How to set the sysctl kernel parameters with Ansible?

I’m going to show you a live Playbook and some simple Ansible code. I’m Luca Berton and welcome to today’s episode of Ansible Pilot.

Ansible set sysctl kernel parameters

  • ansible.posix.sysctl
  • Manage entries in sysctl.conf

Today we’re talking about the Ansible module sysctl. The full name is ansible.posix.sysctl, which means that is part of the collection of modules “ansible.posix” to interact with POSIX platforms. The purpose of the module is to manage entries in the sysctl.conf file.

Parameters

  • name string (key) - Parameter name
  • value string - Parameter value
  • reload boolean - yes/no
  • state string - present/absent
  • sysctl_file string - “/etc/sysctl.conf”
  • sysctl_set string - no/yes - sysctl -w
  • ignoreerrors boolean - no/yes

Let me summarize the parameters of sysctl module. The only required is “name”, where you specify the parameter name to access or edit. The parameter “value” sets the value of the sysctl parameter. The parameter “reload”, default to yes, reload the configuration file if any changes occur. The parameter “state” sets the presence or absence of the parameter in the sysctl file. The parameter “sysctl_file” allows specifying the configuration file for sysctl, default to “/etc/sysctl.conf”. The parameter “sysctl_set” allows you to configure a parameter permanently, that survives after reboot. The parameter “ignoreerrors” allow you to ignore errors about unknown keys, default to “no”.

https://docs.ansible.com/ansible/latest/collections/ansible/posix/sysctl_module.html

Playbook

Ansible set sysctl kernel parameters.

code

---
- name: sysctl module Playbook
  hosts: all
  become: true
  vars:
    sysctl_name: "vm.swappiness"
    sysctl_value: "5"
  tasks:
    - name: set sysctl
      ansible.posix.sysctl:
        name: "{{ sysctl_name }}"
        value: "{{ sysctl_value }}"
        state: present
        sysctl_set: true
        reload: true

execution

$ ansible-playbook -i virtualmachines/demo/inventory sysctl/sysctl.yml
PLAY [sysctl module Playbook] *************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [ansible.posix.sysctl] ***********************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

idempotency

$ ansible-playbook -i virtualmachines/demo/inventory sysctl/sysctl.yml
PLAY [sysctl module Playbook] *************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [ansible.posix.sysctl] ***********************************************************************
ok: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

before execution

$ ssh [email protected]
Last login: Fri Jan  7 07:26:29 2022 from 192.168.0.102
[devops@demo ~]$ sudo su
[root@demo devops]# sysctl -a | less
[root@demo devops]# sysctl vm.swappiness
vm.swappiness = 30
[root@demo devops]# cat /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv6.conf.all.disable_ipv6=1
[root@demo devops]#

after execution

$ ssh [email protected]
Last login: Tue Jan 11 17:41:18 2022 from 192.168.0.102
[devops@demo ~]$ sudo su
[root@demo devops]# sysctl vm.swappiness
vm.swappiness = 5
[root@demo devops]# reboot
Connection to demo.example.com closed by remote host.
Connection to demo.example.com closed.
ansible-pilot $ ssh [email protected]
Last login: Tue Jan 11 17:41:44 2022 from 192.168.0.102
[devops@demo ~]$ sudo su
[root@demo devops]# sysctl vm.swappiness
vm.swappiness = 5
[root@demo devops]# cat /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv6.conf.all.disable_ipv6=1
vm.swappiness=5
[root@demo devops]# uname -a
Linux demo.example.com 4.18.0-348.el8.x86_64 #1 SMP Mon Oct 4 12:17:22 EDT 2021 x86_64 x86_64 x86_64 GNU/Linux
[root@demo devops]#

code with ❤️ in GitHub

Conclusion

Now you know how to set or verify sysctl kernel parameters with Ansible. Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my Udemy 300+ Lessons Video Course.

BUY the Complete Udemy 300+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Want to keep this project going? Please donate

Patreon Buy me a Pizza