[MediaWiki-commits] [Gerrit] swift: lower conntrack TIME_WAIT timeout - change (operations/puppet)
Filippo Giunchedi has submitted this change and it was merged. Change subject: swift: lower conntrack TIME_WAIT timeout .. swift: lower conntrack TIME_WAIT timeout Change-Id: Ife278f0aa0283c9001a7fb7ae81f1246fbe3d2e8 --- M modules/swift/manifests/init.pp 1 file changed, 4 insertions(+), 0 deletions(-) Approvals: Filippo Giunchedi: Verified; Looks good to me, approved Muehlenhoff: Looks good to me, but someone else must approve diff --git a/modules/swift/manifests/init.pp b/modules/swift/manifests/init.pp index d34ace2..cd49cbb 100644 --- a/modules/swift/manifests/init.pp +++ b/modules/swift/manifests/init.pp @@ -30,6 +30,10 @@ 'net.ipv4.tcp_max_orphans' = 262144, 'net.ipv4.tcp_synack_retries' = 2, 'net.ipv4.tcp_syn_retries' = 2, + +# even with NOTRACK enabled, conntrack will still keep track +# connections in TIME_WAIT, thus lower the respective timeout +'net.netfilter.nf_conntrack_tcp_timeout_time_wait' = 3, }, } -- To view, visit https://gerrit.wikimedia.org/r/234240 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ife278f0aa0283c9001a7fb7ae81f1246fbe3d2e8 Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Filippo Giunchedi fgiunch...@wikimedia.org Gerrit-Reviewer: Filippo Giunchedi fgiunch...@wikimedia.org Gerrit-Reviewer: Muehlenhoff mmuhlenh...@wikimedia.org Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] swift: lower conntrack TIME_WAIT timeout - change (operations/puppet)
Filippo Giunchedi has uploaded a new change for review. https://gerrit.wikimedia.org/r/234240 Change subject: swift: lower conntrack TIME_WAIT timeout .. swift: lower conntrack TIME_WAIT timeout Change-Id: Ife278f0aa0283c9001a7fb7ae81f1246fbe3d2e8 --- M modules/swift/manifests/init.pp 1 file changed, 4 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/40/234240/1 diff --git a/modules/swift/manifests/init.pp b/modules/swift/manifests/init.pp index d34ace2..cd49cbb 100644 --- a/modules/swift/manifests/init.pp +++ b/modules/swift/manifests/init.pp @@ -30,6 +30,10 @@ 'net.ipv4.tcp_max_orphans' = 262144, 'net.ipv4.tcp_synack_retries' = 2, 'net.ipv4.tcp_syn_retries' = 2, + +# even with NOTRACK enabled, conntrack will still keep track +# connections in TIME_WAIT, thus lower the respective timeout +'net.netfilter.nf_conntrack_tcp_timeout_time_wait' = 3, }, } -- To view, visit https://gerrit.wikimedia.org/r/234240 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ife278f0aa0283c9001a7fb7ae81f1246fbe3d2e8 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Filippo Giunchedi fgiunch...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
