Merge "conntrack: set sane sysctl defaults"

2023-05-26 14:13:26 +00:00 · 2023-05-26 14:13:26 +00:00 · eb1980f0e3
parent 93a1214feb d9a8025ac3
commit eb1980f0e3
2 changed files with 11 additions and 1 deletions
--- a/config.yaml
+++ b/config.yaml
@ -191,7 +191,16 @@ options:
      to run. Supported modules currently include os, ssh, apache and mysql.
  sysctl:
    type: string
-    default:
+    default: |
+      { net.ipv4.neigh.default.gc_thresh1 : 128,
+        net.ipv4.neigh.default.gc_thresh2 : 28672,
+        net.ipv4.neigh.default.gc_thresh3 : 32768,
+        net.ipv6.neigh.default.gc_thresh1 : 128,
+        net.ipv6.neigh.default.gc_thresh2 : 28672,
+        net.ipv6.neigh.default.gc_thresh3 : 32768,
+        net.nf_conntrack_max : 1000000,
+        net.netfilter.nf_conntrack_buckets : 204800,
+        net.netfilter.nf_conntrack_max : 1000000 }
    description: |
      YAML formatted associative array of sysctl values, e.g.:
      '{ kernel.pid_max : 4194303 }'
--- a/unit_tests/test_swift_storage_relations.py
+++ b/unit_tests/test_swift_storage_relations.py
@ -67,6 +67,7 @@ TO_PATCH = [
    'setup_ufw',
    'revoke_access',
    'kv',
+    'create_sysctl',
 ]