feat: add option kernel_ipv4_ping_group_range
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Robert Kaussow 2022-03-20 22:08:44 +01:00
parent 1f1da7cdab
commit 9cc4a9faab
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
4 changed files with 10 additions and 4 deletions

View File

@ -5,7 +5,9 @@ kernel_disable_modules:
kernel_blacklist_modules:
- firewire-core
# @var kernel_ipv4_ping_group_range: $ "_unset"
# @var kernel_ipv4_ping_group_range:example: $ "0 2000000"
kernel_namespace_support_enabled: False
kernel_coredump_enabled: True
kernel_cgroup_v2_enabled: False

View File

@ -5,7 +5,7 @@
become: True
become_user: root
- name: reboot machine
- name: Reboot server
reboot:
reboot_timeout: 600
listen: __kernel_server_restart

View File

@ -1,7 +1,7 @@
---
- include_tasks: kernel.yml
- include_tasks: coredump.yml
when: not kernel_coredump_enabled
when: not (kernel_coredump_enabled | bool)
- include_tasks: cgroup.yml
when:
- ansible_os_family | lower == "redhat"

View File

@ -66,6 +66,10 @@ net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
{% if kernel_namespace_support_enabled %}
{% if kernel_namespace_support_enabled | bool %}
user.max_user_namespaces = 15076
{% endif %}
{% if kernel_ipv4_ping_group_range is defined %}
net.ipv4.ping_group_range={{ kernel_ipv4_ping_group_range }}
{% endif %}