X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/f9e3e2a61aca2a356d5e3f69b3f3f6f3c6986ce9..e693cad1797b863b72437a1f06850e9c98b45ba1:/roles/lockheed.rb diff --git a/roles/lockheed.rb b/roles/lockheed.rb index ec3f788f7..de012bb53 100644 --- a/roles/lockheed.rb +++ b/roles/lockheed.rb @@ -4,36 +4,89 @@ description "Master role applied to lockheed" default_attributes( :networking => { :interfaces => { - :internal_ipv4 => { + :internal => { :interface => "bond0", :role => :internal, - :family => :inet, - :address => "10.0.48.16", + :inet => { + :address => "10.0.48.16" + }, :bond => { - :slaves => %w[eth0 eth1] + :mode => "802.3ad", + :lacprate => "fast", + :xmithashpolicy => "layer3+4", + :slaves => %w[eno49 eno50] } }, - :external_ipv4 => { - :interface => "bond0.2", + :external_he => { + :interface => "bond0.3", :role => :external, - :family => :inet, - :address => "130.117.76.16" + :metric => 150, + :source_route_table => 100, + :inet => { + :address => "184.104.179.144", + :prefix => "27", + :gateway => "184.104.179.129" + } }, - :external_ipv6 => { - :interface => "bond0.2", + :external => { + :interface => "bond0.103", :role => :external, - :family => :inet6, - :address => "2001:978:2:2C::172:10" + :source_route_table => 150, + :inet => { + :address => "82.199.86.112", + :prefix => "27", + :gateway => "82.199.86.97" + } + } + } + }, + :sysctl => { + :sockets => { + :comment => "Increase size of connection queue", + :parameters => { + "net.core.somaxconn" => 10000 + } + }, + :network_conntrack_time_wait => { + :comment => "Only track completed connections for 30 seconds", + :parameters => { + "net.netfilter.nf_conntrack_tcp_timeout_time_wait" => "30" + } + }, + :network_conntrack_max => { + :comment => "Increase max number of connections tracked", + :parameters => { + "net.netfilter.nf_conntrack_max" => "524288" + } + }, + :no_tcp_slow_start => { + :comment => "Disable TCP slow start", + :parameters => { + "net.ipv4.tcp_slow_start_after_idle" => "0" + } + }, + :tcp_use_bbr => { + :comment => "Use TCP BBR Congestion Control", + :parameters => { + "net.core.default_qdisc" => "fq", + "net.ipv4.tcp_congestion_control" => "bbr" + } + } + }, + :nginx => { + :cache => { + :proxy => { + :enable => true, + :keys_zone => "proxy_cache_zone:256M", + :inactive => "180d", + :max_size => "51200M" } - } } ) run_list( "role[equinix-ams]", - "role[subversion]", - "role[trac]", - "role[irc]", - "recipe[blogs]" + "role[hp-g9]", + "role[imagery]" )