Setting multiple values in sysctl with Ansible

Asked 28/2, 2019 at 18:57 Answered 17/1 at 14:37

I have a playbook with several tasks setting values to sysctl. Instead of having a task for each setting, how can I set all the values with one task, using the sysctl module?

Playbook snippet:

- name: Set tcp_keepalive_probes in sysctl
  become: yes
  sysctl:
    name: net.ipv4.tcp_keepalive_probes
    value: 3
    state: present
    reload: yes

- name: Set tcp_keepalive_intvl in sysctl
  become: yes
  sysctl:
    name: net.ipv4.tcp_keepalive_intvl
    value: 10
    state: present
    reload: yes

- name: Set rmem_default in sysctl
  become: yes
  sysctl:
    name: net.core.rmem_default
    value: 16777216
    state: present
    reload: yes

Mythos answered 28/2, 2019 at 18:57 Comment(0)

define all the variables in a var file:

e.g.

sysctl:
  - name: test
    value: test

... ...

playbook:

- hosts: "{{ }}"
  tasks: 
    - name: update sysctl param
      sysctl:
        name: "{{ item.name }}"
        value: "{{ item.value }}"
        state: present
        reload: yes
      with_items:
        - "{{ hosts }}"

Gamaliel answered 28/2, 2019 at 19:11 Comment(3)

The with_subelements was giving this error: subelements lookup expects a list of two or three items. Replacing that with with_items worked. – Mythos 4/3, 2019 at 16:40

yes..my bad subelements is used for nested dict. with_items is sufficient for this case – Gamaliel 4/3, 2019 at 18:11

since ansible 2.7 you should use loop: in order than with_items – Tantrum 3/10, 2019 at 7:2

Simple solution: define variable as a dict

Example playbook:

---
- hosts: all
  gather_facts: false
  become: true
  vars:
    ansible_python_interpreter: /usr/bin/python3
    sysctl_config:
      net.ipv4.ip_forward: 1
      net.ipv4.conf.all.forwarding: 1
      net.ipv6.conf.all.forwarding: 1

  tasks:
   - name: Change various sysctl-settings
     sysctl:
       name: '{{ item.key }}'
       value: '{{ item.value }}'
       sysctl_set: yes
       state: present
       reload: yes
       ignoreerrors: yes
     with_dict: '{{ sysctl_config }}'

Output:

TASK [Change various sysctl-settings] **********************************************************************************************************************************************************************
changed: [10.10.10.10] => (item={'key': 'net.ipv4.ip_forward', 'value': 1}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "key": "net.ipv4.ip_forward",
        "value": 1
    }
}
changed: [10.10.10.10] => (item={'key': 'net.ipv4.conf.all.forwarding', 'value': 1}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "key": "net.ipv4.conf.all.forwarding",
        "value": 1
    }
}
changed: [10.10.10.10] => (item={'key': 'net.ipv6.conf.all.forwarding', 'value': 1}) => {
    "ansible_loop_var": "item",
    "changed": true,
    "item": {
        "key": "net.ipv6.conf.all.forwarding",
        "value": 1
    }
}

Hygienic answered 5/9, 2019 at 14:50 Comment(0)

define all the variables in a var file:

e.g.

sysctl:
  - name: test
    value: test

... ...

playbook:

- hosts: "{{ }}"
  tasks: 
    - name: update sysctl param
      sysctl:
        name: "{{ item.name }}"
        value: "{{ item.value }}"
        state: present
        reload: yes
      with_items:
        - "{{ hosts }}"

Gamaliel answered 28/2, 2019 at 19:11 Comment(3)

The with_subelements was giving this error: subelements lookup expects a list of two or three items. Replacing that with with_items worked. – Mythos 4/3, 2019 at 16:40

yes..my bad subelements is used for nested dict. with_items is sufficient for this case – Gamaliel 4/3, 2019 at 18:11

since ansible 2.7 you should use loop: in order than with_items – Tantrum 3/10, 2019 at 7:2

now with ansible [core 2.16.2] i could do it with vars:

k8s_nodes_sysctls:
  - { name: net.bridge.bridge-nf-call-iptables, value: 1 }
  - { name: net.bridge.bridge-nf-call-ip6tables, value: 1 }
  - { name: net.ipv4.ip_forward, value: 1 }

and task:

- name: set sysctl params
  ansible.posix.sysctl:
    reload: true
    state: present
    sysctl_file: /etc/sysctl.conf
    name: "{{ item.name }}"
    value: "{{ item.value }}"
  loop: "{{ k8s_nodes_sysctls }}"

Nonagenarian answered 17/1 at 14:37 Comment(0)

playbook:

playbook:

Recommended topics

Hot tags