Role - tripleo-kernel¶
Role Documentation¶
Welcome to the “tripleo_kernel” role documentation.
Role Defaults¶
This section highlights all of the defaults and variables set within the “tripleo_kernel” role.
# All variables intended for modification should be placed in this file.
tripleo_kernel_extra_modules: {}
tripleo_kernel_extra_packages: {}
tripleo_kernel_sysctl_extra_settings: {}
tripleo_kernel_args: ''
tripleo_kernel_reboot_timeout: 3600
tripleo_kernel_post_reboot_delay: 60
tripleo_kernel_defer_reboot: false
tripleo_kernel_reboot_protection: false
Role Variables: main.yml¶
tripleo_kernel_modules:
br_netfilter: {}
nf_conntrack: {}
tripleo_kernel_sysctl_settings:
net.ipv4.tcp_keepalive_intvl:
value: 1
net.ipv4.tcp_keepalive_probes:
value: 5
net.ipv4.tcp_keepalive_time:
value: 5
net.ipv4.conf.default.send_redirects:
value: 0
net.ipv4.conf.all.send_redirects:
value: 0
net.ipv4.conf.all.arp_accept:
value: 1
net.ipv4.conf.default.accept_redirects:
value: 0
net.ipv4.conf.default.secure_redirects:
value: 0
net.ipv4.conf.all.secure_redirects:
value: 0
net.ipv4.conf.default.log_martians:
value: 1
net.ipv4.conf.all.log_martians:
value: 1
net.nf_conntrack_max:
value: 500000
net.netfilter.nf_conntrack_max:
value: 500000
net.ipv6.conf.all.accept_ra:
value: 0
net.ipv6.conf.default.accept_ra:
value: 0
net.ipv6.conf.all.autoconf:
value: 0
net.ipv6.conf.default.autoconf:
value: 0
net.ipv6.conf.default.accept_redirects:
value: 0
net.ipv6.conf.all.accept_redirects:
value: 0
net.ipv4.conf.all.arp_notify:
value: 1
net.ipv6.conf.all.ndisc_notify:
value: 1
net.core.netdev_max_backlog:
value: 10000
kernel.dmesg_restrict:
value: 1
fs.suid_dumpable:
value: 0
Molecule Scenarios¶
Molecule is being used to test the “tripleo_kernel” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.
- Driver: delegated
- Driver: delegated
- Driver: delegated
- Driver: delegated
Scenario: kernelargs¶
Molecule Options¶
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
Molecule Inventory¶
hosts:
all:
hosts:
instance:
ansible_host: localhost
Example kernelargs playbook¶
- name: Converge
hosts: all
become: true
tasks:
- include_role:
name: tripleo_kernel
tasks_from: kernelargs.yml
vars:
tripleo_kernel_args: test=1
tripleo_kernel_defer_reboot: true
Scenario: extra¶
Molecule Options¶
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
Molecule Inventory¶
hosts:
all:
hosts:
instance:
ansible_host: localhost
Example extra playbook¶
- name: Converge
hosts: all
roles:
- role: tripleo_kernel
tripleo_kernel_extra_modules:
dummy: {}
tripleo_kernel_extra_packages:
kmod-kvdo: {}
tripleo_kernel_sysctl_extra_settings:
kernel.ftrace_dump_on_oops:
value: 1
Scenario: kernelargs-update¶
Molecule Options¶
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
Molecule Inventory¶
hosts:
all:
hosts:
instance:
ansible_host: localhost
Example kernelargs-update playbook¶
- name: Converge
hosts: all
become: true
vars:
tripleo_kernel_args: test=1
tasks:
- name: create kernelargs entry with the older name
lineinfile:
dest: /etc/default/grub
regexp: ^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*
insertafter: ^GRUB_CMDLINE_LINUX.*
line: TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS=" {{ tripleo_kernel_args }} "
- name: create append entry with older name
lineinfile:
dest: /etc/default/grub
line: GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX:+$GRUB_CMDLINE_LINUX }${TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS}"
insertafter: ^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*
- include_role:
name: tripleo_kernel
tasks_from: kernelargs.yml
vars:
tripleo_kernel_defer_reboot: true
Scenario: default¶
Molecule Options¶
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
Molecule Inventory¶
hosts:
all:
hosts:
instance:
ansible_host: localhost
Example default playbook¶
- name: Converge
hosts: all
roles:
- role: tripleo_kernel