Role - tripleo-kernel

Role Documentation

Welcome to the “tripleo-kernel” role documentation.

Role Defaults

This section highlights all of the defaults and variables set within the “tripleo-kernel” role.

tripleo_kernel_args: ''
tripleo_kernel_defer_reboot: false
tripleo_kernel_extra_modules: {}
tripleo_kernel_extra_packages: {}
tripleo_kernel_post_reboot_delay: 60
tripleo_kernel_reboot_timeout: 3600
tripleo_kernel_sysctl_extra_settings: {}

Role Variables: main.yml

tripleo_kernel_modules:
  br_netfilter: {}
  nf_conntrack: {}
tripleo_kernel_sysctl_settings:
  fs.suid_dumpable:
    value: 0
  kernel.dmesg_restrict:
    value: 1
  net.core.netdev_max_backlog:
    value: 10000
  net.ipv4.conf.all.arp_accept:
    value: 1
  net.ipv4.conf.all.arp_notify:
    value: 1
  net.ipv4.conf.all.log_martians:
    value: 1
  net.ipv4.conf.all.secure_redirects:
    value: 0
  net.ipv4.conf.all.send_redirects:
    value: 0
  net.ipv4.conf.default.accept_redirects:
    value: 0
  net.ipv4.conf.default.log_martians:
    value: 1
  net.ipv4.conf.default.secure_redirects:
    value: 0
  net.ipv4.conf.default.send_redirects:
    value: 0
  net.ipv4.tcp_keepalive_intvl:
    value: 1
  net.ipv4.tcp_keepalive_probes:
    value: 5
  net.ipv4.tcp_keepalive_time:
    value: 5
  net.ipv6.conf.all.accept_ra:
    value: 0
  net.ipv6.conf.all.accept_redirects:
    value: 0
  net.ipv6.conf.all.autoconf:
    value: 0
  net.ipv6.conf.all.ndisc_notify:
    value: 1
  net.ipv6.conf.default.accept_ra:
    value: 0
  net.ipv6.conf.default.accept_redirects:
    value: 0
  net.ipv6.conf.default.autoconf:
    value: 0
  net.ipv6.conf.lo.disable_ipv6:
    value: 0
  net.netfilter.nf_conntrack_max:
    value: 500000
  net.nf_conntrack_max:
    value: 500000

Molecule Scenarios

Molecule is being used to test the “tripleo-kernel” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: default

Driver: delegated
Molecule Options
ansible_connection_options:
  ansible_connection: ssh
login_cmd_template: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
  -o Compression=no -o TCPKeepAlive=yes -o VerifyHostKeyDNS=no -o ForwardX11=no -o
  ForwardAgent=no {instance}
managed: false
Molecule Inventory
hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost
Example default playbook
- hosts: all
  name: Converge
  roles:
  - role: tripleo-kernel

Scenario: extra

Driver: delegated
Molecule Options
ansible_connection_options:
  ansible_connection: ssh
login_cmd_template: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
  -o Compression=no -o TCPKeepAlive=yes -o VerifyHostKeyDNS=no -o ForwardX11=no -o
  ForwardAgent=no {instance}
managed: false
Molecule Inventory
hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost
Example extra playbook
- hosts: all
  name: Converge
  roles:
  - role: tripleo-kernel
    tripleo_kernel_extra_modules:
      dummy: {}
    tripleo_kernel_extra_packages:
      kmod-kvdo: {}
    tripleo_kernel_sysctl_extra_settings:
      kernel.ftrace_dump_on_oops:
        value: 1

Scenario: kernelargs

Driver: delegated
Molecule Options
ansible_connection_options:
  ansible_connection: ssh
login_cmd_template: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
  -o Compression=no -o TCPKeepAlive=yes -o VerifyHostKeyDNS=no -o ForwardX11=no -o
  ForwardAgent=no {instance}
managed: false
Molecule Inventory
hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost
Example kernelargs playbook
- become: true
  hosts: all
  name: Converge
  tasks:
  - include_role:
      name: tripleo-kernel
      tasks_from: kernelargs.yml
    vars:
      tripleo_kernel_args: test=1
      tripleo_kernel_defer_reboot: true