├── .gitignore ├── .kitchen.yml ├── .rubocop.yml ├── .travis.yml ├── Berksfile ├── CHANGELOG.md ├── Gemfile ├── README.md ├── Rakefile ├── attributes └── default.rb ├── example ├── README.md ├── attributes │ └── example.rb ├── metadata.rb └── recipes │ └── example.rb ├── libraries └── matchers.rb ├── metadata.rb ├── providers └── default.rb ├── recipes ├── attribute_driver.rb ├── default.rb └── library.rb ├── resources └── default.rb ├── spec └── spec_helper.rb ├── templates └── default │ └── sysctl.erb └── test ├── cookbooks └── sysctl_test │ ├── README.md │ ├── files │ └── default │ │ └── tests │ │ └── minitest │ │ └── default_test.rb │ ├── metadata.rb │ └── recipes │ └── default.rb └── integration └── default └── bats └── sysctl.bats /.gitignore: -------------------------------------------------------------------------------- 1 | Berksfile.lock 2 | Gemfile.lock 3 | .swap 4 | .swp 5 | tags 6 | .tags 7 | Berksfile.lock 8 | .kitchen 9 | -------------------------------------------------------------------------------- /.kitchen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: 3 | name: docker 4 | require_chef_omnibus: true 5 | 6 | platforms: 7 | - name: centos-6.4 8 | - name: ubuntu-12.04 9 | 10 | suites: 11 | - name: default 12 | run_list: 13 | - recipe[sysctl::attribute_driver] 14 | attributes: { 15 | sysctl: { 16 | values: { 17 | "net.core.rmem_default": "262144", 18 | "net.core.wmem_default": "262144", 19 | "fs.file-max": 1000000, 20 | "net.ipv4.tcp_fin_timeout": 30 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | AllCops: 2 | Include: 3 | - metadata.rb 4 | - Gemfile 5 | - attributes/** 6 | - recipes/** 7 | - libraries/** 8 | - providers/** 9 | - resources/** 10 | Exclude: 11 | - example/** 12 | - test/** 13 | - vendor/** 14 | 15 | Encoding: 16 | Enabled: false 17 | 18 | LineLength: 19 | Enabled: false 20 | 21 | WordArray: 22 | MinSize: 3 23 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | rvm: 2 | - 1.9.3 3 | - 2.0.0 4 | - 2.1.0 5 | before_script: 6 | - bundle exec berks install 7 | script: 8 | - bundle exec rake test:quick 9 | -------------------------------------------------------------------------------- /Berksfile: -------------------------------------------------------------------------------- 1 | # vim: set ft=ruby: 2 | metadata 3 | 4 | 5 | group :integration do 6 | cookbook "apt" 7 | cookbook "sysctl_test", 8 | path: "test/cookbooks/sysctl_test" 9 | end 10 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | Change Log 2 | ---------- 3 | ## 2.0.1 4 | * fix bug where we quote values in the template 5 | * fix kitchen setup 6 | * add some bats integration testing 7 | 8 | ## 2.0.0 9 | * move to accumulator cookbook for building the single file 10 | * rearange the way we work with attributes (backward breaking) 11 | * add in basic kitchen and travis work 12 | 13 | ## 1.3.0 14 | * switch save to node off by efault. This changes the implicit behaviour from previous versions. 15 | * update the LWRP to use chef 10.12 default_action 16 | 17 | ## 1.2.1 18 | * update node[:sysctl] = blah to chef 11 node.set[:sysctl] = blah 19 | * bust changelog out from README to its own file 20 | * fix typo in example 21 | * remove unused resource/write.rb 22 | 23 | ## 1.2.0 24 | * Default behavior on debian is less destructive 25 | 26 | ## 1.1.0 27 | * Adding in :write action support so that it writes /etc/sysctl 28 | 29 | ## 1.0.2 30 | * Initial public release 31 | 32 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | # get this from git for the chefignore issues 4 | gem 'berkshelf' 5 | 6 | group 'develop' do 7 | gem 'test-kitchen' 8 | gem 'kitchen-docker-api' 9 | gem 'rake' 10 | gem 'foodcritic', git: 'https://github.com/mlafeldt/foodcritic.git', branch: 'improve-rake-task' 11 | gem 'rubocop' 12 | gem 'knife-cookbook-doc' 13 | gem 'chefspec', '>= 3.2.0' 14 | end 15 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | DESCRIPTION 2 | =========== 3 | Manage sysctl via a sysctl LWRP. 4 | 5 | 6 | Attributes 7 | ---------- 8 | 9 | | Name | Value | Description 10 | |:---|:---|:-------- 11 | |`default[:sysctl][:values]` | {} | Hash Of Key Value pairs the attribute_driver recipe uses. 12 | |`default[:sysctl][:config_file]` | rhel: `"/etc/sysctl.conf"` debian: `"/etc/sysctl.d/99-chef.conf"` | The file to write values to. 13 | 14 | Recipes 15 | --------- 16 | 17 | | Name | Description | 18 | |:-----|:------------| 19 | |attribute_driver.rb| Reads attributes set in `node[:sysctl][:values]`, and sets sysctl resources with the values 20 | |default.rb| Simply sets up the resources needed to use the lwrp 21 | |library.rb| Empty recipe if you want to avoid default, but still want to explicitly include (for whatever reason) 22 | 23 | Sysctl LWRP 24 | =========== 25 | 26 | 27 | Attributes 28 | ---------- 29 | | Name | Type | Default | Description | 30 | |:-----|:-----|:--------|:--------------| 31 | | `name` | `String` | `:name_attribute` |The key name. Defaults to the resource name i.e. sysctl "some.key" 32 | | `value`| `String`, `Fixnum`, `Integer` | The Value for this key 33 | | `save` | boolean | `true` | save the setting back to the node data (default: false) 34 | 35 | Actions 36 | ------- 37 | | action | default | Description| 38 | |:-------|:--------|:-----------| 39 | | `:set` | yes | Make sure the running state is set (default) 40 | | `:write`| yes | Write the config file (default) 41 | 42 | 43 | Known Bugs 44 | ---------- 45 | * RHEL/CentOS 6 now have sysctl.d Directory, we should generate a config in this dir instead 46 | * only intended to be used on Linux 47 | 48 | 49 | Example Usage 50 | ============= 51 | LWRP 52 | ---- 53 | Ensure running state, and write this key to sysctl.conf 54 | 55 | sysctl "kernel.sysrq" do 56 | value 1 57 | end 58 | 59 | __Check out__ [example/recipes/example.rb] [2] For more recipe examples. 60 | 61 | ChefSpec Matchers 62 | ================= 63 | There are chefspec matchers in this cookbook to test your usage of the lwrp 64 | 65 | set_sysctl 66 | ---------- 67 | matcher for the set action 68 | 69 | write_sysctl 70 | ------------ 71 | matcher for the write action 72 | 73 | 74 | 75 | Attributes 76 | ---------- 77 | In a role attribute or override: 78 | 79 | { 80 | "sysctl": { 81 | "values": { 82 | "net.ipv4.tcp_window_scaling": 0 83 | } 84 | } 85 | } 86 | 87 | 88 | __Check out__ [example/attributes/example.rb] [1] For more attribute examples. 89 | 90 | 91 | Author and License 92 | =================== 93 | 94 | __Author__ Jesse Nelson 95 | 96 | Copyright 2011-2013, Jesse Nelson 97 | 98 | Licensed under the Apache License, Version 2.0 (the "License"); 99 | you may not use this file except in compliance with the License. 100 | You may obtain a copy of the License at 101 | 102 | http://www.apache.org/licenses/LICENSE-2.0 103 | 104 | Unless required by applicable law or agreed to in writing, software 105 | distributed under the License is distributed on an "AS IS" BASIS, 106 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 107 | See the License for the specific language governing permissions and 108 | limitations under the License. 109 | 110 | 111 | 112 | [1]: https://github.com/spheromak/sysctl-cookbook/blob/master/example/attributes/example.rb 113 | [2]: https://github.com/spheromak/sysctl-cookbook/blob/master/example/recipes/example.rb 114 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env rake 2 | require 'rake' 3 | require 'rspec/core/rake_task' 4 | 5 | task :default => 'test:quick' 6 | 7 | namespace :test do 8 | 9 | RSpec::Core::RakeTask.new(:spec) do |t| 10 | t.pattern = Dir.glob('test/spec/**/*_spec.rb') 11 | t.rspec_opts = "--color -f d" 12 | end 13 | 14 | begin 15 | require 'kitchen/rake_tasks' 16 | Kitchen::RakeTasks.new 17 | rescue 18 | puts '>>>>> Kitchen gem not loaded, omitting tasks' unless ENV['CI'] 19 | end 20 | 21 | begin 22 | require 'foodcritic/rake_task' 23 | require 'foodcritic' 24 | task :default => [:foodcritic] 25 | FoodCritic::Rake::LintTask.new do |t| 26 | t.options = { 27 | fail_tags: %w/correctness services libraries deprecated/, 28 | exclude_paths: ['test/**/*', 'spec/**/*', 'features/**/*', 'example/**/*'] 29 | } 30 | end 31 | rescue LoadError 32 | warn "Foodcritic Is missing ZOMG" 33 | end 34 | 35 | begin 36 | require 'rubocop/rake_task' 37 | Rubocop::RakeTask.new do |task| 38 | task.fail_on_error = true 39 | task.options = %w{-D -a} 40 | end 41 | rescue LoadError 42 | warn "Rubocop gem not installed, now the code will look like crap!" 43 | end 44 | 45 | 46 | desc 'Run all of the quick tests.' 47 | task :quick do 48 | Rake::Task['test:rubocop'].invoke 49 | Rake::Task['test:foodcritic'].invoke 50 | Rake::Task['test:spec'].invoke 51 | end 52 | 53 | 54 | desc 'Run _all_ the tests. Go get a coffee.' 55 | task :complete do 56 | Rake::Task['test:quick'].invoke 57 | Rake::Task['test:kitchen:all'].invoke 58 | end 59 | 60 | desc 'Run CI tests' 61 | task :ci do 62 | Rake::Task['test:complete'].invoke 63 | end 64 | end 65 | 66 | 67 | namespace :release do 68 | task :update_metadata do 69 | end 70 | 71 | task :tag_release do 72 | end 73 | end 74 | -------------------------------------------------------------------------------- /attributes/default.rb: -------------------------------------------------------------------------------- 1 | default[:sysctl] = {} 2 | default[:sysctl][:values] = {} 3 | 4 | default[:sysctl][:config_file] = '/etc/sysctl.conf' 5 | if platform_family == 'debian' 6 | default[:sysctl][:config_file] = '/etc/sysctl.d/99-chef.conf' 7 | end 8 | -------------------------------------------------------------------------------- /example/README.md: -------------------------------------------------------------------------------- 1 | Example cook 2 | -------------------------------------------------------------------------------- /example/attributes/example.rb: -------------------------------------------------------------------------------- 1 | # this is just an example remove the returnK if you want to use these settings 2 | # which are things I use in production 3 | return 4 | 5 | # ohai sysctl pulls all these values in as strings, so we do them as strings here so they can match 6 | # bump open files way way high. 7 | default.sysctl['fs.file-max'] = '1000000' 8 | 9 | # 256 KB default performs well experimentally, and is often recommended by ISVs. 10 | default.sysctl['net.core.rmem_default'] = '262144' 11 | default.sysctl['net.core.wmem_default'] = '262144' 12 | 13 | # When opening a high-bandwidth connection while the receiving end is under 14 | # memory pressure, disk I/O may be necessary to free memory for the socket, 15 | # making disk latency the effective latency for the bandwidth-delay product 16 | # initially. For 10 Gb ethernet and SCSI, the BDP is about 5 MB. Allow 8 MB 17 | # to account for overhead, to ensure that new sockets can saturate the medium 18 | # quickly. 19 | default.sysctl['net.core.rmem_max'] = '8388608' 20 | default.sysctl['net.core.wmem_max'] = '8388608' 21 | 22 | # Allow a deep backlog for 10 Gb and bonded Gb ethernet connections 23 | default.sysctl['net.core.netdev_max_backlog'] = '10000' 24 | 25 | # Always have one page available, plus an extra for overhead, to ensure TCP NFS 26 | # pageout doesn't stall under memory pressure. Default to max unscaled window, 27 | # plus overhead for rmem, since most LAN sockets won't need to scale. 28 | default.sysctl['net.ipv4.tcp_rmem'] = '8192 87380 8388608' 29 | default.sysctl['net.ipv4.tcp_wmem'] = '8192 87380 8388608' 30 | 31 | # Always have enough memory available on a UDP socket for an 8k NFS request, 32 | # plus overhead, to prevent NFS stalling under memory pressure. 16k is still 33 | # low enough that memory fragmentation is unlikely to cause problems. 34 | # if platform_version.to_i >= 5 35 | default.sysctl['net.ipv4.udp_rmem_min'] = '16384' 36 | default.sysctl['net.ipv4.udp_wmem_min'] = '16384' 37 | 38 | # Ensure there's enough memory to actually allocate those massive buffers to a 39 | # socket. 40 | default.sysctl['net.ipv4.tcp_mem'] = '8388608 12582912 16777216' 41 | default.sysctl['net.ipv4.udp_mem'] = '8388608 12582912 16777216' 42 | # end 43 | 44 | # Decrease the time default value for tcp_fin_timeout connection 45 | default.sysctl['net.ipv4.tcp_fin_timeout'] = '30' 46 | 47 | # Decrease the time default value for tcp_keepalive_time connection 48 | default.sysctl['net.ipv4.tcp_keepalive_time'] = '1800' 49 | 50 | # support large window scaling RFC 1323 51 | default.sysctl['net.ipv4.tcp_window_scaling'] = 1 52 | 53 | # syn cookie flood controll enable (blocks a trivial dos) 54 | default.sysctl['net.ipv4.tcp_syncookies'] = 1 55 | 56 | # Filesystem I/O is usually much more efficient than swapping, so try to keep 57 | # swapping low. It's usually safe to go even lower than this on systems with 58 | # server-grade storage. 59 | default.sysctl['vm.swappiness'] = '0' 60 | 61 | # If a workload mostly uses anonymous memory and it hits this limit, the entire 62 | # working set is buffered for I/O, and any more write buffering would require 63 | # swapping, so it's time to throttle writes until I/O can catch up. Workloads 64 | # that mostly use file mappings may be able to use even higher values. 65 | default.sysctl['vm.dirty_ratio'] = '50' 66 | 67 | # Ensure there's always some easily-dropped pagecache if the system is under 68 | # memory pressure from cached files, since it's much faster to page back in than 69 | # swap. 70 | # default.sysctl["vm.pagecache"] = "90" unless node.kernel.release == "2.6.9-42.ELsmp" # don't do this on this kern 71 | 72 | # Controls the System Request debugging functionality of the kernel 73 | default.sysctl['kernel.sysrq'] = 1 74 | 75 | # reboot on panic 76 | default.sysctl['kernel.panic'] = 30 77 | -------------------------------------------------------------------------------- /example/metadata.rb: -------------------------------------------------------------------------------- 1 | name 'sysctl-example' 2 | -------------------------------------------------------------------------------- /example/recipes/example.rb: -------------------------------------------------------------------------------- 1 | 2 | # 3 | # !!!!! NOTE: !!!!!!! This thing overwrites sysctl.conf so if its not in chef it's toast from that file 4 | # 5 | 6 | # basic config 7 | # by default with :write, :set 8 | # and store the value in node[:sysctl] so you can do searches on it 9 | sysctl 'fs.file-max' do 10 | value 110_000 11 | end 12 | 13 | # write this param to /etc/sysctl.conf 14 | # Usefull when you are doing a kernel update or something else 15 | sysctl 'fs.file-max' do 16 | action :write # just write this out to config 17 | value 5000 # set the value 18 | save false # not store in node[:sysctl] 19 | end 20 | 21 | # whee 22 | sysctl 'net.ipv4.ip_forward' do value 0 end 23 | -------------------------------------------------------------------------------- /libraries/matchers.rb: -------------------------------------------------------------------------------- 1 | # rubocop:disable AccessorMethodName 2 | if defined?(ChefSpec) 3 | def set_sysctl(sysctl) 4 | ChefSpec::Matchers::ResourceMatcher.new(:sysctl, :set, sysctl) 5 | end 6 | 7 | def write_sysctl(sysctl) 8 | ChefSpec::Matchers::ResourceMatcher.new(:sysctl, :set, sysctl) 9 | end 10 | end 11 | -------------------------------------------------------------------------------- /metadata.rb: -------------------------------------------------------------------------------- 1 | name 'sysctl' 2 | maintainer 'Jesse Nelson' 3 | maintainer_email 'spheromak@gmail.com' 4 | license 'Apache 2.0' 5 | description 'Configure/Set sysctl paramaters' 6 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 7 | version '2.0.2' 8 | 9 | depends 'accumulator' 10 | -------------------------------------------------------------------------------- /providers/default.rb: -------------------------------------------------------------------------------- 1 | # Cookbook Name:: sysctl 2 | # Provider:: sysctl 3 | # Author:: Jesse Nelson 4 | # 5 | # Copyright 2011, Jesse Nelson 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | require 'chef/mixin/command.rb' 20 | include Chef::Mixin::Command 21 | 22 | def initialize(*args) 23 | super 24 | status, output, error_message = output_of_command('which sysctl', {}) 25 | unless status.exitstatus == 0 26 | Command.handle_command_failures(status, "STDOUT: #{output}\nSTDERR: #{error_message}") 27 | end 28 | 29 | @sysctl = output.chomp 30 | end 31 | 32 | # sysctl -n -e only works on linux (-e at least is missing on mac) 33 | # side effect is that these calls will always try to set/write on other platforms. 34 | # This is ok for now, but prob need to do detection at some point. 35 | # TODO: Make this work on other platforms better 36 | def load_current_resource 37 | # quick & dirty os detection 38 | @sysctl_args = case node[:os] 39 | when 'GNU/Linux', 'Linux', 'linux' 40 | '-n -e' 41 | else 42 | '-n' 43 | end 44 | 45 | # clean up value whitespace when its a string 46 | @new_resource.value.strip! if @new_resource.value.class == String 47 | 48 | # find current value 49 | _status, @current_value, _error_message = output_of_command( 50 | "#{@sysctl} #{@sysctl_args} #{@new_resource.name}", ignore_failure: true) 51 | 52 | Chef::Log.info "#{new_resource.name} -> #{@current_value} := #{new_resource.value}" 53 | end 54 | 55 | # save to node obj if we were asked to 56 | def save_to_node 57 | node.set[:sysctl][:values][@new_resource.name] = @new_resource.value if @new_resource.save == true 58 | end 59 | 60 | # ensure running state 61 | action :set do 62 | # heavy handed type enforcement only wnat to write if they are different ignore inner whitespace 63 | if @current_value.to_s.strip.split != @new_resource.value.to_s.strip.split 64 | # run it 65 | run_command(command: "#{@sysctl} #{@sysctl_args} -w #{@new_resource.name}='#{@new_resource.value}'") 66 | save_to_node 67 | # let chef know its done 68 | @new_resource.updated_by_last_action true 69 | end 70 | end 71 | 72 | # write out a config file 73 | action :write do 74 | # Implemented using the "accumulator" cook 75 | end 76 | -------------------------------------------------------------------------------- /recipes/attribute_driver.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: sysctl 3 | # Recipe:: attribute_driver 4 | # Author:: jesse nelson 5 | # 6 | # This recipe simply reads attributes and drives them with the provider 7 | # 8 | # Copyright 2011, Jesse Nelson 9 | # 10 | # Licensed under the Apache License, Version 2.0 (the "License"); 11 | # you may not use this file except in compliance with the License. 12 | # You may obtain a copy of the License at 13 | # 14 | # http://www.apache.org/licenses/LICENSE-2.0 15 | # 16 | # Unless required by applicable law or agreed to in writing, software 17 | # distributed under the License is distributed on an "AS IS" BASIS, 18 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 | # See the License for the specific language governing permissions and 20 | # limitations under the License. 21 | # 22 | 23 | # values from attributes and roles 24 | node[:sysctl][:values].each_pair do |k, v| 25 | sysctl k do 26 | value v 27 | end 28 | end 29 | 30 | include_recipe 'sysctl::default' 31 | -------------------------------------------------------------------------------- /recipes/default.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: sysctl 3 | # Recipe:: writer 4 | # Author:: jesse nelson 5 | # 6 | # This recipe writes a config to your platform sysctl.conf or sysctl.conf.d 7 | # 8 | # Copyright 2011, Jesse Nelson 9 | # 10 | # Licensed under the Apache License, Version 2.0 (the "License"); 11 | # you may not use this file except in compliance with the License. 12 | # You may obtain a copy of the License at 13 | # 14 | # http://www.apache.org/licenses/LICENSE-2.0 15 | # 16 | # Unless required by applicable law or agreed to in writing, software 17 | # distributed under the License is distributed on an "AS IS" BASIS, 18 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 | # See the License for the specific language governing permissions and 20 | # limitations under the License. 21 | # 22 | 23 | template node[:sysctl][:config_file] do 24 | action :nothing 25 | source 'sysctl.erb' 26 | owner 'root' 27 | group 'root' 28 | mode 0644 29 | variables(sysctl_entries: Array.new) 30 | end 31 | 32 | accumulator 'sysctl.conf' do 33 | target template: node[:sysctl][:config_file] 34 | filter { |resource| resource.is_a? Chef::Resource::Sysctl } 35 | transform do |resources| 36 | list = resources.map { |r| r if r.action.include?(:write) } 37 | list.compact.sort_by { |r| r.name } 38 | end 39 | variable_name :sysctl_entries 40 | end 41 | -------------------------------------------------------------------------------- /recipes/library.rb: -------------------------------------------------------------------------------- 1 | # stub just incase you only want to LWRP 2 | -------------------------------------------------------------------------------- /resources/default.rb: -------------------------------------------------------------------------------- 1 | # Cookbook Name:: sysctl 2 | # Resource:: sysctl 3 | # Author:: Jesse Nelson 4 | # 5 | # Copyright 2011, Jesse Nelson 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | actions :set, :write 20 | attribute :name, kind_of: String, name_attribute: true 21 | attribute :value, kind_of: [String, Fixnum, Integer], default: nil 22 | attribute :save, kind_of: [TrueClass, FalseClass], default: true 23 | 24 | def initialize(*args) 25 | super 26 | @action = [:set, :write] 27 | end 28 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/spheromak/sysctl-cookbook/193b0b263694624723c3aac0cf83d8be10dd0618/spec/spec_helper.rb -------------------------------------------------------------------------------- /templates/default/sysctl.erb: -------------------------------------------------------------------------------- 1 | # 2 | # Sysctl File Generated by chef 3 | # 4 | 5 | <% @sysctl_entries.each do |resource| -%> 6 | <%= resource.name %>=<%= resource.value %> 7 | <% end -%> 8 | -------------------------------------------------------------------------------- /test/cookbooks/sysctl_test/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/spheromak/sysctl-cookbook/193b0b263694624723c3aac0cf83d8be10dd0618/test/cookbooks/sysctl_test/README.md -------------------------------------------------------------------------------- /test/cookbooks/sysctl_test/files/default/tests/minitest/default_test.rb: -------------------------------------------------------------------------------- 1 | 2 | require_relative "./support/helpers" 3 | 4 | describe_recipe 'sysctl_test::default' do 5 | 6 | end 7 | -------------------------------------------------------------------------------- /test/cookbooks/sysctl_test/metadata.rb: -------------------------------------------------------------------------------- 1 | name "sysctl_test" 2 | maintainer "Jesse Nelson" 3 | maintainer_email "spheromak@gmail.com" 4 | license "Apache 2.0" 5 | description "Installs/Configures sysctl_test" 6 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 7 | version "0.0.1" 8 | 9 | depends "sysctl" 10 | -------------------------------------------------------------------------------- /test/cookbooks/sysctl_test/recipes/default.rb: -------------------------------------------------------------------------------- 1 | node.set[:sysctl][:values]= { 2 | "net.ipv4.conf.default.rp_filter" => 1, 3 | "net.ipv4.conf.default.accept_source_route" => 0 4 | } 5 | 6 | include_recipe "sysctl::attribute_driver" 7 | 8 | sysctl "fs.file-max" do 9 | action [:write, :set] 10 | value 110000 11 | save true 12 | end 13 | 14 | sysctl "fs.file-max" do 15 | action :write # just write this out to config 16 | value 5000 # set the value 17 | save false # not store in node[:sysctl] 18 | end 19 | 20 | sysctl "net.ipv4.ip_forward" do 21 | value 0 22 | end 23 | 24 | 25 | -------------------------------------------------------------------------------- /test/integration/default/bats/sysctl.bats: -------------------------------------------------------------------------------- 1 | # vim: set ft=sh: 2 | 3 | @test "sysctl should work" { 4 | sysctl -a 5 | } 6 | 7 | @test "we should have set net.core.rmem_default" { 8 | out=`sysctl net.core.rmem_default` 9 | [ "net.core.rmem_default = 262144" == "$out" ] 10 | } 11 | --------------------------------------------------------------------------------