tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

library/roles/linux-kernel-sysctl: Role that sets arbitrary kernel parameters. Only ipv6 is explicitly managed.

This commit is contained in:
Andrea Dell'Amico 2016-10-11 17:37:33 +02:00
parent 7b99c4bc7c
commit e32757dd39
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
linux-kernel-sysctl/defaults/main.yml Normal file
View File

@ -0,0 +1,12 @@
---
sysctl_custom_file: /etc/sysctl.d/90-custom-values.conf
sysctl_opts_reload: yes
sysctl_custom_file_state: present
# Only name and value are mandatory. The others have defaults
systemctl_custom_options:
- { name: 'net.nf_conntrack_max', value: '32768', sysctlfile: '{{ sysctl_custom_file }}', sysctl_reload: '{{ sysctl_opts_reload }}', sysctlfile_state: '{{ sysctl_custom_file_state }}' }
disable_ipv6: True
ipv6_sysctl_value: 1
ipv6_sysctl_file: /etc/sysctl.d/10-ipv6-disable.conf

26
linux-kernel-sysctl/tasks/main.yml Normal file
View File

@ -0,0 +1,26 @@
---
- block:
- name: Ensure that the /etc/sysctl.d directory exists
file: path=/etc/sysctl.d state=directory owner=root group=root
- name: Disable the in kernel ipv6 support
sysctl: name={{ item }} value=1 sysctl_file={{ ipv6_sysctl_file }} reload=yes state=present
with_items:
- net.ipv6.conf.all.disable_ipv6
- net.ipv6.conf.default.disable_ipv6
- net.ipv6.conf.lo.disable_ipv6
when: disable_ipv6
- name: enable the in kernel ipv6 support
sysctl: name={{ item }} value=0 sysctl_file={{ ipv6_sysctl_file }} reload=yes state=present
with_items:
- net.ipv6.conf.all.disable_ipv6
- net.ipv6.conf.default.disable_ipv6
- net.ipv6.conf.lo.disable_ipv6
when: not disable_ipv6
- name: Set the custom sysctl values
sysctl: name={{ item.name }} value={{ item.value }} sysctl_file={{ item.sysctlfile | default ('/etc/sysctl.d/90-custom-values.conf') }} reload={{ item.sysctl_reload | default('yes') }} state={{ item.sysctlfile_state | default('present') }}
with_items: '{{ systemctl_custom_options }}'
tags: [ 'sysctl', 'kernel' ]