[neutron] Adjust neighbour table thresholds

When clouds have a large number of hosts, the default size of the ARP cache is too small. The cache can overflow, which means that the system has no way to reach some IP addresses. Increasing threshold limits addresses the situation, in a reasonably safe way (the maximum impact is 5MB or so of additional RAM used). More context on this issue: * http://man7.org/linux/man-pages/man7/arp.7.html * https://bugs.launchpad.net/charm-nova-compute/+bug/1780348 * https://bugs.launchpad.net/fuel/+bug/1488938 * https://bugs.launchpad.net/tripleo/+bug/1690087 * 0583a0c949 * 3dd21ea62a * 1651a1805a Change-Id: I60c871e8eb9f2c086818ff077987f2390930800c Closes-Bug: #1844349 (cherry picked from commit 4234cc4b5b)
2019-11-27 16:32:47 +01:00 · 2019-11-27 16:32:47 +01:00 · 3563497a4f
parent 66e2f000ee
commit 3563497a4f
2 changed files with 12 additions and 0 deletions
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -325,6 +325,12 @@ neutron_logging_debug: "{{ openstack_logging_debug }}"
 openstack_neutron_auth: "{{ openstack_auth }}"

 neutron_l3_agent_host_rp_filter_mode: 0
+neutron_l3_agent_host_ipv4_neigh_gc_thresh1: 128
+neutron_l3_agent_host_ipv4_neigh_gc_thresh2: 28672
+neutron_l3_agent_host_ipv4_neigh_gc_thresh3: 32768
+neutron_l3_agent_host_ipv6_neigh_gc_thresh1: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"
+neutron_l3_agent_host_ipv6_neigh_gc_thresh2: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"
+neutron_l3_agent_host_ipv6_neigh_gc_thresh3: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"

 ####################
 # Extension drivers
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@ -8,6 +8,12 @@
    - { name: "net.ipv4.ip_forward", value: 1}
    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
  when:
    - set_sysctl | bool
    - (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)