OpenStack-Ansible

net.netfilter.nf_conntrack_max not changed on swift server

Bug #1451217 reported by Bjoern
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Invalid
Undecided
Unassigned
Juno
Fix Released
Medium
Christopher H. Laco
OpenStack-Ansible 10.1.15
Trunk
Invalid
Undecided
Unassigned

Bug Description

With the explicit enabling of conntrack on swift servers, we have to elevate net.netfilter.nf_conntrack_max to at least 256k. Similar to what we did on compute node and neutron container.

Revision history for this message
Kevin Carter (kevin-carter) wrote :

This issue only effects Juno. We will need to create a container config var that will allow these values to be set.

See rpc_deployment/vars/config_vars/container_config_nova_compute.yml for reference.

Changed in openstack-ansible:
status: New → Triaged
milestone: none → next
importance: Undecided → Low
Jesse Pretorius (jesse-pretorius)
tags: added: low-hanging-fruit
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible (juno)

Reviewed: https://review.openstack.org/226880
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=73da84c4e676d60bdb5e8f470afb2b3f2fcb9843
Submitter: Jenkins
Branch: juno

commit 73da84c4e676d60bdb5e8f470afb2b3f2fcb9843
Author: Christopher H. Laco <email address hidden>
Date: Wed Sep 23 12:26:06 2015 -0400

    Add net.netfilter.nf_conntrack_max to Swift Storage

    With the default sysctl value, the nf_contract table fills and starts
    dropping packets on Swift storage nodes after a certain period of time.

    This is not a problem in Kilo as the value is set to 256k in all hosts
    by default. Adding this specifically to the storage setup to avoid
    adding the more complex solution used for nova/neutron that uses var
    files in playbooks.

    Change-Id: Ic9162eeb50523b32f477075b565f55bbf868d1d6
    Closes-Bug: #1451217
    Closes-Bug: #1479127

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.