sysctl module doesn't load new settings the first time
I attempted to introduce a new setting in !2707 (diffs), but noticed sysctl
didn't actually load the setting at first. The reason is that the symlink to /etc/sysctl.d
isn't included until after the notifies :run
call is made: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/144ce62c6b540dd40a4302aa1cf8f4f42d43f493/files/gitlab-cookbooks/package/resources/sysctl.rb#L37
* sysctl[net.ipv4.tcp_max_syn_backlog] action create
* directory[create /etc/sysctl.d for net.ipv4.tcp_max_syn_backlog] action create (up to date)
* file[create /opt/gitlab/embedded/etc/90-omnibus-gitlab-net.ipv4.tcp_max_syn_backlog.conf net.ipv4.tcp_max_syn_backlog] action create
- create new file /opt/gitlab/embedded/etc/90-omnibus-gitlab-net.ipv4.tcp_max_syn_backlog.conf
- update content in file /opt/gitlab/embedded/etc/90-omnibus-gitlab-net.ipv4.tcp_max_syn_backlog.conf from none to cc3f97
--- /opt/gitlab/embedded/etc/90-omnibus-gitlab-net.ipv4.tcp_max_syn_backlog.conf 2018-08-27 10:12:05.720490775 +0000
+++ /opt/gitlab/embedded/etc/.chef-90-omnibus-gitlab-net20180827-386-1tp68p1.ipv4.tcp_max_syn_backlog.conf 2018-08-27 10:12:05.720490775 +0000
@@ -1 +1,2 @@
+net.ipv4.tcp_max_syn_backlog = 1024
* execute[load sysctl conf net.ipv4.tcp_max_syn_backlog] action run
[execute] net.core.rmem_max = 209715200
kernel.printk = 4 4 1 7
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
kernel.kptr_restrict = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
kernel.sysrq = 176
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syncookies = 1
kernel.yama.ptrace_scope = 1
vm.mmap_min_addr = 65536
kernel.sem = 250 32000 32 262
kernel.shmall = 4194304
kernel.shmmax = 17179869184
net.core.somaxconn = 1024
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.default.use_tempaddr = 0
vm.mmap_min_addr = 65536
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
net.ipv4.tcp_rfc1337 = 1
kernel.randomize_va_space = 2
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
kernel.kptr_restrict = 1
kernel.yama.ptrace_scope = 1
kernel.perf_event_paranoid = 2
net.core.rmem_max = 209715200
- execute cat /etc/sysctl.conf /etc/sysctl.d/*.conf | sysctl -e -p -
* link[/etc/sysctl.d/90-omnibus-gitlab-net.ipv4.tcp_max_syn_backlog.conf] action create