GithubHelp home page GithubHelp logo

siroibaf / chef-ulimit Goto Github PK

View Code? Open in Web Editor NEW

This project forked from bmhatfield/chef-ulimit

0.0 3.0 1.0 98 KB

This is a simple chef cookbook that provides a defintion for managing user_ulimit settings.

License: Apache License 2.0

Ruby 73.43% HTML 26.57%

chef-ulimit's Introduction

ulimit Cookbook

Build Status Cookbook Version

This cookbook provides resources for managing ulimits configuration on nodes.

  • user_ulimit resource for overriding various ulimit settings. It places configured templates into /etc/security/limits.d/, named for the user the ulimit applies to.
  • ulimit_domain which allows for configuring complex sets of rules beyond those supported by the user_ulimit resource.

The cookbook also includes a recipe (default.rb) which allows ulimit overrides with the 'su' command on Ubuntu.

Requirements

Platforms

  • Debian/Ubuntu and derivatives
  • RHEL/Fedora and derivatives

Chef

  • Chef 12.7+

Cookbooks

  • none

Attributes

  • node['ulimit']['pam_su_template_cookbook'] - Defaults to nil (current cookbook). Determines what cookbook the su pam.d template is taken from
  • node['ulimit']['users'] - Defaults to empty Mash. List of users with their limits, as below.

Default Recipe

Instead of using the user_ulimit resource directly you may define user ulimits via node attributes. The definition may be made via an environment file, a role file, or in a wrapper cookbook. Note: The preferred way to use this cookbook is by directly defining resources as it is much easier to troubleshoot and far more robust.

Example role configuration:

"default_attributes": {
   "ulimit": {
      "users": {
         "tomcat": {
            "filehandle_limit": 8193,
               "process_limit": 61504
             },
            "hbase": {
               "filehandle_limit": 32768
             }
       }
    }
 }

To specify a change for all users change specify a wildcard resource or user name like so user_ulimit "*"

Resources

user_ulimit

The user_ulimit resource creates individual ulimit files that are installed into the /etc/security/limits.d/ directory.

Actions:

  • create
  • delete

Properties

  • username - Optional property to set the username if the resource name itself is not the username. See the example below.
  • filename - Optional filename to use instead of naming the file based on the username
  • filehandle_limit -
  • filehandle_soft_limit -
  • filehandle_hard_limit -
  • process_limit -
  • process_soft_limit -
  • process_hard_limit -
  • memory_limit -
  • core_limit -
  • core_soft_limit -
  • core_hard_limit -
  • stack_soft_limit -
  • stack_hard_limit -
  • rtprio_limit -
  • rtprio_soft_limit -
  • rtprio_hard_limit -

Examples

Example of a resource where the resource name is the username:

user_ulimit "tomcat" do
  filehandle_limit 8192 # optional
  filehandle_soft_limit 8192 # optional; not used if filehandle_limit is set)
  filehandle_hard_limit 8192 # optional; not used if filehandle_limit is set)
  process_limit 61504 # optional
  process_soft_limit 61504 # optional; not used if process_limit is set)
  process_hard_limit 61504 # optional; not used if process_limit is set)
  memory_limit 1024 # optional
  core_limit 2048 # optional
  core_soft_limit 1024 # optional
  core_hard_limit 'unlimited' # optional
  stack_soft_limit 2048 # optional
  stack_hard_limit 2048 # optional
  rtprio_limit 60 # optional
  rtprio_soft_limit 60 # optional
  rtprio_hard_limit 60 # optional
end

Example where the resource name is not the username:

user_ulimit 'set filehandle ulimits for our tomcat user' do
  username 'tomcat'
  filehandle_soft_limit 8192
  filehandle_hard_limit 8192
end

ulimit_domain

Note: The ulimit_domain resource creates files named after the domain with no modifiers by default. To override this behavior, specify the filename parameter to the resource.

Actions:

  • create
  • delete

Examples:

ulimit_domain 'my_user' do
  rule do
    item :nofile
    type :hard
    value 10000
  end
  rule do
    item :nofile
    type :soft
    value 5000
  end
end

chef-ulimit's People

Contributors

abhiyerra avatar backslasher avatar bmhatfield avatar brianbianco avatar chrisroberts avatar dwradcliffe avatar jjlimepoint avatar kpumuk avatar markgibbons avatar moperacz avatar nhajratw avatar portertech avatar pushrax avatar siroibaf avatar szymonpk avatar tas50 avatar tkakantousis avatar tomdoherty avatar troyready avatar wolf31o2 avatar

Watchers

avatar avatar avatar

Forkers

logicalclocks

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.