-
-
Save hiteshjasani/5792ef0d28aeee46b7887278b7786538 to your computer and use it in GitHub Desktop.
ansible sysctl for ec2. perferrably used for 1g nics.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - hosts: localhost | |
| tasks: | |
| - name: update sysctl | |
| action: sysctl state=present reload=yes {{ item }} | |
| with_items: | |
| # max open files | |
| - name=fs.file-max value=65535 | |
| # lets not use swap. | |
| - name=vm.swappiness value=0 | |
| # enable syn coockies. this can actually cause overhead. | |
| - name=net.ipv4.tcp_syncookies value=1 | |
| # This allows reusing sockets in TIME_WAIT state for new connections when it is safe from protocol viewpoint. | |
| - name=net.ipv4.tcp_tw_reuse value=1 | |
| # Max rx/tx buffer size (16M) - defaults high but can scale down. | |
| - name=net.core.rmem_max value=16777216 | |
| - name=net.core.wmem_max value=16777216 | |
| - name=net.core.rmem_default value=16777216 | |
| - name=net.core.wmem_default value=16777216 | |
| - name=net.ipv4.tcp_rmem value="4096 87380 16777216" | |
| - name=net.ipv4.tcp_wmem value="4096 65536 16777216" | |
| # Increase the maximum amount of option memory buffers // specifies the maximum buffer size allowed per socket. | |
| - name=net.core.optmem_max value=40960 | |
| # Increase max number of sockets allowed in TIME_WAIT | |
| - name=net.ipv4.tcp_max_tw_buckets value=2000000 | |
| # Increase max half-open connections | |
| - name=net.ipv4.tcp_max_syn_backlog value=30000 | |
| # Increase max TCP orphans | |
| # These are sockets which have been closed and no longer have a file handle attached to them | |
| - name=net.ipv4.tcp_max_orphans value=262144 | |
| # Max listen queue backlog | |
| - name=net.core.somaxconn value=4096 | |
| # Max number of packets that can be queued on interface input | |
| # If kernel is receiving packets faster than can be processed | |
| # this queue increases | |
| - name=net.core.netdev_max_backlog value=50000 | |
| # Only retry creating TCP connections twice | |
| # Minimize the time it takes for a connection attempt to fail | |
| - name=net.ipv4.tcp_synack_retries value=2 | |
| - name=net.ipv4.tcp_syn_retries value=2 | |
| # Timeout closing of TCP connections after 7 seconds | |
| - name=net.ipv4.tcp_fin_timeout value=7 | |
| # Avoid falling back to slow start after a connection goes idle | |
| # keeps our cwnd(congestion window size) large with the keep alive connections | |
| - name=net.ipv4.tcp_slow_start_after_idle value=0 | |
| # determines the number of probes before timing out | |
| - name=net.ipv4.tcp_keepalive_probes value=5 | |
| # Determines the wait time between isAlive interval probes | |
| - name=net.ipv4.tcp_keepalive_intvl value=3 | |
| # Disable TCP timestamps -- saves 12 bytes | |
| - name=net.ipv4.tcp_timestamps value=0 | |
| # Selective acknowledgements - This option selectively acknowledges each segment in a TCP window. | |
| # This is especially good on very lossy connections (connections that loose a lot of data in the transfer) | |
| # since this makes it possible to only retransmit specific parts of the TCP window which lost data and not | |
| # the whole TCP window as the old standards told us to do. | |
| - name=net.ipv4.tcp_sack value=1 | |
| # Enabling tcp window scaling | |
| # Enabling tcp_window_scaling enables a special TCP option which makes it possible to scale these windows to a larger size, | |
| # and hence reduces bandwidth losses due to not utilizing the whole connection. | |
| - name=net.ipv4.tcp_window_scaling value=1 | |
| # Causes the kernel to actively send RST packets when a service is overloaded. So no data is dropped. | |
| - name=net.ipv4.tcp_abort_on_overflow value=1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment