/sysctl

Development repository for the sysctl cookbook

Primary LanguageRubyApache License 2.0Apache-2.0

The sysctl resource from this cookbook is now shipping as part of Chef 14. With the inclusion of this resource into Chef itself we are now deprecating this cookbook. It will continue to function for Chef 13 users, but will not be updated.

sysctl cookbook

Cookbook Version CircleCI License

Warning: Depreciated Cookbook

This cookbook is now a core resource in Chef 14.

summary:

Use the sysctl_param resource to set kernel parameters using the sysctl command line tool and configuration files in the system's sysctl.d directory. Configuration files managed by this resource are named 99-chef-KEYNAME.conf. If an existing value was already set for the value it will be backed up to the node and restored if the :remove action is used later.

Please read the changelog when upgrading from the v0.x series to the v1.x series

Requirements

Platforms

  • Amazon Linux (Integration tested)
  • Debian/Ubuntu (Integration tested)
  • RHEL/CentOS (Integration tested)
  • openSUSE (Integration tested)
  • PLD Linux
  • Exherbo
  • Arch Linux
  • SLES 12+

Chef

  • 12.7+

sysctl_param

Actions

  • :apply (default)
  • :remove

Properties

property type description
key String the path to the kernel parameter
value String, Integer, Float, Array the value to set for the kernel parameter
ignore_error True / False Should the resource fail if setting the parameter via the sysctl command line was unsuccessful

Examples

Set vm.swappiness to 20 via sysctl_param resource

Include sysctl in your metadata.rb

# metadata.rb

name 'my_app'
version '0.1.0'
depends 'sysctl'

Use the resource

# recipes/default.rb
sysctl_param 'vm.swappiness' do
  value 20
end

Remove sysctl parameter and set net.ipv4.tcp_fin_timeout back to default

sysctl_param 'net.ipv4.tcp_fin_timeout' do
  value 30
  action :remove
end

Add sysctl parameter but ignore errors if they arise

sysctl_param 'kernel.randomize_va_space' do
  value 0
  ignore_error true
end

Ohai Plugin

The cookbook also includes an Ohai plugin that can be installed by adding sysctl::ohai_plugin to your run_list. This will populate node['sys'] with automatic attributes that mirror the layout of /proc/sys.

To see Ohai plugin output manually, you can run ohai -d /etc/chef/ohai/plugins sys on the command line.

Additional Reading

There are a lot of different documents that talk about system control parameters, the hope here is to point to some of the most useful ones to provide more guidance as to what the possible kernel parameters are and what they mean.

Development

We have written unit tests using chefspec and integration tests in InSpec executed via test-kitchen. Much of the tooling around this cookbook is exposed via guard and test kitchen, so it is highly recommended to learn more about those tools. The easiest way to get started is to install the Chef Development Kit

Running tests

Install ChefDK from chefdk.io

# Run the unit & lint tests
chef exec delivery local all

# Run the integration suites
kitchen test