X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/adff902bab9024c8bdc98b2ae2b7b22ac4a7e47b..47d39899ca31f509e07422f1ceb11cc1bb45415e:/roles/lockheed.rb?ds=sidebyside

diff --git a/roles/lockheed.rb b/roles/lockheed.rb
index b03347148..f4ace47e0 100644
--- a/roles/lockheed.rb
+++ b/roles/lockheed.rb
@@ -28,6 +28,49 @@ default_attributes(
         }
       }
     }
+  },
+  :sysctl => {
+    :sockets => {
+      :comment => "Increase size of connection queue",
+      :parameters => {
+        "net.core.somaxconn" => 10000
+      }
+    },
+    :network_conntrack_time_wait => {
+      :comment => "Only track completed connections for 30 seconds",
+      :parameters => {
+        "net.netfilter.nf_conntrack_tcp_timeout_time_wait" => "30"
+      }
+    },
+    :network_conntrack_max => {
+      :comment => "Increase max number of connections tracked",
+      :parameters => {
+        "net.netfilter.nf_conntrack_max" => "524288"
+      }
+    },
+    :no_tcp_slow_start => {
+      :comment => "Disable TCP slow start",
+      :parameters => {
+        "net.ipv4.tcp_slow_start_after_idle" => "0"
+      }
+    },
+    :tcp_use_bbr => {
+      :comment => "Use TCP BBR Congestion Control",
+      :parameters => {
+        "net.core.default_qdisc" => "fq",
+        "net.ipv4.tcp_congestion_control" => "bbr"
+      }
+    }
+  },
+  :nginx => {
+    :cache => {
+      :proxy => {
+          :enable => true,
+          :keys_zone => "proxy_cache_zone:256M",
+          :inactive => "180d",
+          :max_size => "51200M"
+      }
+    }
   }
 )