From 4c31a6ac4b12dc164aec5360d032f7c3595b59f8 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 16 Nov 2018 17:36:13 +0000 Subject: [PATCH] CLOSES #47: Adds required sysctl settings to docker run templates. --- CHANGELOG.md | 1 + README.md | 4 ++++ default.mk | 3 +++ environment.mk | 5 +++++ src/etc/systemd/system/centos-ssh-memcached@.service | 6 ++++++ src/opt/scmi/default.sh | 3 +++ src/opt/scmi/environment.sh | 5 +++++ src/opt/scmi/service-unit.sh | 3 +++ 8 files changed, 30 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fdcbea9..afc1f5d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ CentOS-7 7.5.1804 x86_64 - Memcached 1.4. ### 2.1.1 - Unreleased - Fixes typo in test; using `--format` instead of `--filter`. +- Adds required `--sysctl` settings to docker run templates. ### 2.1.0 - 2018-08-16 diff --git a/README.md b/README.md index 9048ae3..55f94b5 100644 --- a/README.md +++ b/README.md @@ -39,6 +39,7 @@ Run up a container named `memcached.pool-1.1.1` from the docker image `jdeathe/c $ docker run -d \ --name memcached.pool-1.1.1 \ -p 11211:11211/tcp \ + --sysctl "net.core.somaxconn=1024" \ jdeathe/centos-ssh-memcached:2.1.0 ``` @@ -74,6 +75,9 @@ $ docker run \ --tty \ --name memcached.pool-1.1.1 \ --publish 11211:11211/tcp \ + --sysctl "net.core.somaxconn=1024" \ + --sysctl "net.ipv4.ip_local_port_range=1024 65535" \ + --sysctl "net.ipv4.route.flush=1" \ --env "MEMCACHED_CACHESIZE=32" \ jdeathe/centos-ssh-memcached:2.1.0 ``` diff --git a/default.mk b/default.mk index 3264011..3f49c73 100644 --- a/default.mk +++ b/default.mk @@ -3,6 +3,9 @@ define DOCKER_CONTAINER_PARAMETERS --name $(DOCKER_NAME) \ --restart $(DOCKER_RESTART_POLICY) \ +--sysctl "net.core.somaxconn=$(SYSCTL_NET_CORE_SOMAXCONN)" \ +--sysctl "net.ipv4.ip_local_port_range=$(SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE)" \ +--sysctl "net.ipv4.route.flush=$(SYSCTL_NET_IPV4_ROUTE_FLUSH)" \ --env "MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER=$(MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER)" \ --env "MEMCACHED_CACHESIZE=$(MEMCACHED_CACHESIZE)" \ --env "MEMCACHED_MAXCONN=$(MEMCACHED_MAXCONN)" \ diff --git a/environment.mk b/environment.mk index dd1016c..b9cc487 100644 --- a/environment.mk +++ b/environment.mk @@ -13,6 +13,11 @@ DOCKER_IMAGE_RELEASE_TAG_PATTERN := ^(1|2|centos-(6-1|7-2))\.[0-9]+\.[0-9]+$ # Variables # ----------------------------------------------------------------------------- +# Docker --sysctl settings +SYSCTL_NET_CORE_SOMAXCONN ?= 1024 +SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE ?= 1024 65535 +SYSCTL_NET_IPV4_ROUTE_FLUSH ?= 1 + # Docker image/container settings DOCKER_CONTAINER_OPTS ?= DOCKER_IMAGE_TAG ?= latest diff --git a/src/etc/systemd/system/centos-ssh-memcached@.service b/src/etc/systemd/system/centos-ssh-memcached@.service index 143b57d..7016ecc 100644 --- a/src/etc/systemd/system/centos-ssh-memcached@.service +++ b/src/etc/systemd/system/centos-ssh-memcached@.service @@ -59,6 +59,9 @@ Environment="MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER=true" Environment="MEMCACHED_CACHESIZE=64" Environment="MEMCACHED_MAXCONN=1024" Environment="MEMCACHED_OPTIONS=-U 0" +Environment="SYSCTL_NET_CORE_SOMAXCONN=1024" +Environment="SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE=1024 65535" +Environment="SYSCTL_NET_IPV4_ROUTE_FLUSH=1" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/bash -c \ @@ -88,6 +91,9 @@ ExecStartPre=-/bin/bash -c \ ExecStart=/bin/bash -c \ "exec /usr/bin/docker run \ --name %p.%i \ + --sysctl \"net.core.somaxconn=${SYSCTL_NET_CORE_SOMAXCONN}\" \ + --sysctl \"net.ipv4.ip_local_port_range=${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE}\" \ + --sysctl \"net.ipv4.route.flush=${SYSCTL_NET_IPV4_ROUTE_FLUSH}\" \ --env \"MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER=${MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER}\" \ --env \"MEMCACHED_CACHESIZE=${MEMCACHED_CACHESIZE}\" \ --env \"MEMCACHED_MAXCONN=${MEMCACHED_MAXCONN}\" \ diff --git a/src/opt/scmi/default.sh b/src/opt/scmi/default.sh index 0643f9c..2ed304c 100644 --- a/src/opt/scmi/default.sh +++ b/src/opt/scmi/default.sh @@ -40,6 +40,9 @@ fi # Common parameters of create and run targets DOCKER_CONTAINER_PARAMETERS="--name ${DOCKER_NAME} \ --restart ${DOCKER_RESTART_POLICY} \ +--sysctl \"net.core.somaxconn=${SYSCTL_NET_CORE_SOMAXCONN}\" \ +--sysctl \"net.ipv4.ip_local_port_range=${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE}\" \ +--sysctl \"net.ipv4.route.flush=${SYSCTL_NET_IPV4_ROUTE_FLUSH}\" \ --env \"MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER=${MEMCACHED_AUTOSTART_MEMCACHED_WRAPPER}\" \ --env \"MEMCACHED_CACHESIZE=${MEMCACHED_CACHESIZE}\" \ --env \"MEMCACHED_MAXCONN=${MEMCACHED_MAXCONN}\" \ diff --git a/src/opt/scmi/environment.sh b/src/opt/scmi/environment.sh index 88750c2..bad6865 100644 --- a/src/opt/scmi/environment.sh +++ b/src/opt/scmi/environment.sh @@ -30,6 +30,11 @@ DIST_PATH="${DIST_PATH:-./dist}" # Number of seconds expected to complete container startup including bootstrap. STARTUP_TIME="${STARTUP_TIME:-1}" +# Docker --sysctl settings +SYSCTL_NET_CORE_SOMAXCONN="${SYSCTL_NET_CORE_SOMAXCONN:-1024}" +SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE="${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE:-1024 65535}" +SYSCTL_NET_IPV4_ROUTE_FLUSH="${SYSCTL_NET_IPV4_ROUTE_FLUSH:-1}" + # ETCD register service settings REGISTER_ETCD_PARAMETERS="${REGISTER_ETCD_PARAMETERS:-}" REGISTER_TTL="${REGISTER_TTL:-60}" diff --git a/src/opt/scmi/service-unit.sh b/src/opt/scmi/service-unit.sh index 7eb5a95..0cd6062 100644 --- a/src/opt/scmi/service-unit.sh +++ b/src/opt/scmi/service-unit.sh @@ -11,6 +11,9 @@ readonly SERVICE_UNIT_ENVIRONMENT_KEYS=" MEMCACHED_CACHESIZE MEMCACHED_MAXCONN MEMCACHED_OPTIONS + SYSCTL_NET_CORE_SOMAXCONN + SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE + SYSCTL_NET_IPV4_ROUTE_FLUSH " readonly SERVICE_UNIT_REGISTER_ENVIRONMENT_KEYS=" REGISTER_ETCD_PARAMETERS