Ansible sysctl Module: Set Linux Kernel Parameters (Persistent)
By Luca Berton · Published 2024-01-01 · Category: troubleshooting
Configure Linux kernel parameters with Ansible ansible.posix.sysctl module. Set net, vm, fs parameters persistently with validation and rollback examples.
How to set the sysctl kernel parameters with Ansible? I'm going to show you a live Playbook and some simple Ansible code. I'm Luca Berton and welcome to today's episode of Ansible Pilot.
Ansible set sysctl kernel parameters • ansible.posix.sysctl • Manage entries in sysctl.conf
Today we're talking about the Ansible module sysctl. The full name is ansible.posix.sysctl, which means that is part of the collection of modules "ansible.posix" to interact with POSIX platforms. The purpose of the module is to manage entries in the sysctl.conf file.
Parameters • name string (key) - Parameter name • value string - Parameter value • reload boolean - yes/no • state string - present/absent • sysctl_file string - "/etc/sysctl.conf" • sysctl_set string - no/yes - sysctl -w • ignoreerrors boolean - no/yes
Let me summarize the parameters of sysctl module. The only required is "name", where you specify the parameter name to access or edit. The parameter "value" sets the value of the sysctl parameter. The parameter "reload", default to yes, reload the configuration file if any changes occur. The parameter "state" sets the presence or absence of the parameter in the sysctl file. The parameter "sysctl_file" allows specifying the configuration file for sysctl, default to "/etc/sysctl.conf". The parameter "sysctl_set" allows you to configure a parameter permanently, that survives after reboot. The parameter "ignoreerrors" allow you to ignore errors about unknown keys, default to "no".
Links https://docs.ansible.com/ansible/latest/collections/ansible/posix/sysctl_module.html
## Playbook
Ansible set sysctl kernel parameters.
code
execution
idempotency
before execution
after execution
Conclusion
Now you know how to set or verify sysctl kernel parameters with Ansible.
Set Kernel Parameter
Common Network Tuning
Memory Tuning
Security Hardening
Docker/Kubernetes Prerequisites
Custom Config File
Read Current Value
Module Parameters
| Parameter | Description | |-----------|-------------| | name | Sysctl parameter name | | value | Value to set | | state | present or absent | | sysctl_set | Apply immediately (not just write file) | | reload | Reload sysctl after change | | sysctl_file | Config file (default: /etc/sysctl.conf) | | ignoreerrors | Ignore sysctl errors |
FAQ
Will changes survive reboot?
Yes — the module writes to /etc/sysctl.conf (or specified file) AND applies immediately when sysctl_set: true and reload: true.
"sysctl: permission denied" error?
You need become: true. Kernel parameters require root access.
How do I revert a change?
Set state: absent to remove from config file, then run sysctl --system to reload:
Related Articles • Ansible Become Guide • Ansible Inventory Guide • Ansible Ignore Errors Guide • Ansible Roles Guide
Category: troubleshooting
Watch the video: Ansible sysctl Module: Set Linux Kernel Parameters (Persistent) — Video Tutorial