakub Pavlik94b6d042016-04-14 11:25:29 +0200[diff] [blame]75 - value: 124165
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]76
77security_limits_conf:
78 cmd.run:
79 - names:
Olivier Bourdoncdd8d3f2016-11-10 14:00:52 +0100[diff] [blame]80 - sed -i '/^root\s*soft\s*nofile\s*.*/d' /etc/security/limits.conf && printf "root soft nofile 65535\n" >> /etc/security/limits.conf
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]81 - sed -i '/^*\s*hard\s*nofile\s*.*/d' /etc/security/limits.conf && printf "* hard nofile 65535\n" >> /etc/security/limits.conf
82 - sed -i '/^*\s*soft\s*nofile\s*.*/d' /etc/security/limits.conf && printf "* soft nofile 65535\n" >> /etc/security/limits.conf
83 - sed -i '/^*\s*hard\s*nproc\s*.*/d' /etc/security/limits.conf && printf "* hard nproc 65535\n" >> /etc/security/limits.conf
84 - sed -i '/^*\s*soft\s*nproc\s*.*/d' /etc/security/limits.conf && printf "* soft nofile 65535\n" >> /etc/security/limits.conf
85 - onlyif: test -e /etc/security/limits.conf
86
87vm.overcommit_memory:
88 sysctl.present:
89 - value: 1
90
Jakub Pavlik00d97c92016-05-27 14:33:50 +0200[diff] [blame]91{% endif %}
92
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]93/etc/contrail:
94 file.directory
95
marco10cc2212016-04-03 14:21:54 +0200[diff] [blame]96{%- if common.identity.engine == "keystone" %}
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]97/etc/contrail/service.token:
98 file.managed:
99 - contents: "{{ common.identity.token }}"
100 - require:
101 - file: /etc/contrail
102
103/etc/contrail/ctrl-details:
104 file.managed:
105 - source: salt://opencontrail/files/{{ common.version }}/ctrl-details
106 - template: jinja
107 - require:
108 - file: /etc/contrail
109
Petr Jediný811ab472017-03-22 15:59:28 +0100[diff] [blame]110{%- if common.version < 3.0 %}
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]111/etc/contrail/openstackrc:
112 file.managed:
113 - source: salt://opencontrail/files/{{ common.version }}/openstackrc
114 - template: jinja
115 - require:
116 - file: /etc/contrail
117
118/etc/contrail/keystonerc:
119 file.managed:
120 - source: salt://opencontrail/files/{{ common.version }}/keystonerc
121 - template: jinja
122 - require:
123 - file: /etc/contrail
Jakub Pavlik94b6d042016-04-14 11:25:29 +0200[diff] [blame]124{%- endif %}
Michel Nederlof5364ab62017-12-11 15:02:25 +0100[diff] [blame]125
Michel Nederlof5364ab62017-12-11 15:02:25 +0100[diff] [blame]126{%- endif %}