Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x
- Puppet >= 7.9.0 < 9.0.0
- , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'wimvr-ulimit', '1.2.0'Learn more about managing modules with a PuppetfileDocumentation
Ulimit Puppet Module
Copyright (c) 2015-2017 Tom De Vylder (aka arioch), Sebastien Varrette (aka Falkor)
Copyright (c) 2023 Wim van Ravesteijn
ulimit provides control over the resources available to the shell and to processes started by it, on systems that allow such control.
This Puppet module is designed to configure and manage ulimits on your Linux system, mainly with the ulimit::rule definition which permits to define soft and/or hard limits over various domains.
- The soft limit is the value that the kernel enforces for the corresponding resource.
- The hard limit acts as a ceiling for the soft limit.
/! IMPORTANT: This module is a fork from Falkor/puppet-ulimit!!!
This was done to allow a version release on my own namespace compliant with EL8 until Sebastien/Falkor released the official new version on his module.
In particular, this module implements the following elements:
- class
ulimit: The main class, piloting all aspects of the configuration - class
ulimit::config: an internal class taking care of global configurations and defaults - definition
ulimit::rule: permiting to define a rule in'/etc/security/limits.d/'
All these components are configured through a set of variables you will find in manifests/params.pp.
Setup Requirements
This module have been successfully over Puppet 7.x. with:
- Debian 5 (Lenny)
- Debian 6 (Squeeze)
- CentOS 5
- CentOS 6
- CentOS 7
- CentOS 8
- RedHat 6
- RedHat 7
- RedHat 8
- AlmaLinux 8
- Rocky 8
Yet feel free to contribute to this module to help us extending the usage of this module.
Forge Module Dependencies
See metadata.json.
In particular, this module depends on
Overview and Usage
See also tests/rule.pp
include ::ulimit
::ulimit::rule{ 'example1':
ulimit_domain => '*',
ulimit_type => 'soft',
ulimit_item => 'nofile',
ulimit_value => '1024',
}
This will create the file /etc/security/limits.d/80_example1.conf with the following content:
* soft nofile 1024
include ::ulimit
::ulimit::rule{ 'example2':
ulimit_domain => '*',
ulimit_type => 'soft',
ulimit_item => 'nofile',
ulimit_value => '1024',
}
This will create the file /etc/security/limits.d/80_example2.conf with the following content:
* hard nproc 1024
* hard nofile 1024
::ulimit::rule{ 'slurm':
ensure => 'present',
ulimit_domain => '*',
ulimit_type => [ 'soft', 'hard' ],
ulimit_item => [ 'memlock', 'stack' ],
ulimit_value => 'unlimited',
}
This will create the file /etc/security/limits.d/80_slurm.conf with the
following content:
* soft memlock unlimited
* soft stack unlimited
* hard memlock unlimited
* hard stack unlimited
::ulimit::rule{ 'slurm-nproc':
ensure => 'present',
priority => 50,
ulimit_domain => '*',
ulimit_type => [ 'soft', 'hard' ],
ulimit_item => 'nproc',
ulimit_value => '10240',
}
This statement should create /etc/security/limits.d/50_slurm-nproc.conf with the following content:
* soft nproc 10240
* hard nproc 10240
You can also pass the content yourself -- below statement will create /etc/security/limits.d/60_content.conf with that content
::ulimit::rule{ 'content':
ensure => 'present',
priority => 60,
content => template('ulimit/test.erb'),
}
... or pass directly the source file -- below statement will create /etc/security/limits.d/70_source.conf with that content:
::ulimit::rule{ 'source':
ensure => 'present',
priority => 70,
source => 'puppet:///modules/ulimit/test.conf',
}
Caveats
By default the module will purge any settings that are not managed by Puppet. While not advised you can disable this feature:
node /box/ {
class { 'ulimit':
purge => false,
}
}
Developments / Contributing to the code
You are more than welcome to contribute to the development of this module. Kindly proceed as follows:
- Fork it
- Create your feature branch (
git checkout -b feature/<name>) - Commit your changes (
git commit -am 'Added some feature') - Push to the branch (
git flow feature publish <name>) - Create new Pull request.
Puppet modules tests within a Vagrant box
The best way to test this module in a non-intrusive way is to rely on Vagrant.
The Vagrantfile at the root of the repository pilot the provisioning various vagrant boxes available on Vagrant cloud you can use to test this module.
Licence
This project and the sources proposed within this repository are released under the terms of the Apache-2.0 licence.
Changelog
All notable changes to this project will be documented in this file.
Release 1.2.0
Features
- Added EL9 support
- Drop EL6 support
- Puppet 8 support / Drop Puppet 6
Release 1.1.1
Bugfixes
- Not all parameters in ulimit::rule are required
Release 1.1.0
Features
- Added EL8 support, including AlmaLinux and Rocky
- Allow stdlib until v10.0
- PDK update
Bugfixes
- Deprecation fixes
- Validation errors and warnings
Dependencies
- puppetlabs-stdlib (>=4.2.2 <10.0.0)
Copyright (C) 2012-2017 Tom De Vylder, Sebastien Varrette
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.