Bug 1490940 - [RFE] make the installer to use sysctl.d directorys instead of sysctl.conf file.
Summary: [RFE] make the installer to use sysctl.d directorys instead of sysctl.conf file.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
medium
low
Target Milestone: ---
: 3.7.0
Assignee: Scott Dodson
QA Contact: Gan Huang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-12 14:27 UTC by Sergi Jimenez Romero
Modified: 2017-11-28 22:10 UTC (History)
5 users (show)

Fixed In Version: openshift-ansible-3.7.7-1
Doc Type: Enhancement
Doc Text:
Required Sysctl configuration options are now set in /etc/sysctl.d/99-openshift.conf rather than /etc/sysctl.conf allowing for greater local customization flexibility.
Clone Of:
Environment:
Last Closed: 2017-11-28 22:10:32 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:3188 0 normal SHIPPED_LIVE Moderate: Red Hat OpenShift Container Platform 3.7 security, bug, and enhancement update 2017-11-29 02:34:54 UTC

Description Sergi Jimenez Romero 2017-09-12 14:27:02 UTC 
> 3. What is the nature and description of the request?  

Currently OpenShift ansible installer adds sysctl settings to sysctl.conf, e.g. net.ipv4.ip_forward=1

While sysctl.d directories feel like a better fit for these customizations.

> 4. Why does the customer need this? (List the business requirements here)  

This breaks our puppet modules and also makes hard to trace the changes introduced by OpenShift. Besides the sysctl.conf file provided by RHEL7.3 says:

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

> 5. How would the customer like to achieve this? (List the functional requirements here)  

Sysctl settings to be placed under one of the above mentioned directories.

> 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.  

Will find net.ipv4.ip_forward=1 under /usr/lib/sysctl.d/ with a meaningful filename.


> 10. List any affected packages or components.
openshift-ansible
Comment 4 Scott Dodson 2017-11-15 13:39:53 UTC 
This change is in openshift-ansible-3.7.7-1
Comment 6 Gan Huang 2017-11-16 07:04:16 UTC 
Verified in openshift-ansible-3.7.9-1.git.0.60e60a0.el7.noarch.rpm

/etc/sysctl.d/99-openshift.conf is created and `net.ipv4.ip_forward` is set to 1.
# cat /etc/sysctl.d/99-openshift.conf 
net.ipv4.ip_forward=1

# /sbin/sysctl --system
<--snip-->
* Applying /etc/sysctl.d/99-openshift.conf ...
net.ipv4.ip_forward = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...

The custom config in /etc/sysct.conf which would override /etc/sysctl.d/99-openshift.conf is applied in the end. This should be expected and correct.

Moving to verified.
Comment 10 errata-xmlrpc 2017-11-28 22:10:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:3188
Note You need to log in before you can comment on or make changes to this bug.