From 89fc31705deedd5b821295a9ea135d60a5aa81ab Mon Sep 17 00:00:00 2001
From: sgurumurthy <sgurumurthy@juniper.net>
Date: Thu, 15 Sep 2016 12:19:49 -0700
Subject: [PATCH] Closes-Bug: #1621192 Add the system resource settings that
 were present in fab and missing in SM

Change-Id: Iad9b1ee19033633aae07a3ecc9c86837ea46233d
---
 .../modules/contrail/manifests/common.pp      | 10 ++++++
 .../lib/augeas_security_limits_conf_set.pp    | 32 +++++++++++++++++++
 .../modules/contrail/manifests/rabbitmq.pp    |  9 ++++++
 .../contrail/manifests/uninstall_compute.pp   | 18 +++++++++++
 4 files changed, 69 insertions(+)
 create mode 100644 contrail/environment/modules/contrail/manifests/lib/augeas_security_limits_conf_set.pp

diff --git a/contrail/environment/modules/contrail/manifests/common.pp b/contrail/environment/modules/contrail/manifests/common.pp
index 46f64270..f9ae33fb 100644
--- a/contrail/environment/modules/contrail/manifests/common.pp
+++ b/contrail/environment/modules/contrail/manifests/common.pp
@@ -145,4 +145,14 @@
     }
     contain ::contrail::flush_iptables
     contain ::contrail::enable_kernel_core
+    if (("config" in $host_roles) or ("database" in $host_roles) or ("control" in $host_roles) or ("controller" in $host_roles)) {
+      contrail::lib::augeas_security_limits_conf_set { 
+          "root-soft": title => "root-soft", domain => root, type => soft, item => nofile, value =>  65535;
+          "root-hard": title => "root-hard", domain => root, type => hard, item => nofile, value =>  65535;
+          "*-hard-nofile": title => "*-hard-nofile", domain => "*", type => hard, item => nofile, value =>  65535;
+          "*-soft-nofile": title => "*-soft-nofile", domain => "*", type => soft, item => nofile, value =>  65535;
+          "*-hard-nproc": title => "*-hard-nproc", domain => "*", type => hard, item => nproc, value =>  65535;
+          "*-soft-nofile-2": title => "*-soft-nofile-2", domain => "*", type => soft, item => nofile, value =>  65535;
+       }
+    }
 }
diff --git a/contrail/environment/modules/contrail/manifests/lib/augeas_security_limits_conf_set.pp b/contrail/environment/modules/contrail/manifests/lib/augeas_security_limits_conf_set.pp
new file mode 100644
index 00000000..5f5653d5
--- /dev/null
+++ b/contrail/environment/modules/contrail/manifests/lib/augeas_security_limits_conf_set.pp
@@ -0,0 +1,32 @@
+define contrail::lib::augeas_security_limits_conf_set (
+  $title = "default_title",
+  $domain = "root",
+  $type = "soft",
+  $item = "nofile",
+  $value = "10000"
+  ) {
+
+    # guid of this entry
+    $key = "$domain/$type/$item"
+
+    $context = "/files/etc/security/limits.conf"
+
+    $path_list  = "domain[.=\"$domain\"][./type=\"$type\" and ./item=\"$item\"]"
+    $path_exact = "domain[.=\"$domain\"][./type=\"$type\" and ./item=\"$item\" and ./value=\"$value\"]"
+
+    augeas { "limits_conf/${title}":
+       context => "$context",
+       onlyif  => "match $path_exact size != 1",
+       changes => [
+         # remove all matching to the $domain, $type, $item, for any $value
+         "rm $path_list",
+         # insert new node at the end of tree
+         "set domain[last()+1] $domain",
+         # assign values to the new node
+         "set domain[last()]/type $type",
+         "set domain[last()]/item $item",
+         "set domain[last()]/value $value",
+       ]
+     }
+
+}
diff --git a/contrail/environment/modules/contrail/manifests/rabbitmq.pp b/contrail/environment/modules/contrail/manifests/rabbitmq.pp
index c12c5e79..c3ae6653 100644
--- a/contrail/environment/modules/contrail/manifests/rabbitmq.pp
+++ b/contrail/environment/modules/contrail/manifests/rabbitmq.pp
@@ -43,6 +43,15 @@
         $amqp_name_list_shell = join($amqp_name_list, ",")
         $rabbit_env = "NODE_IP_ADDRESS=${host_control_ip}\nNODENAME=rabbit@${::hostname}ctrl\n"
 
+        if ($::operatingsystem == 'Ubuntu') { 
+          file {'/etc/default/rabbitmq-server':
+              ensure => present,
+          } ->
+          file_line { 'RABBITMQ-SERVER-ULIMIT':
+            path => '/etc/default/rabbitmq-server',
+            line => 'ulimit -n 10240',
+          } ~> Service['rabbitmq-server']
+        } 
         if !defined(Service['rabbitmq-server']) {
             if ($::operatingsystem == 'Centos' or $::operatingsystem == 'Fedora') {
                 $svc_en = false
diff --git a/contrail/environment/modules/contrail/manifests/uninstall_compute.pp b/contrail/environment/modules/contrail/manifests/uninstall_compute.pp
index be09fcea..cbfb57d3 100644
--- a/contrail/environment/modules/contrail/manifests/uninstall_compute.pp
+++ b/contrail/environment/modules/contrail/manifests/uninstall_compute.pp
@@ -25,10 +25,28 @@
     $contrail_logoutput = $::contrail::params::contrail_logoutput,
     $contrail_host_roles = $::contrail::params::host_roles,
     $enable_lbaas =  $::contrail::params::enable_lbaas,
+    $enable_dpdk = $::contrail::params::enable_dpdk,
 ) inherits ::contrail::params {
 
     #Determine vrouter package to be installed based on the kernel
     #TODO add DPDK support here
+    if ($enable_dpdk) {
+      mount { '/hugepages':
+        ensure => absent,
+      } ->
+      contrail::lib::augeas_conf_rm { "max_map_count_value_removed":
+        key => 'vm.max_map_count',
+        config_file => '/etc/sysctl.conf',
+        lens_to_use => 'properties.lns',
+      } ->
+      file_line {'fstab_hugetlbfs':
+        ensure  => absent,
+        path    => '/etc/fstab',
+        line    => 'hugetlbfs    /hugepages    hugetlbfs defaults,pagesize=1G       0       0',
+        match   => '^*hugetlbfs.*hugetlbfs.*$',
+        match_for_absence => true,
+      }
+    }
     if ($operatingsystem == 'Ubuntu'){
 
         if ($lsbdistrelease == '14.04') {