Server params tweaking

* tweaked kernel params
* tweaked php params

Change-Id: I9e9a864182e22e7387a10535a57b822a5dfdb5c0

files/php.ini

@@ -373,7 +373,7 @@ zend.enable_gc = On
 ; threat in any way, but it makes it possible to determine whether you use PHP
 ; on your server or not.
 ; http://php.net/expose-php
-expose_php = On
+expose_php = Off
 
 ;;;;;;;;;;;;;;;;;;;
 ; Resource Limits ;
@@ -382,7 +382,7 @@ expose_php = On
 ; Maximum execution time of each script, in seconds
 ; http://php.net/max-execution-time
 ; Note: This directive is hardcoded to 0 for the CLI SAPI
-max_execution_time = 60
+max_execution_time = 5
 
 ; Maximum amount of time each script may spend parsing request data. It's a good
 ; idea to limit this time on productions servers in order to eliminate unexpectedly
@@ -548,7 +548,7 @@ track_errors = Off
 ; Development Value: On
 ; Production value: On
 ; http://php.net/html-errors
-html_errors = On
+html_errors = Off
 
 ; If html_errors is set to On *and* docref_root is not empty, then PHP
 ; produces clickable error messages that direct to a page describing the error
@@ -765,7 +765,7 @@ enable_dl = Off
 ; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
 ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
 ; http://php.net/cgi.fix-pathinfo
-;cgi.fix_pathinfo=1
+cgi.fix_pathinfo=1
 
 ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
 ; security tokens of the calling client.  This allows IIS to define the
@@ -830,7 +830,7 @@ allow_url_include = Off
 
 ; Default timeout for socket based streams (seconds)
 ; http://php.net/default-socket-timeout
-default_socket_timeout = 60
+default_socket_timeout = 5
 
 ; If your scripts have to deal with files from Macintosh systems,
 ; or you are running on a Mac and need to deal with files from
@@ -876,7 +876,7 @@ cli_server.color = On
 [Date]
 ; Defines the default timezone used by the date functions
 ; http://php.net/date.timezone
-;date.timezone =
+date.timezone = 'UTC'
 
 ; http://php.net/date.default-latitude
 ;date.default_latitude = 31.7667

manifests/init.pp

@@ -436,26 +436,29 @@ class openstackid (
   # system configuration tweaking
   $my_sysctl_settings = {
     # redis : http://redis.io/topics/admin
-    'vm.overcommit_memory'        => { value => 1 },
-    'net.core.rmem_default'       => { value => 31457280 },
-    'net.core.rmem_max'           => { value => 12582912 },
-    'net.core.wmem_default'       => { value => 31457280 },
-    'net.core.wmem_max'           => { value => 12582912 },
+    'vm.overcommit_memory'         => { value => 1 },
+    'net.core.rmem_default'        => { value => 31457280 },
+    'net.core.rmem_max'            => { value => 12582912 },
+    'net.core.wmem_default'        => { value => 31457280 },
+    'net.core.wmem_max'            => { value => 12582912 },
+    # Defines the size of the kernel queue for accepting new connections.
     # Increase number of incoming connections
-    'net.core.somaxconn'          => { value => 4096 },
+    'net.core.somaxconn'           => { value => 4096 },
     # Increase number of incoming connections backlog
-    'net.core.netdev_max_backlog' => { value => 65536 },
-    'net.core.optmem_max'         => { value => 25165824 },
-    'net.ipv4.tcp_mem'            => { value => "65536\t131072\t262144" },
-    'net.ipv4.udp_mem'            => { value => "65536\t131072\t262144" },
-    'net.ipv4.tcp_rmem'           => { value => "8192\t87380\t16777216" },
-    'net.ipv4.udp_rmem_min'       => { value => 16384 },
-    'net.ipv4.tcp_wmem'           => { value => "8192\t65536\t16777216" },
-    'net.ipv4.udp_wmem_min'       => { value => 16384 },
-    'net.ipv4.tcp_max_tw_buckets' => { value => 1440000 },
+    'net.core.netdev_max_backlog'  => { value => 65536 },
+    'net.core.optmem_max'          => { value => 25165824 },
+    # Defines the range of usable ports on your system.
+    'net.ipv4.ip_local_port_range' => { value => "10000\t65535"},
+    'net.ipv4.tcp_mem'             => { value => "65536\t131072\t262144" },
+    'net.ipv4.udp_mem'             => { value => "65536\t131072\t262144" },
+    'net.ipv4.tcp_rmem'            => { value => "8192\t87380\t16777216" },
+    'net.ipv4.udp_rmem_min'        => { value => 16384 },
+    'net.ipv4.tcp_wmem'            => { value => "8192\t65536\t16777216" },
+    'net.ipv4.udp_wmem_min'        => { value => 16384 },
+    'net.ipv4.tcp_max_tw_buckets'  => { value => 1440000 },
     # Increase the tcp-time-wait buckets pool size to prevent simple DOS attacks
-    'net.ipv4.tcp_tw_recycle'     => { value => 1 },
-    'net.ipv4.tcp_tw_reuse'       => { value => 1 },
+    'net.ipv4.tcp_tw_recycle'      => { value => 1 },
+    'net.ipv4.tcp_tw_reuse'        => { value => 1 },
   }
 
   $my_sysctl_defaults = {