ulimit

Puppet Ulimit module, fork from svarrette/puppet-ulimit

894 downloads

730 latest version

4.7 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.2.0 (latest)
  • 1.1.1
  • 1.1.0 (deleted)
released Feb 20th 2024
This version is compatible with:
  • Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x
  • Puppet >= 7.9.0 < 9.0.0
  • , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'wimvr-ulimit', '1.2.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add wimvr-ulimit
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install wimvr-ulimit --version 1.2.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: ulimit

Documentation

wimvr/ulimit — version 1.2.0 Feb 20th 2024

Ulimit Puppet Module

Puppet Forge License Supported Platforms

  Copyright (c) 2015-2017 Tom De Vylder (aka arioch), Sebastien Varrette (aka Falkor)
  Copyright (c) 2023 Wim van Ravesteijn

ulimit provides control over the resources available to the shell and to processes started by it, on systems that allow such control.

This Puppet module is designed to configure and manage ulimits on your Linux system, mainly with the ulimit::rule definition which permits to define soft and/or hard limits over various domains.

  • The soft limit is the value that the kernel enforces for the corresponding resource.
  • The hard limit acts as a ceiling for the soft limit.

/! IMPORTANT: This module is a fork from Falkor/puppet-ulimit!!! This was done to allow a version release on my own namespace compliant with EL8 until Sebastien/Falkor released the official new version on his module.

In particular, this module implements the following elements:

  • class ulimit: The main class, piloting all aspects of the configuration
  • class ulimit::config: an internal class taking care of global configurations and defaults
  • definition ulimit::rule: permiting to define a rule in '/etc/security/limits.d/'

All these components are configured through a set of variables you will find in manifests/params.pp.

Setup Requirements

This module have been successfully over Puppet 7.x. with:

  • Debian 5 (Lenny)
  • Debian 6 (Squeeze)
  • CentOS 5
  • CentOS 6
  • CentOS 7
  • CentOS 8
  • RedHat 6
  • RedHat 7
  • RedHat 8
  • AlmaLinux 8
  • Rocky 8

Yet feel free to contribute to this module to help us extending the usage of this module.

Forge Module Dependencies

See metadata.json. In particular, this module depends on

Overview and Usage

See also tests/rule.pp


include ::ulimit

::ulimit::rule{ 'example1':
  ulimit_domain => '*',
  ulimit_type   => 'soft',
  ulimit_item   => 'nofile',
  ulimit_value  => '1024',
}

This will create the file /etc/security/limits.d/80_example1.conf with the following content:

  *       soft         nofile      1024

include ::ulimit

::ulimit::rule{ 'example2':
  ulimit_domain => '*',
  ulimit_type   => 'soft',
  ulimit_item   => 'nofile',
  ulimit_value  => '1024',
}

This will create the file /etc/security/limits.d/80_example2.conf with the following content:

    *       hard         nproc        1024
    *       hard         nofile       1024

::ulimit::rule{ 'slurm':
   ensure        => 'present',
   ulimit_domain => '*',
   ulimit_type   => [ 'soft', 'hard' ],
   ulimit_item   => [ 'memlock', 'stack' ],
   ulimit_value  => 'unlimited',
}

This will create the file /etc/security/limits.d/80_slurm.conf with the following content:

   *       soft         memlock      unlimited
   *       soft         stack        unlimited
   *       hard         memlock      unlimited
   *       hard         stack        unlimited

::ulimit::rule{ 'slurm-nproc':
   ensure        => 'present',
   priority      => 50,
   ulimit_domain => '*',
   ulimit_type   => [ 'soft', 'hard' ],
   ulimit_item   => 'nproc',
   ulimit_value  => '10240',
}

This statement should create /etc/security/limits.d/50_slurm-nproc.conf with the following content:

    *       soft         nproc        10240
    *       hard         nproc        10240

You can also pass the content yourself -- below statement will create /etc/security/limits.d/60_content.conf with that content

::ulimit::rule{ 'content':
   ensure   => 'present',
   priority => 60,
   content  => template('ulimit/test.erb'),
}

... or pass directly the source file -- below statement will create /etc/security/limits.d/70_source.conf with that content:

::ulimit::rule{ 'source':
   ensure   => 'present',
   priority => 70,
   source   => 'puppet:///modules/ulimit/test.conf',
}

Caveats

By default the module will purge any settings that are not managed by Puppet. While not advised you can disable this feature:

node /box/ {
  class { 'ulimit':
    purge => false,
  }
}

Developments / Contributing to the code

You are more than welcome to contribute to the development of this module. Kindly proceed as follows:

  1. Fork it
  2. Create your feature branch (git checkout -b feature/<name>)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git flow feature publish <name>)
  5. Create new Pull request.

Puppet modules tests within a Vagrant box

The best way to test this module in a non-intrusive way is to rely on Vagrant. The Vagrantfile at the root of the repository pilot the provisioning various vagrant boxes available on Vagrant cloud you can use to test this module.

Licence

This project and the sources proposed within this repository are released under the terms of the Apache-2.0 licence.

Licence