Forge Home


Puppet 4.9+ module for managing kernel settings with sysctl


50,746 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 2.1.0 (latest)
  • 2.0.1
  • 2.0.0 (deleted)
released Jul 7th 2017
This version is compatible with:
  • Puppet Enterprise >= 4.9.0 < 6.0.0
  • Puppet >= 4.9.0 < 6.0.0
  • , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'tpdownes-sysctl', '2.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add tpdownes-sysctl
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install tpdownes-sysctl --version 2.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Tags: os, sysctl


tpdownes/sysctl — version 2.1.0 Jul 7th 2017


Apache 2 notice

This code contains work produced by Matthias Saou with revisions made by Thomas Downes in accordance with the Apache 2.0 license under which it was released. It is re-released under Apache 2.0.

The modifications restructure the code

  • to allow the code to work at all in Puppet 4
  • to take advantage of features only available in Puppet 4
  • to address several issues in the original code that stem from the existence of a sysctl::base class while sysctl itself was a defined resource. The solution chosen was to make sysctl a class that uses a new defined resource sysctl::configuration. It is therefore intentionally not backwards-compatible but the changes are minor and documented below.


Manage sysctl variable values. All changes are immediately applied, configured to be persistent upon reboots, and optionally enforced on every Puppet run to if changes are made outside of this module. Tested on RHEL 6/7 derivatives and Debian 7/8.

  • sysctl: base class that should be included in catalog
  • sysctl::configuration: defined resource that manages specific key/values.

For persistence to work, your OS needs to support looking for sysctl configuration inside /etc/sysctl.d/.

You may optionally enable purging of the /etc/sysctl.d/ directory, so that all files which are not (or no longer) managed by this module will be removed.

You may also force a value to ensure => absent, which will revert a key to its default value upon the next reboot.

If settings for a key exist within /etc/sysctl.conf, they are removed using sed.


Enable IP forwarding globally:

sysctl::configuration { 'net.ipv4.ip_forward':
  value => '1'

or using hiera with hiera_include(classes):

  - sysctl

    value: '1'

Multi-valued settings should be set with a single space between them so that the enforcement on each run can be successful.

    value: '4096 65536 16777216'

Values can be unset so that they return to default at next reboot

sysctl::configuration { 'vm.swappiness':
  ensure => absent

You can enforce the order in which the variables are set by using a prefix:

sysctl::configuration { 'net.ipv4.ip_forward':
  value => '1',
  prefix => '60'

To enable purging of settings not known to this module, you can set sysctl::purge to true (default: false)