[neutron] Adjust neighbour table thresholds

When clouds have a large number of hosts, the default size of the ARP cache is too small. The cache can overflow, which means that the system has no way to reach some IP addresses. Increasing threshold limits addresses the situation, in a reasonably safe way (the maximum impact is 5MB or so of additional RAM used). More context on this issue: * http://man7.org/linux/man-pages/man7/arp.7.html * https://bugs.launchpad.net/charm-nova-compute/+bug/1780348 * https://bugs.launchpad.net/fuel/+bug/1488938 * https://bugs.launchpad.net/tripleo/+bug/1690087 * 0583a0c949 * 3dd21ea62a * 1651a1805a Change-Id: I60c871e8eb9f2c086818ff077987f2390930800c Closes-Bug: #1844349
2019-11-27 16:32:47 +01:00 · 2019-11-27 16:32:47 +01:00 · 4234cc4b5b
commit 4234cc4b5b
parent 692d176cd5
2 changed files with 12 additions and 0 deletions
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -348,6 +348,12 @@ neutron_logging_debug: "{{ openstack_logging_debug }}"
 openstack_neutron_auth: "{{ openstack_auth }}"

 neutron_l3_agent_host_rp_filter_mode: 0
+neutron_l3_agent_host_ipv4_neigh_gc_thresh1: 128
+neutron_l3_agent_host_ipv4_neigh_gc_thresh2: 28672
+neutron_l3_agent_host_ipv4_neigh_gc_thresh3: 32768
+neutron_l3_agent_host_ipv6_neigh_gc_thresh1: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"
+neutron_l3_agent_host_ipv6_neigh_gc_thresh2: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"
+neutron_l3_agent_host_ipv6_neigh_gc_thresh3: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"

 ####################
 # Extension drivers
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@ -8,6 +8,12 @@
    - { name: "net.ipv4.ip_forward", value: 1}
    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
  when:
    - set_sysctl | bool
    - (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)