X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fkernel.yaml;h=fec455d1c9ad0901573933681eb30e51294b2536;hb=35ccc61dbeaa246278a9466a3b40736f157f827b;hp=2f01578e94eba6164964ca1174f8f2d5e10df169;hpb=5af569abb6922efbb6fee8198d8cd7cc741e1499;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml
index 2f01578e..fec455d1 100644
--- a/puppet/services/kernel.yaml
+++ b/puppet/services/kernel.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
 
 description: >
   Load kernel modules with kmod and configure kernel options with sysctl.
@@ -18,6 +18,10 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  KernelPidMax:
+    default: 1048576
+    description: Configures sysctl kernel.pid_max key
+    type: number
 
 outputs:
   role_data:
@@ -27,6 +31,7 @@ outputs:
       config_settings:
         kernel_modules:
           nf_conntrack: {}
+          ip_conntrack_proto_sctp: {}
         sysctl_settings:
           net.ipv4.tcp_keepalive_intvl:
             value: 1
@@ -39,11 +44,17 @@ outputs:
           net.netfilter.nf_conntrack_max:
             value: 500000
           # prevent neutron bridges from autoconfiguring ipv6 addresses
+          net.ipv6.conf.all.accept_ra:
+            value: 0
           net.ipv6.conf.default.accept_ra:
             value: 0
+          net.ipv6.conf.all.autoconf:
+            value: 0
           net.ipv6.conf.default.autoconf:
             value: 0
           net.core.netdev_max_backlog:
             value: 10000
+          kernel.pid_max:
+            value: {get_param: KernelPidMax}
       step_config: |
         include ::tripleo::profile::base::kernel