How to set sysctl variables at CoreOS cloud-init?

Question

I'm looking for a way to set CoreOS sysctl settings during its cloud-init stage.

The CoreOS version of cloud-init only allows for a handful of configuration directives and is not the same as the regular cloud-init. For example, there is no runcmd section (see http://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/).

systemd provides a way to manage sysctl settings though files (http://www.freedesktop.org/software/systemd/man/sysctl.d.html). I am using the CoreOS cloud-init write_files section to create a file at /etc/sysctl.d/50-nf_conntrack.conf. But it won't be picked up because the CoreOS cloud configuration happens after the sysctl.d configuration has already taken place.

Perhaps I could somehow use another systemd unit file to restart the sysctl.d unit? How could this be accomplished?

@alexus - it's clear enough to me. What are you having difficulty understanding? — EEAA, Jun 10 '14 at 22:23
I added some more context and tried to make it a little more clear (with my specific use case). — Andy Shinn, Jun 11 '14 at 00:22

score 3 · Accepted Answer · edited Jan 03 '16 at 10:36

3

See answer on CoreOS github issue tracker: https://github.com/coreos/bugs/issues/747#issuecomment-142764415

There might be a simpler way in future, but for now you can simply write a unit to invoke systemd-sysctl during cloudinit; it'll be started after any files specified in write_files are written:
#cloud-config 
.... 
coreos:
  units:
    - name: update-sysctl.service
      command: start
      content: |
        [Unit]
        Description=Update sysctl values written by cloud-config
        [Service]
        ExecStart=/usr/lib/systemd/systemd-sysctl ...

edited Jan 03 '16 at 10:36

DanArl

2,511
1
10
6

answered Jun 25 '14 at 00:19

IanB

261
2
9

Thanks! I didn't realize the `write_files` actually happens before units. – Andy Shinn Jun 25 '14 at 02:39

score 2 · Answer 2 · answered Nov 09 '14 at 16:17

Thanks for others for some tips.

You can do this to run arbitrary commands similar to runcmd.

- name: runcmd.service
  command: start
  content: |
    [Unit]
    Description=Runs a command

    [Service]
    Type=oneshot
    ExecStart=/bin/sh -c "touch /etc/environment;"

score 0 · Answer 3 · answered Jun 11 '14 at 00:27

0

You can simply call sysctl on the file yourself to make the settings take effect immediately, and the configuration file will be used for later reboots (if your instance is persistent).

I'd use a run command for this.

runcmd:
- sysctl -p /etc/sysctl.d/50-nf_conntrack.conf

answered Jun 11 '14 at 00:27

Michael Hampton

237,123
42
477
940

2

The CoreOS `cloud-init` has limited keys available, and `runcmd` or `bootcmd` are not in the list. – Andy Shinn Jun 11 '14 at 00:34
Figures they'd do something strange. You might have to force a reboot to get this applied. cloud-init doesn't seem to have any way to start or restart services directly. – Michael Hampton Jun 11 '14 at 00:39

How to set sysctl variables at CoreOS cloud-init?

3 Answers3