X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/b56851ae08394127b8a802faf0c517bc0b01e747..b66ab1c53a8aa973ad2371f6b737368e08b9de8a:/roles/base.rb diff --git a/roles/base.rb b/roles/base.rb index 29db5b24d..d37a4097d 100644 --- a/roles/base.rb +++ b/roles/base.rb @@ -10,15 +10,27 @@ default_attributes( :jburgess => { :status => :administrator } } }, - :apt => { - :sources => [ "openstreetmap" ] + :munin => { + :plugins => { + :chrony => { + :systime => { :warning => "100", :critical => "250" } + } + } }, :networking => { :roles => { - :internal => { :metric => 200, :zone => "loc" }, + :internal => { :metric => 200 }, :external => { :metric => 100 } }, - :search => [ "openstreetmap.org" ] + :search => ["openstreetmap.org"] + }, + :prometheus => { + :metrics => { + :exim_queue_limit => { + :help => "Mail queue alert level", + :metric => 50 + } + } }, :sysctl => { :panic => { @@ -27,24 +39,31 @@ default_attributes( }, :blackhole => { :comment => "Do TCP level MTU probing if we seem to have an ICMP blackhole", - :parameters => { "net.ipv4.tcp_mtu_probing" => "1" } + :parameters => { + "net.ipv4.tcp_mtu_probing" => "1", + "net.ipv4.tcp_base_mss" => "1024" + } }, :network_buffers => { :comment => "Tune network buffers", - :parameters => { + :parameters => { "net.core.rmem_max" => "16777216", "net.core.wmem_max" => "16777216", - "net.ipv4.tcp_rmem" => "4096\t87380\t16777216", - "net.ipv4.tcp_wmem" => "4096\t65536\t16777216" + "net.ipv4.tcp_rmem" => "4096 87380 16777216", + "net.ipv4.tcp_wmem" => "4096 65536 16777216", + "net.ipv4.udp_mem" => "3145728 4194304 16777216" } }, :network_backlog => { :comment => "Increase maximum backlog for incoming network packets", - :parameters => { "net.core.netdev_max_backlog" => "2500" } + :parameters => { + "net.core.netdev_max_backlog" => "2500", + "net.core.netdev_budget" => "600" + } }, :network_conntrack_established => { :comment => "Only track established connections for four hours", - :parameters => { + :parameters => { "net.netfilter.nf_conntrack_tcp_timeout_established" => "14400" } }, @@ -53,14 +72,17 @@ default_attributes( :parameters => { "net.ipv4.tcp_syncookies" => "1" } - } - }, - :sysfs => { - :cpufreq_ondemand => { - :comment => "Tune the ondemand CPU frequency governor", + }, + :default_qdisc => { + :comment => "Use fq as the default queuing discipline", + :parameters => { + "net.core.default_qdisc" => "fq" + } + }, + :tune_cpu_scheduler => { + :comment => "Tune CPU scheduler for server scheduling", :parameters => { - "devices/system/cpu/cpufreq/ondemand/up_threshold" => "25", - "devices/system/cpu/cpufreq/ondemand/sampling_down_factor" => "20" + "kernel.sched_autogroup_enabled" => 0 } } } @@ -72,7 +94,8 @@ run_list( "recipe[chef]", "recipe[devices]", "recipe[hardware]", - "recipe[munin]", + "recipe[prometheus]", + "recipe[munin::plugins]", "recipe[networking]", "recipe[exim]", "recipe[ntp]",