Forge Home

easy_sysctl

Abstraction layer above augeasproviders_sysctl module to make using hiera easier and less verbose.

7,696 downloads

2,157 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.0.3 (latest)
  • 1.0.2
  • 1.0.1
  • 1.0.0
released Aug 31st 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2016.4.x
  • Puppet >= 4.10.0 < 7.0.0
  • , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'qtechnologies-easy_sysctl', '1.0.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add qtechnologies-easy_sysctl
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install qtechnologies-easy_sysctl --version 1.0.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: sysctl, hiera

Documentation

qtechnologies/easy_sysctl — version 1.0.3 Aug 31st 2020

easy_sysctl

Table of Contents

  1. Description
  2. Instructions

Description

This module wraps around the augeasproviders_sysctl module to make it easier to drive through Hiera. It adds an abstraction layer, allowing you to build hashes of data in hiera for your sysctl configuration with minimal setting metadata. It will merge the hashes found in Hiera.

It groups the sysctl settings into actions within hiera. The following groupings are currently implemented:

  • active - these settings are only made active in the running kernel and will not be written to disk
  • persist - these settings will become immediately active and written to disk so they are active on the next reboot
  • remove - these settings will be removed (any entries conflicting with persist octive will be ignored)

The hashes in Hiera have an intermediate level in them which allows different setting for each OS family of Linux within the same Hiera scope.

Setting kernel parameter values uses a hash of names and values. If the values are provided as an array, the first element is the value, the second is the comment.

Removing items from sysctl is simply a list of kernel parameter names.

Instructions

Include the class:

  class { 'easy_sysctl': }

Specify hiera details along the following lines:

sysctl::active: 
  Linux:
    net.core.rmem_max: 67108864
sysctl::persist:
  Linux:
    kernel.msgmax: 65536
    kernel.msgmnb: [65536,"set to this value for various reasons"]
    kernel.randomize_va_space: 1
    kernel.sysrq: 1
    net.core.netdev_max_backlog: 250000
    net.core.wmem_max: 67108864
    net.ipv4.conf.all.secure_redirects: 1
    net.ipv4.conf.default.accept_source_route: 0
    net.ipv4.conf.default.rp_filter: 2
    net.ipv4.ip_forward: 0
    net.ipv4.tcp_congestion_control: reno
    net.ipv4.tcp_no_metrics_save: 1
    net.ipv4.tcp_rmem: "4096        87380   67108864"
    net.ipv4.tcp_sack: 1
    net.ipv4.tcp_syncookies: 1
    net.ipv4.tcp_timestamps: 1
    net.ipv4.tcp_wmem: "4096        65536   67108864"
  Debian: 
    net.ipv6.conf.all.disable_ipv6: 1
  RedHat: 
    net.ipv6.conf.all.disable_ipv6: 0

sysctl::remove:
  Linux:
    - kernel.core_uses_pid