[MediaWiki-commits] [Gerrit] operations/puppet[production]: Revert "Create a separate sysctl configuration for setting c...

Muehlenhoff (Code Review) Mon, 24 Apr 2017 00:07:08 -0700

Muehlenhoff has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/349396 )


Change subject: Revert "Create a separate sysctl configuration for setting 
conntrack settings"
......................................................................


Revert "Create a separate sysctl configuration for setting conntrack settings"

This is now obsolete with the previous change which loads the nf_conntrack
kernel module via /etc/modules-load.d

This reverts commit 9e6d1b2d43d507cf56f6426b8395d31dbcfec79f.

Change-Id: I7258be356fae51cb512eb3c15466847ed74772a6
---
D modules/ferm/files/conntrack.conf
M modules/ferm/manifests/init.pp
2 files changed, 0 insertions(+), 17 deletions(-)

Approvals:
  Muehlenhoff: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/ferm/files/conntrack.conf 
b/modules/ferm/files/conntrack.conf
deleted file mode 100644
index 64e2e18..0000000
--- a/modules/ferm/files/conntrack.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# sysctl parameters managed by ferm puppet module
-net.netfilter.nf_conntrack_max = 262144
-net.netfilter.nf_conntrack_tcp_timeout_time_wait = 65
diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 221f763..7678b45 100644
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -49,20 +49,6 @@
         notify  => Service['ferm'],
     }
 
-    # The connection tracking values cannot be set via the standard
-    # /etc/sysctl.d hierarchy: The conntrack entries are only available
-    # once ferm loads the connection tracking kernel modules. So these
-    # values are set via a separate systemd unit which is started after
-    # ferm. This doesn't use the /etc/sysctl.d path used by the sysctl
-    # class to avoid confusion
-    file { '/etc/ferm/conntrack-sysctl.conf':
-        ensure => present,
-        owner  => 'root',
-        group  => 'root',
-        mode   => '0444',
-        source => 'puppet:///modules/ferm/conntrack.conf',
-    }
-
     file { '/etc/ferm/functions.conf' :
         ensure  => present,
         owner   => 'root',

-- 
To view, visit https://gerrit.wikimedia.org/r/349396
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I7258be356fae51cb512eb3c15466847ed74772a6
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: Dzahn <dz...@wikimedia.org>
Gerrit-Reviewer: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] operations/puppet[production]: Revert "Create a separate sysctl configuration for setting c...

Reply via email to