From 0f6ec5b5f469444910687803f1a4de90a359b670 Mon Sep 17 00:00:00 2001 From: Seth Thomas Date: Thu, 2 Jul 2015 15:36:18 -0700 Subject: [PATCH 1/2] DRYing up kitchen configs, updating/deprecating platforms, and refactoring sysctl as it's own recipe (with tests) --- .kitchen.cloud.yml | 86 +++++++++-------- .kitchen.yml | 74 +++++++------- attributes/default.rb | 11 --- recipes/default.rb | 19 ++-- recipes/sysctl.rb | 31 ++++++ .../sysctl/serverspec/spec_helper.rb | 6 ++ .../sysctl/serverspec/sysctl_spec.rb | 96 +++++++++++++++++++ 7 files changed, 227 insertions(+), 96 deletions(-) create mode 100755 recipes/sysctl.rb create mode 100755 test/integration/sysctl/serverspec/spec_helper.rb create mode 100755 test/integration/sysctl/serverspec/sysctl_spec.rb diff --git a/.kitchen.cloud.yml b/.kitchen.cloud.yml index 797ed81..959d9dc 100644 --- a/.kitchen.cloud.yml +++ b/.kitchen.cloud.yml @@ -1,14 +1,23 @@ +<% +version = '2.1.1' +split = version.split('.') +maj = split[0] +min = split[1] +inc = split[2] +url = "http://s3.amazonaws.com/downloads.basho.com/riak/#{maj}.#{min}" +%> --- provisioner: name: chef_zero - require_chef_omnibus: latest + require_chef_omnibus: 12.3.0 platforms: - name: amazon-2014.09.01 driver: name: ec2 - image_id: ami-9a6ed3f2 + image_id: ami-5ba7ea6b + transport: username: ec2-user ssh_key: <%= ENV["EC2_SSH_KEY_PATH"] %> run_list: @@ -17,47 +26,47 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/6" + url: "<%= url %>/<%= version %>/rhel/6" - name: ubuntu-14-04-x64 driver: name: digitalocean + run_list: + - recipe[apt] attributes: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/ubuntu/trusty" - run_list: - - recipe[apt] + url: "<%= url %>/<%= version %>/ubuntu/trusty" - name: ubuntu-12-04-x64 driver: name: digitalocean + run_list: + - recipe[apt] attributes: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/ubuntu/precise" - run_list: - - recipe[apt] + url: "<%= url %>/<%= version %>/ubuntu/precise" - name: debian-7-0-x64 driver: name: digitalocean + run_list: + - recipe[apt] attributes: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/debian/7" - run_list: - - recipe[apt] + url: "<%= url %>/<%= version %>/debian/7" - name: centos-7-0-x64 driver: name: digitalocean + run_list: + - recipe[yum-epel] attributes: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/7" - run_list: - - recipe[yum-epel] + url: "<%= url %>/<%= version %>/rhel/7" - name: centos-6-5-x64 driver: name: digitalocean @@ -67,7 +76,7 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/6" + url: "<%= url %>/<%= version %>/rhel/6" - name: centos-5-8-x64 driver: name: digitalocean @@ -77,21 +86,12 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/5" -- name: fedora-19-x64 - driver: - name: digitalocean - attributes: - riak: - package: - local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/fedora/19" - provisioner: - root_path: /home/vagrant/kitchen + url: "<%= url %>/<%= version %>/rhel/5" suites: - name: default run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: @@ -99,49 +99,55 @@ suites: local: filename: "" version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> - name: search run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: manage_java: true package: version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> config: search.top_level: "on" - excludes: ["freebsd-10.1", "freebsd-9.2"] - name: enterprise run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: package: version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> local: url: "" enterprise_key: <%= (ENV["RIAK_ENTERPRISE_KEY"].nil? ? "" : ENV["RIAK_ENTERPRISE_KEY"]) %> - name: custom_package run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: install_method: "custom_package" - name: source run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: install_method: "source" source: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> +- name: sysctl + run_list: + - recipe[riak::sysctl] diff --git a/.kitchen.yml b/.kitchen.yml index f720dba..9bffb66 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -1,7 +1,15 @@ +<% +version = '2.1.1' +split = version.split('.') +maj = split[0] +min = split[1] +inc = split[2] +url = "http://s3.amazonaws.com/downloads.basho.com/riak/#{maj}.#{min}" +%> --- driver: name: vagrant - require_chef_omnibus: true + require_chef_omnibus: 12.3.0 customize: memory: 512 @@ -16,7 +24,7 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/ubuntu/trusty" + url: "<%= url %>/<%= version %>/ubuntu/trusty" - name: ubuntu-12.04 run_list: - recipe[apt] @@ -24,7 +32,7 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/ubuntu/precise" + url: "<%= url %>/<%= version %>/ubuntu/precise" - name: debian-7.8 run_list: - recipe[apt] @@ -32,15 +40,15 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/debian/7" -- name: centos-7.0 + url: "<%= url %>/<%= version %>/debian/7" +- name: centos-7.1 run_list: - recipe[yum-epel] attributes: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/7" + url: "<%= url %>/<%= version %>/rhel/7" - name: centos-6.6 run_list: - recipe[yum-epel] @@ -48,7 +56,7 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/6" + url: "<%= url %>/<%= version %>/rhel/6" - name: centos-5.11 run_list: - recipe[yum-epel] @@ -56,15 +64,7 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/rhel/5" -- name: fedora-19 - attributes: - riak: - package: - local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/fedora/19" - provisioner: - root_path: /home/vagrant/kitchen + url: "<%= url %>/<%= version %>/rhel/5" - name: freebsd-10.1 driver: guest: ":freebsd" @@ -75,8 +75,8 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/freebsd/10" -- name: freebsd-9.2 + url: "<%= url %>/<%= version %>/freebsd/10" +- name: freebsd-9.3 driver: guest: ":freebsd" vagrantfile_erb: vagrantfile_bsd.erb @@ -86,58 +86,68 @@ platforms: riak: package: local: - url: "http://s3.amazonaws.com/downloads.basho.com/riak/2.1/2.1.1/freebsd/9.2" + url: "<%= url %>/<%= version %>/freebsd/9.2" suites: - name: default run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: package: version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> - name: search run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: manage_java: true package: version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> config: search.top_level: "on" - excludes: ["freebsd-10.1", "freebsd-9.2"] + excludes: ["freebsd-10.1", "freebsd-9.3"] - name: enterprise run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: package: version: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> local: url: "" enterprise_key: <%= (ENV["RIAK_ENTERPRISE_KEY"].nil? ? "" : ENV["RIAK_ENTERPRISE_KEY"]) %> - name: custom_package run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: install_method: "custom_package" - name: source run_list: + - recipe[riak::sysctl] - recipe[riak] attributes: riak: install_method: "source" source: - major: "2" - minor: "1" - incremental: "1" + major: <%= maj %> + minor: <%= min %> + incremental: <%= inc %> + excludes: ["freebsd-10.1", "freebsd-9.3"] +- name: sysctl + run_list: + - recipe[riak::sysctl] + excludes: ["freebsd-10.1", "freebsd-9.3"] diff --git a/attributes/default.rb b/attributes/default.rb index fb2c590..2b0d1c9 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -22,17 +22,6 @@ # ulimit default['riak']['limits']['nofile'] = 65_536 -# sysctl -default['riak']['sysctl']['vm']['swappiness'] = 0 -default['riak']['sysctl']['net']['core']['somaxconn'] = 40_000 -default['riak']['sysctl']['net']['ipv4']['tcp_max_syn_backlog'] = 40_000 -default['riak']['sysctl']['net']['ipv4']['tcp_sack'] = 1 -default['riak']['sysctl']['net']['ipv4']['tcp_window_scaling'] = 1 -default['riak']['sysctl']['net']['ipv4']['tcp_fin_timeout'] = 15 -default['riak']['sysctl']['net']['ipv4']['tcp_keepalive_intvl'] = 30 -default['riak']['sysctl']['net']['ipv4']['tcp_tw_reuse'] = 1 -default['riak']['sysctl']['net']['ipv4']['tcp_moderate_rcvbuf'] = 1 - default['riak']['platform_bin_dir'] = '/usr/sbin' default['riak']['platform_data_dir'] = '/var/lib/riak' default['riak']['platform_etc_dir'] = '/etc/riak' diff --git a/recipes/default.rb b/recipes/default.rb index 9902fe5..140662a 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -18,18 +18,6 @@ # limitations under the License. # -node.default['sysctl']['params']['vm']['swappiness'] = node['riak']['sysctl']['vm']['swappiness'] -node.default['sysctl']['params']['net']['core']['somaxconn'] = node['riak']['sysctl']['net']['core']['somaxconn'] -node.default['sysctl']['params']['net']['ipv4']['tcp_max_syn_backlog'] = node['riak']['sysctl']['net']['ipv4']['tcp_max_syn_backlog'] -node.default['sysctl']['params']['net']['ipv4']['tcp_sack'] = node['riak']['sysctl']['net']['ipv4']['tcp_sack'] -node.default['sysctl']['params']['net']['ipv4']['tcp_window_scaling'] = node['riak']['sysctl']['net']['ipv4']['tcp_window_scaling'] -node.default['sysctl']['params']['net']['ipv4']['tcp_fin_timeout'] = node['riak']['sysctl']['net']['ipv4']['tcp_fin_timeout'] -node.default['sysctl']['params']['net']['ipv4']['tcp_keepalive_intvl'] = node['riak']['sysctl']['net']['ipv4']['tcp_keepalive_intvl'] -node.default['sysctl']['params']['net']['ipv4']['tcp_tw_reuse'] = node['riak']['sysctl']['net']['ipv4']['tcp_tw_reuse'] -node.default['sysctl']['params']['net']['ipv4']['tcp_moderate_rcvbuf'] = node['riak']['sysctl']['net']['ipv4']['tcp_moderate_rcvbuf'] - -include_recipe 'ulimit' unless node['platform_family'] == 'debian' -include_recipe 'sysctl' include_recipe 'riak::java' if node['riak']['manage_java'] # validate the fqdn and if probalo then use IP address @@ -48,9 +36,10 @@ owner 'root' mode 0644 action :create - notifies :restart, "service[#{riak_service}]" end when 'rhel' + include_recipe 'ulimit' + user_ulimit 'riak' do filehandle_limit node['riak']['limits']['nofile'] end @@ -62,6 +51,10 @@ when 9 include_recipe 'pkg_add' + directory '/usr/local/etc/rc.d' do + mode 0755 + action :create + end template '/usr/local/etc/rc.d/riak' do source 'rcd.erb' mode 0755 diff --git a/recipes/sysctl.rb b/recipes/sysctl.rb new file mode 100755 index 0000000..2ea4e4f --- /dev/null +++ b/recipes/sysctl.rb @@ -0,0 +1,31 @@ +# contains the bare minimum sysctl tunings to prevent +# riak from throwing warnings on startup +# This is optional for those with existing +# tuning or wrapper cookbooks + +case node['platform_family'] +when 'debian', 'rhel', 'fedora' + node.default['sysctl']['params']['vm']['swappiness'] = 0 + node.default['sysctl']['params']['net']['core']['somaxconn'] = 40_000 + + node.default['sysctl']['params']['net']['core'].tap do |core| + core['somaxconn'] = 40_000 + core['wmem_default'] = 8388608 + core['wmem_max'] = 8388608 + core['rmem_default'] = 8388608 + core['rmem_max'] = 8388608 + core['netdev_max_backlog'] = 10_000 + end + + node.default['sysctl']['params']['net']['ipv4'].tap do |ipv4| + ipv4['tcp_max_syn_backlog'] = 40_000 + ipv4['tcp_sack'] = 1 + ipv4['tcp_window_scaling'] = 1 + ipv4['tcp_fin_timeout'] = 15 + ipv4['tcp_keepalive_intvl'] = 30 + ipv4['tcp_tw_reuse'] = 1 + ipv4['tcp_moderate_rcvbuf'] = 1 + end + + include_recipe 'sysctl::apply' +end diff --git a/test/integration/sysctl/serverspec/spec_helper.rb b/test/integration/sysctl/serverspec/spec_helper.rb new file mode 100755 index 0000000..dc67270 --- /dev/null +++ b/test/integration/sysctl/serverspec/spec_helper.rb @@ -0,0 +1,6 @@ +require 'serverspec' + +# Required by serverspec +set :backend, :exec + +set :path, '/sbin:/usr/sbin:/usr/local/sbin:$PATH' diff --git a/test/integration/sysctl/serverspec/sysctl_spec.rb b/test/integration/sysctl/serverspec/sysctl_spec.rb new file mode 100755 index 0000000..e8c887f --- /dev/null +++ b/test/integration/sysctl/serverspec/sysctl_spec.rb @@ -0,0 +1,96 @@ +require 'spec_helper' + +describe file('/proc/sys/vm/swappiness') do + it { should be_file } + it { should contain '0' } +end + +describe file('/proc/sys/net/core/somaxconn') do + it { should be_file } + it { should contain '40000' } +end + +describe file('/proc/sys/net/core/wmem_default') do + it { should be_file } + it { should contain '8388608' } +end + +describe file('/proc/sys/net/core/wmem_max') do + it { should be_file } + it { should contain '8388608' } +end + +describe file('/proc/sys/net/core/rmem_default') do + it { should be_file } + it { should contain '8388608' } +end + +describe file('/proc/sys/net/core/rmem_max') do + it { should be_file } + it { should contain '8388608' } +end + +describe file('/proc/sys/net/core/netdev_max_backlog') do + it { should be_file } + it { should contain '10000' } +end + +describe file('/proc/sys/net/ipv4/tcp_max_syn_backlog') do + it { should be_file } + it { should contain '40000' } +end + +describe file('/proc/sys/net/ipv4/tcp_sack') do + it { should be_file } + it { should contain '1' } +end + +describe file('/proc/sys/net/ipv4/tcp_window_scaling') do + it { should be_file } + it { should contain '1' } +end + +describe file('/proc/sys/net/ipv4/tcp_fin_timeout') do + it { should be_file } + it { should contain '15' } +end + +describe file('/proc/sys/net/ipv4/tcp_keepalive_intvl') do + it { should be_file } + it { should contain '30' } +end + +describe file('/proc/sys/net/ipv4/tcp_tw_reuse') do + it { should be_file } + it { should contain '1' } +end + +describe file('/proc/sys/net/ipv4/tcp_moderate_rcvbuf') do + it { should be_file } + it { should contain '1' } +end + +persistence_file = case host_inventory['platform'] + when 'redhat', 'fedora', 'amazon','debian', 'ubuntu' + '/etc/sysctl.d/99-chef-attributes.conf' + else + '/etc/sysctl.conf' + end + +describe file(persistence_file) do + it { should be_file } + it { should contain 'vm.swappiness=0' } + it { should contain 'net.core.somaxconn=40000' } + it { should contain 'net.core.wmem_default=8388608' } + it { should contain 'net.core.wmem_max=8388608' } + it { should contain 'net.core.rmem_default=8388608' } + it { should contain 'net.core.rmem_max=8388608' } + it { should contain 'net.core.netdev_max_backlog=10000' } + it { should contain 'net.ipv4.tcp_max_syn_backlog=40000' } + it { should contain 'net.ipv4.tcp_sack=1' } + it { should contain 'net.ipv4.tcp_window_scaling=1' } + it { should contain 'net.ipv4.tcp_fin_timeout=15' } + it { should contain 'net.ipv4.tcp_keepalive_intvl=30' } + it { should contain 'net.ipv4.tcp_tw_reuse=1' } + it { should contain 'net.ipv4.tcp_moderate_rcvbuf=1' } +end From a267b95f9c7e883f8edbdb1db682bef7d5f70b1b Mon Sep 17 00:00:00 2001 From: Seth Thomas Date: Thu, 2 Jul 2015 15:43:29 -0700 Subject: [PATCH 2/2] Rubocop hates freedom --- recipes/sysctl.rb | 8 ++++---- test/integration/sysctl/serverspec/sysctl_spec.rb | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/recipes/sysctl.rb b/recipes/sysctl.rb index 2ea4e4f..1ce0332 100755 --- a/recipes/sysctl.rb +++ b/recipes/sysctl.rb @@ -10,10 +10,10 @@ node.default['sysctl']['params']['net']['core'].tap do |core| core['somaxconn'] = 40_000 - core['wmem_default'] = 8388608 - core['wmem_max'] = 8388608 - core['rmem_default'] = 8388608 - core['rmem_max'] = 8388608 + core['wmem_default'] = 8_388_608 + core['wmem_max'] = 8_388_608 + core['rmem_default'] = 8_388_608 + core['rmem_max'] = 8_388_608 core['netdev_max_backlog'] = 10_000 end diff --git a/test/integration/sysctl/serverspec/sysctl_spec.rb b/test/integration/sysctl/serverspec/sysctl_spec.rb index e8c887f..235db27 100755 --- a/test/integration/sysctl/serverspec/sysctl_spec.rb +++ b/test/integration/sysctl/serverspec/sysctl_spec.rb @@ -71,7 +71,7 @@ end persistence_file = case host_inventory['platform'] - when 'redhat', 'fedora', 'amazon','debian', 'ubuntu' + when 'redhat', 'fedora', 'amazon', 'debian', 'ubuntu' '/etc/sysctl.d/99-chef-attributes.conf' else '/etc/sysctl.conf'