diff --git a/roles/sysctl_network/files/90-network.conf b/roles/sysctl_network/files/90-network.conf new file mode 100644 index 0000000000000000000000000000000000000000..21e6a6c57da25781087afe29356172b951b75fc5 --- /dev/null +++ b/roles/sysctl_network/files/90-network.conf @@ -0,0 +1,30 @@ +net.ipv4.tcp_max_syn_backlog=30000 +net.ipv4.conf.all.accept_redirects=0 +net.ipv4.udp_rmem_min=8192 +net.ipv4.tcp_congestion_control=htcp +net.core.default_qdisc=fq_codel +net.ipv4.tcp_rmem=4096 87380 33554432 +net.ipv4.tcp_tw_recycle=1 +net.ipv4.tcp_tw_reuse=1 +net.core.optmem_max=4194304 +net.ipv4.tcp_slow_start_after_idle=0 +net.core.wmem_max=33554432 +net.ipv4.conf.all.send_redirects=0 +net.core.netdev_budget=600 +net.ipv4.tcp_fack=1 +net.netfilter.nf_conntrack_max=1024000 +net.ipv4.tcp_fastopen=1 +net.ipv4.conf.all.log_martians=0 +net.core.netdev_max_backlog=50000 +net.ipv4.tcp_ecn=1 +net.ipv4.tcp_timestamps=1 +net.ipv4.tcp_mtu_probing=1 +net.ipv4.tcp_wmem=4096 65536 33554432 +net.nf_conntrack_max=1024000 +net.core.somaxconn=1024 +net.ipv4.tcp_fin_timeout=10 +net.ipv4.tcp_sack=1 +kernel.pid_max=4194303 +net.core.rmem_max=33554432 +net.ipv4.udp_wmem_min=8192 +net.ipv4.tcp_dsack=1 diff --git a/roles/sysctl_network/handlers/main.yml b/roles/sysctl_network/handlers/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..0f042b701662323bbb4db9b9398c2a8e43882616 --- /dev/null +++ b/roles/sysctl_network/handlers/main.yml @@ -0,0 +1,3 @@ +- name: reload sysctl + sysctl: + reload: yes diff --git a/roles/sysctl_network/tasks/main.yml b/roles/sysctl_network/tasks/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..e82d4a39d669451275f05e00a129600dd4aee460 --- /dev/null +++ b/roles/sysctl_network/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: copying networking config for sysctl + copy: + mode: '640' + src: 90-network.conf + dest: '/etc/sysctl.d' + become: true + become_user: root + + +- name: Reloading sysctl + notify: + - "reload sysctl" + become: true + become_user: root + +