puppet: Increase backlogged socket count based on uwsgi backlog.

Increasing the uwsgi listen backlog is intended to allow it to handle
higher connection rates during server restart, when many clients may
be trying to connect.  The kernel, in turn, needs to have a
proportionally increased somaxconn soas to not refuse the connection.

Set somaxconn to 2x the uwsgi backlog, but no lower than the
default (128).
This commit is contained in:
Alex Vandiver 2020-07-23 20:31:32 -07:00 committed by Tim Abbott
parent 0e90442d8b
commit ceb909dbc5
2 changed files with 18 additions and 0 deletions

View File

@ -96,6 +96,7 @@ class zulip::app_frontend_base {
$uwsgi_listen_backlog_limit = zulipconf('application_server', 'uwsgi_listen_backlog_limit', 128) $uwsgi_listen_backlog_limit = zulipconf('application_server', 'uwsgi_listen_backlog_limit', 128)
$uwsgi_buffer_size = zulipconf('application_server', 'uwsgi_buffer_size', 8192) $uwsgi_buffer_size = zulipconf('application_server', 'uwsgi_buffer_size', 8192)
$uwsgi_processes = zulipconf('application_server', 'uwsgi_processes', $uwsgi_default_processes) $uwsgi_processes = zulipconf('application_server', 'uwsgi_processes', $uwsgi_default_processes)
$somaxconn = 2 * $uwsgi_listen_backlog_limit
file { '/etc/zulip/uwsgi.ini': file { '/etc/zulip/uwsgi.ini':
ensure => file, ensure => file,
require => Package[supervisor], require => Package[supervisor],
@ -105,6 +106,21 @@ class zulip::app_frontend_base {
content => template('zulip/uwsgi.ini.template.erb'), content => template('zulip/uwsgi.ini.template.erb'),
notify => Service[$zulip::common::supervisor_service], notify => Service[$zulip::common::supervisor_service],
} }
file { '/etc/sysctl.d/40-uwsgi.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('zulip/sysctl.d/40-uwsgi.conf.erb'),
}
exec { 'sysctl_p_uwsgi':
command => '/sbin/sysctl -p /etc/sysctl.d/40-uwsgi.conf',
subscribe => File['/etc/sysctl.d/40-uwsgi.conf'],
refreshonly => true,
# We have to protect against running in Docker and other
# containerization which prevents adjusting these.
onlyif => 'touch /proc/sys/net/core/somaxconn',
}
file { '/home/zulip/tornado': file { '/home/zulip/tornado':
ensure => directory, ensure => directory,

View File

@ -0,0 +1,2 @@
# Allow larger listen backlog
net.core.somaxconn=<%= [128, @somaxconn].max %>