From 34a1ee44012c4f1353a77552fb6b9657ae20ebd2 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Thu, 18 May 2017 10:46:44 -0700 Subject: [PATCH 1/2] Format the markdown in the readme Signed-off-by: Tim Smith --- README.md | 69 +++++++++++++++++++++++++------------------------------ 1 file changed, 31 insertions(+), 38 deletions(-) diff --git a/README.md b/README.md index 42f5658..88a52d2 100644 --- a/README.md +++ b/README.md @@ -1,38 +1,32 @@ -sysctl cookbook -=============== -[![Cookbook Version](https://img.shields.io/cookbook/v/sysctl.svg?style=flat)](https://supermarket.chef.io/cookbooks/sysctl) -[![Build Status](https://travis-ci.org/sous-chefs/sysctl.svg?branch=master)](https://travis-ci.org/sous-chefs/sysctl) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) +# sysctl cookbook -Description -=========== +[![Cookbook Version](https://img.shields.io/cookbook/v/sysctl.svg?style=flat)](https://supermarket.chef.io/cookbooks/sysctl) [![Build Status](https://travis-ci.org/sous-chefs/sysctl.svg?branch=master)](https://travis-ci.org/sous-chefs/sysctl) [![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) -Set [sysctl](http://en.wikipedia.org/wiki/Sysctl) system control parameters via Chef +# Description +Set [sysctl](http://en.wikipedia.org/wiki/Sysctl) system control parameters via Chef -Platforms -========= +# Platforms -* Debian/Ubuntu (chefdk tested) -* RHEL/CentOS (chefdk tested) -* Scientific Linux -* PLD Linux -* Exherbo -* Arch Linux -* Suse -* FreeBSD 10 +- Debian/Ubuntu (chefdk tested) +- RHEL/CentOS (chefdk tested) +- Scientific Linux +- PLD Linux +- Exherbo +- Arch Linux +- Suse +- FreeBSD 10 -Usage -======= +# Usage There are two main ways to interact with the cookbook. This is via chef [attributes](http://docs.chef.io/attributes.html) or via the provided [LWRP](http://docs.chef.io/lwrp.html). # Cookbook Attributes -* `node['sysctl']['params']` - A namespace for setting sysctl parameters. -* `node['sysctl']['conf_dir']` - Specifies the sysctl.d directory to be used. Defaults to `/etc/sysctl.d` on the Debian and RHEL platform families, otherwise `nil` -* `node['sysctl']['allow_sysctl_conf']` - Defaults to false. Using `conf_dir` is highly recommended. On some platforms that is not supported. For those platforms, set this to `true` and the cookbook will rewrite the `/etc/sysctl.conf` file directly with the params provided. Be sure to save any local edits of `/etc/sysctl.conf` before enabling this to avoid losing them. -* `node['sysctl']['restart_procps']` - Defaults to true. Will allow the consumer of the cookbook to control whether or not to notify procps to restart sysctl to load the newly set values. +- `node['sysctl']['params']` - A namespace for setting sysctl parameters. +- `node['sysctl']['conf_dir']` - Specifies the sysctl.d directory to be used. Defaults to `/etc/sysctl.d` on the Debian and RHEL platform families, otherwise `nil` +- `node['sysctl']['allow_sysctl_conf']` - Defaults to false. Using `conf_dir` is highly recommended. On some platforms that is not supported. For those platforms, set this to `true` and the cookbook will rewrite the `/etc/sysctl.conf` file directly with the params provided. Be sure to save any local edits of `/etc/sysctl.conf` before enabling this to avoid losing them. +- `node['sysctl']['restart_procps']` - Defaults to true. Will allow the consumer of the cookbook to control whether or not to notify procps to restart sysctl to load the newly set values. Note: if `node['sysctl']['conf_dir']` is set to nil and `node['sysctl']['allow_sysctl_conf']` is not set, no config will be written @@ -40,11 +34,9 @@ Note: if `node['sysctl']['conf_dir']` is set to nil and `node['sysctl']['allow_s ## Using Attributes -Setting variables in the `node['sysctl']['params']` hash will allow you to easily set common kernel parameters across a lot of nodes. -All you need to do to have them loaded is to include `sysctl::apply` anywhere in your run list of the node. It is recommended to do this early in the run list, so any recipe that gets applied afterwards that may depend on the set parameters will find them to be set. +Setting variables in the `node['sysctl']['params']` hash will allow you to easily set common kernel parameters across a lot of nodes. All you need to do to have them loaded is to include `sysctl::apply` anywhere in your run list of the node. It is recommended to do this early in the run list, so any recipe that gets applied afterwards that may depend on the set parameters will find them to be set. -The attributes method is easiest to implement if you manage the kernel parameters at the system level opposed to a per cookbook level approach. -The configuration will be written out when `sysctl::apply` gets run, which allows the parameters set to be persisted during a reboot. +The attributes method is easiest to implement if you manage the kernel parameters at the system level opposed to a per cookbook level approach. The configuration will be written out when `sysctl::apply` gets run, which allows the parameters set to be persisted during a reboot. ### Examples @@ -86,6 +78,7 @@ Set vm.swappiness to 20 via sysctl_param LWRP value 20 end ``` + Remove sysctl parameter and set net.ipv4.tcp_fin_timeout back to default ```ruby @@ -107,16 +100,16 @@ To see ohai plugin output manually, you can run `ohai -d /etc/chef/ohai/plugins There are a lot of different documents that talk about system control parameters, the hope here is to point to some of the most useful ones to provide more guidance as to what the possible kernel parameters are and what they mean. -* [Chef OS Hardening Cookbook](https://github.com/dev-sec/chef-os-hardening) -* [Linux Kernel Sysctl](https://www.kernel.org/doc/Documentation/sysctl/) -* [Linux Kernel IP Sysctl](http://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt) -* [Linux Performance links](http://www.brendangregg.com/linuxperf.html) by Brendan Gregg -* [RHEL 7 Performance Tuning Guide](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/Performance_Tuning_Guide/Red_Hat_Enterprise_Linux-7-Performance_Tuning_Guide-en-US.pdf) by Laura Bailey and Charlie Boyle -* [Performance analysis & tuning of Red Hat Enterprise Linux at Red Hat Summit 2015 (video)](https://www.youtube.com/watch?v=ckarvGJE8Qc) slides [part 1](http://videos.cdn.redhat.com/summit2015/presentations/15284_performance-analysis-tuning-of-red-hat-enterprise-linux.pdf) by Jeremy Eder, D. John Shakshober, Larry Woodman and Bill Gray -* [Performance Tuning Linux Instances on EC2 (Nov 2014)](http://www.brendangregg.com/blog/2015-03-03/performance-tuning-linux-instances-on-ec2.html) by Brendan Gregg -* [Part 1: Lessons learned tuning TCP and Nginx in EC2 (Jan 2014)](http://engineering.chartbeat.com/2014/01/02/part-1-lessons-learned-tuning-tcp-and-nginx-in-ec2/) -* [Tuning TCP For The Web at Velocity 2013 (video)](http://vimeo.com/70369211), [slides](http://cdn.oreillystatic.com/en/assets/1/event/94/Tuning%20TCP%20For%20The%20Web%20Presentation.pdf) by Jason Cook -* [THE /proc FILESYSTEM (Jun 2009)](http://www.kernel.org/doc/Documentation/filesystems/proc.txt) +- [Chef OS Hardening Cookbook](https://github.com/dev-sec/chef-os-hardening) +- [Linux Kernel Sysctl](https://www.kernel.org/doc/Documentation/sysctl/) +- [Linux Kernel IP Sysctl](http://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt) +- [Linux Performance links](http://www.brendangregg.com/linuxperf.html) by Brendan Gregg +- [RHEL 7 Performance Tuning Guide](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/Performance_Tuning_Guide/Red_Hat_Enterprise_Linux-7-Performance_Tuning_Guide-en-US.pdf) by Laura Bailey and Charlie Boyle +- [Performance analysis & tuning of Red Hat Enterprise Linux at Red Hat Summit 2015 (video)](https://www.youtube.com/watch?v=ckarvGJE8Qc) slides [part 1](http://videos.cdn.redhat.com/summit2015/presentations/15284_performance-analysis-tuning-of-red-hat-enterprise-linux.pdf) by Jeremy Eder, D. John Shakshober, Larry Woodman and Bill Gray +- [Performance Tuning Linux Instances on EC2 (Nov 2014)](http://www.brendangregg.com/blog/2015-03-03/performance-tuning-linux-instances-on-ec2.html) by Brendan Gregg +- [Part 1: Lessons learned tuning TCP and Nginx in EC2 (Jan 2014)](http://engineering.chartbeat.com/2014/01/02/part-1-lessons-learned-tuning-tcp-and-nginx-in-ec2/) +- [Tuning TCP For The Web at Velocity 2013 (video)](http://vimeo.com/70369211), [slides](http://cdn.oreillystatic.com/en/assets/1/event/94/Tuning%20TCP%20For%20The%20Web%20Presentation.pdf) by Jason Cook +- [THE /proc FILESYSTEM (Jun 2009)](http://www.kernel.org/doc/Documentation/filesystems/proc.txt) # Development From f44f66303c374978ed22f63684fa259edad7cc5f Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Thu, 18 May 2017 10:46:56 -0700 Subject: [PATCH 2/2] Release 0.9.0 Signed-off-by: Tim Smith --- CHANGELOG.md | 268 +++++++++++++++++++++++++-------------------------- metadata.rb | 2 +- 2 files changed, 132 insertions(+), 138 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cf5aaaa..40782ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,185 +1,179 @@ -Sysctl -====== -v0.8.1 (2016-10-29) -------------------- -* [GH-64] Relax ohai cookbook dependency to >= 4 -* Specify ohai version needs to be >= 8 -* [GH-65] Use systemd-sysctl service for ubuntu > 15+ +# Sysctl -v0.8.0 (2016-06-30) -------------------- -* [GH-55] Update README with FreeBSD 10.3 support -* [GH-59] Update to ohai cookbook 4 +## v0.9.0 (2017-05-18) -This cookbook indirectly now requires Chef 12+. -If you require Chef 11 support you'll need to pin to version 0.7.5 in your environment. +- This cookbook is now maintained by Sous-Chefs. See +- Fixed 'ImmutableAttributeModification' error in remove_sysctl_param +- Added a new attribute `node['sysctl']['restart_procps']` to control restarting post change +- Removed deprecated "conflicts" metadata +- Updated the metadata license string to be a SPDX standard license string +- Removed Chef 11 compatibility in the metadata.rb file +- Switched testing to ChefDK instead of test gems in the Gemfile +- Converted ServerSpec tests to InSpec +- Updated ChefSpecs to test against the latest platform releases +- Added testing with Foodcritic and a .foodcritic file to ignore certain failures -v0.7.5 (2016-04-12) -------------------- -* [GH-51] revert FC059: declare use_inline_resources +## v0.8.1 (2016-10-29) -v0.7.4 (2016-04-11) -------------------- -* FC059: declare use_inline_resources +- [GH-64] Relax ohai cookbook dependency to >= 4 +- Specify ohai version needs to be >= 8 +- [GH-65] Use systemd-sysctl service for ubuntu > 15+ -v0.7.3 (2016-04-11) -------------------- -* Added suse to metadata.rb -* Update gem and berkshelf cookbook dependencies +## v0.8.0 (2016-06-30) -v0.7.2 (2016-03-24) -------------------- +- [GH-55] Update README with FreeBSD 10.3 support +- [GH-59] Update to ohai cookbook 4 -* [GH-33] Addd initial Suse 11 & 12 support -* [GH-48] version pin 3.0 of the Ohai cookbook -* [GH-47] Rename key_path local var to key_path_tokens for clarity -* [GH-50] Resolves Rubocop complaint about nested ifs. -* [GH-46] Use fail instead of raise -* Update gem and berkshelf cookbook dependencies +This cookbook indirectly now requires Chef 12+. If you require Chef 11 support you'll need to pin to version 0.7.5 in your environment. -v0.7.0 (2015-12-03) -------------------- +## v0.7.5 (2016-04-12) -* Update gem and berkshelf cookbook dependencies -* Update documentation to suggest using chefdk for development -* Travis now uses ruby 2.1+ -* [GH-8] Update README.md mentioning Archlinux and Exherbo -* [GH-38] Update to ServerSpec2 -* [GH-36] ArchLinux fixes -* [GH-41] RHEL 7 Systemd support updates -* [GH-18] Added note on support for /etc/sysctl.d/ and using it on RHEL 6.2 or later. -* [GH-30] Add support for Ubuntu Vivid (15.04) -* [GH-16] Support ubuntu 14.10 -* [GH-31] Adjust sysctl::apply to use :restart instead of :start for better systemd support +- [GH-51] revert FC059: declare use_inline_resources -v0.6.2 (2014-12-06) -------------------- -* Fix rubocop error and packaging error +## v0.7.4 (2016-04-11) -v0.6.1 (2014-12-06) -------------------- -* [GH-14] Update to chefspec 4.1 , rubocop 27, foodcritic 4 - Update matchers.rb for deprecated chefspec method. -* [GH-13] OneHealth was acquired by Viverae, update Gitter -* [GH-12] Update documentation to reflect inclusion of default recipe for LWRP -* Added initial FreeBSD support -* [GH-7] Added systemd based distros support +- FC059: declare use_inline_resources -v0.6.0 (2014-05-19) -------------------- +## v0.7.3 (2016-04-11) -* Rename `sysctl::persist` to `sysctl::apply` to more clearly reflect usage -* [GH-5] Improve immediate setting of attribute parameters during `sysctl::apply` run +- Added suse to metadata.rb +- Update gem and berkshelf cookbook dependencies -v0.5.6 (2014-05-16) -------------------- +## v0.7.2 (2016-03-24) -* Uploaded development version. +- [GH-33] Addd initial Suse 11 & 12 support +- [GH-48] version pin 3.0 of the Ohai cookbook +- [GH-47] Rename key_path local var to key_path_tokens for clarity +- [GH-50] Resolves Rubocop complaint about nested ifs. +- [GH-46] Use fail instead of raise +- Update gem and berkshelf cookbook dependencies +## v0.7.0 (2015-12-03) -v0.5.4 (2014-05-16) -------------------- +- Update gem and berkshelf cookbook dependencies +- Update documentation to suggest using chefdk for development +- Travis now uses ruby 2.1+ +- [GH-8] Update README.md mentioning Archlinux and Exherbo +- [GH-38] Update to ServerSpec2 +- [GH-36] ArchLinux fixes +- [GH-41] RHEL 7 Systemd support updates +- [GH-18] Added note on support for /etc/sysctl.d/ and using it on RHEL 6.2 or later. +- [GH-30] Add support for Ubuntu Vivid (15.04) +- [GH-16] Support ubuntu 14.10 +- [GH-31] Adjust sysctl::apply to use :restart instead of :start for better systemd support -* Manual upload +## v0.6.2 (2014-12-06) +- Fix rubocop error and packaging error -v0.5.3 (2014-05-16) -------------------- +## v0.6.1 (2014-12-06) -* upload timed out to community cookbook for 0.5.2 +- [GH-14] Update to chefspec 4.1 , rubocop 27, foodcritic 4 + ``` + Update matchers.rb for deprecated chefspec method. + ``` -v0.5.2 (2014-05-16) -------------------- +- [GH-13] OneHealth was acquired by Viverae, update Gitter -* Failed upload to community site +- [GH-12] Update documentation to reflect inclusion of default recipe for LWRP +- Added initial FreeBSD support -v0.5.1 (2014-05-16) -------------------- +- [GH-7] Added systemd based distros support -* Now managed by [Stove](https://github.com/sethvargo/stove) +## v0.6.0 (2014-05-19) +- Rename `sysctl::persist` to `sysctl::apply` to more clearly reflect usage +- [GH-5] Improve immediate setting of attribute parameters during `sysctl::apply` run -v0.5.0 (2014-05-16) -------------------- +## v0.5.6 (2014-05-16) -* BREAKING CHANGE: - For parameters to persist on reboot that are set via attributes, you now need to include - `sysctl::persist` instead of `sysctl::default`. This allows LWRP users to use the cookbook - without needing to load `sysctl::default` in their run list. -* Standardize on using Stove for community site management -* Updated Ubuntu tests to no longer test Lucid and focus on Precise and Trusty -* [GH-3] Improve idempotency with respect to sysctl config file when using lwrps (Michael S. Fischer) -* Added Ohai 7 plugin which exposes sysctl parameters via node['sys'] (Sander van Zoest, Guilhem Lettron) -* Fully switch to serverspec tests, added separate suites for attributes and lwrp invocation +- Uploaded development version. -v0.4.0 (2014-04-04) -------------------- +## v0.5.4 (2014-05-16) -* [GH-24] On RHEL Adjust Init file to follow chkconfig standards (Alex Farhadi) -* [GH-22] lwrp parameters are written to the sysctl config file (Sander van Zoest, Guilhem Lettron) -* Entries in the sysctl config file are now sorted -* Removed Thor development dependency -* Added LWRP Matcher for use with ChefSpec by wrapper cookbooks -* Added ChefSpec 3 unit tests -* Ported bats tests to ServerSpec integration tests -* Use platform_family? in attributes (requires Ohai 0.6.12) -* Renamed ruby_block[sysctl config notifier] to ruby_block[save-sysctl-params] for clarity -* [GH-19] Make sysctl template logic idempotent (Roy Tewalt) +- Manual upload -v0.3.5 (2013-12-10) -------------------- +## v0.5.3 (2014-05-16) -* Scientific Linux 6 support confirmed -* [GH-16] Document and test lwrp action :nothing -* Update to test kitchen 1.1 -* Update to vagrant 1.4 -* Added CentOS 5.10 and 6.5 test boxes +- upload timed out to community cookbook for 0.5.2 -v0.3.4 (2013-11-04) -------------------- +## v0.5.2 (2014-05-16) -* [GH-9] Make changes available immediately (Warren Vosper) -* [GH-8] Added PLD Linux support (not regularily tested) (Elan Ruusam?e) -* Switch to rubocop over tailor -* Modernize Gemfile dependencies and add Guard for development -* Fix FC048: Prefer Mixlib::ShellOut +- Failed upload to community site -v0.3.3 (2013-06-14) -------------------- +## v0.5.1 (2014-05-16) -* More explicitly define conflicting cookbooks and operating systems in metadata.rb -* [GH-6] Fixed any params with spaces throw errors (Mike Pavlenko) +- Now managed by [Stove](https://github.com/sethvargo/stove) -v0.3.2 (2013-05-24) -------------------- +## v0.5.0 (2014-05-16) -* [GH-5] Fixed ImmutableAttributeModification (Mark Pimentel) -* Added LWRP integration tests for test kitchen -* LWRP now sets attributes on the node via node.default, not node.set allowing easier overrides by other cookbooks +- BREAKING CHANGE: For parameters to persist on reboot that are set via attributes, you now need to include `sysctl::persist` instead of `sysctl::default`. This allows LWRP users to use the cookbook without needing to load `sysctl::default` in their run list. +- Standardize on using Stove for community site management +- Updated Ubuntu tests to no longer test Lucid and focus on Precise and Trusty +- [GH-3] Improve idempotency with respect to sysctl config file when using lwrps (Michael S. Fischer) +- Added Ohai 7 plugin which exposes sysctl parameters via node['sys'] (Sander van Zoest, Guilhem Lettron) +- Fully switch to serverspec tests, added separate suites for attributes and lwrp invocation -v0.3.1 (2013-04-26) -------------------- +## v0.4.0 (2014-04-04) -* Added attribute integration tests for test kitchen -* Added alpha RHEL/CentOS support -* Added Travis CI Builds -* Cleaned up foodcritic and tailor complaints +- [GH-24] On RHEL Adjust Init file to follow chkconfig standards (Alex Farhadi) +- [GH-22] lwrp parameters are written to the sysctl config file (Sander van Zoest, Guilhem Lettron) +- Entries in the sysctl config file are now sorted +- Removed Thor development dependency +- Added LWRP Matcher for use with ChefSpec by wrapper cookbooks +- Added ChefSpec 3 unit tests +- Ported bats tests to ServerSpec integration tests +- Use platform_family? in attributes (requires Ohai 0.6.12) +- Renamed ruby_block[sysctl config notifier] to ruby_block[save-sysctl-params] for clarity +- [GH-19] Make sysctl template logic idempotent (Roy Tewalt) -v0.3.0 (2013-04-23) -------------------- +## v0.3.5 (2013-12-10) + +- Scientific Linux 6 support confirmed +- [GH-16] Document and test lwrp action :nothing +- Update to test kitchen 1.1 +- Update to vagrant 1.4 +- Added CentOS 5.10 and 6.5 test boxes + +## v0.3.4 (2013-11-04) + +- [GH-9] Make changes available immediately (Warren Vosper) +- [GH-8] Added PLD Linux support (not regularily tested) (Elan Ruusam?e) +- Switch to rubocop over tailor +- Modernize Gemfile dependencies and add Guard for development +- Fix FC048: Prefer Mixlib::ShellOut + +## v0.3.3 (2013-06-14) + +- More explicitly define conflicting cookbooks and operating systems in metadata.rb +- [GH-6] Fixed any params with spaces throw errors (Mike Pavlenko) + +## v0.3.2 (2013-05-24) + +- [GH-5] Fixed ImmutableAttributeModification (Mark Pimentel) +- Added LWRP integration tests for test kitchen +- LWRP now sets attributes on the node via node.default, not node.set allowing easier overrides by other cookbooks + +## v0.3.1 (2013-04-26) + +- Added attribute integration tests for test kitchen +- Added alpha RHEL/CentOS support +- Added Travis CI Builds +- Cleaned up foodcritic and tailor complaints + +## v0.3.0 (2013-04-23) There is a lot of talk about making one sysctl cookbook. Let's make it happen. -* BREAKING CHANGE: use sysctl.params instead of sysctl.attributes to match LWRP and sysctl standard naming -* [GH-1] Remove 69-chef-static.conf -* New Maintainer: Sander van Zoest, OneHealth -* Update Development environment with Berkshelf, Vagrant, Test-Kitchen +- BREAKING CHANGE: use sysctl.params instead of sysctl.attributes to match LWRP and sysctl standard naming +- [GH-1] Remove 69-chef-static.conf +- New Maintainer: Sander van Zoest, OneHealth +- Update Development environment with Berkshelf, Vagrant, Test-Kitchen -v0.2.0: -------------------- +## v0.2.0: -* [FB-3] - Notify procps start immediately -* [FB-4] - Dynamic configuration file. Add LWRP. -* [FB-5] - Allow Bignums as values +- [FB-3] - Notify procps start immediately +- [FB-4] - Dynamic configuration file. Add LWRP. +- [FB-5] - Allow Bignums as values diff --git a/metadata.rb b/metadata.rb index 95e6186..0bbe6c3 100644 --- a/metadata.rb +++ b/metadata.rb @@ -6,7 +6,7 @@ license 'Apache-2.0' description 'Configures sysctl parameters' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '0.8.1' +version '0.9.0' chef_version '>= 12.5' ohai_version '>= 8'