Skip to content

fix(ansible): refactor kernel parameters and fix tuned integration#2198

Queued
hunleyd wants to merge 9 commits into
developfrom
INDATA-378-03
Queued

fix(ansible): refactor kernel parameters and fix tuned integration#2198
hunleyd wants to merge 9 commits into
developfrom
INDATA-378-03

Conversation

@hunleyd

@hunleyd hunleyd commented Jun 9, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR refactors how kernel parameters and tuned profiles are handled to ensure reliability and prevent command-line corruption.

Changes:

1. Tuned & Kernel Parameter Refactoring

  • Ansible: Fixed tuned integration in setup-tuned.yml.
    • Removed the [bootloader] section from the postgresql tuned profile. This section was identified as dangerous as it could lead to corruption of the kernel command line during profile activation.
    • Moved tcp_keepalive_intvl and tcp_keepalive_time settings from setup-system.yml into the postgresql tuned profile's [sysctl] section.
    • Added guards (when: stage2_nix) to tuned service activation to avoid failures when running in restricted environments (like chroot during AMI builds).
  • GRUB/Bootstrap:
    • Moved the application of critical boot-time kernel parameters to ebssurrogate/scripts/chroot-bootstrap-nix.sh.
    • Restored zswap parameters (zswap.enabled=1 zswap.zpool=zsmalloc zswap.compressor=zstd zswap.max_pool_percent=10) to GRUB_CMDLINE_LINUX_DEFAULT.
    • Added transparent_hugepage=never to GRUB_CMDLINE_LINUX_DEFAULT.
    • Included documentation in the bootstrap script clarifying that unknown kernel parameters are safely ignored, ensuring compatibility across different kernel versions.

2. Systemd & Cleanup

  • PostgreSQL: Corrected the systemd override path in ansible/tasks/setup-postgres.yml from override.conf to overrides.conf for the tuned.service dependency.
  • Cleanup: Removed redundant net.ipv4.tcp_keepalive_* sysctl tasks from setup-system.yml.

Why?

  • The tuned bootloader plugin is known to be fragile in certain environments and was causing issues with command-line management.
  • Applying kernel parameters via GRUB is more robust for settings that should be active from early boot.
  • Consolidating PostgreSQL-related sysctls into the tuned profile makes the configuration more modular and easier to manage.

@hunleyd hunleyd requested review from a team as code owners June 9, 2026 19:27
@hunleyd hunleyd enabled auto-merge June 10, 2026 14:33
romanhx
romanhx requested changes Jun 10, 2026
View reviewed changes

@romanhx romanhx left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

v minor request

Comment thread ansible/tasks/setup-system.yml
@hunleyd hunleyd requested a review from romanhx June 10, 2026 15:38
@hunleyd hunleyd added this pull request to the merge queue Jun 10, 2026
Any commits made after this event will not be merged.
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to no response for status checks Jun 10, 2026
@hunleyd hunleyd added this pull request to the merge queue Jun 11, 2026
Any commits made after this event will not be merged.
@hunleyd hunleyd removed this pull request from the merge queue due to a manual request Jun 11, 2026
hunleyd added 3 commits June 11, 2026 13:27
@hunleyd
chore: empty commit to trigger CI
6be2326
@hunleyd
fix(ansible): fix tuned integration and kernel parameters
2a41d7f 
- Ensure tcp_keepalive sysctls are always applied in tuned profile
- Remove dangerous bootloader section from tuned profile to prevent command line corruption
- Move THP disabling to GRUB configuration in bootstrap script
- Guard tuned service/profile activation to avoid chroot failures
@hunleyd
perf(grub): restore zswap parameters to boot command line
7da5d13
@supabase supabase deleted a comment from blacksmith-sh Bot Jun 12, 2026
@hunleyd
Merge remote-tracking branch 'origin/develop' into INDATA-378-03
dd0d53d 
* origin/develop:
  ci: build-ami: Use arch in EXECUTION_ID (#2209)
  chore(ci): clean up stale ec2 instances (#2170)
  testinfra: Fix InstanceType and startup error handling (#2207)
  fix(ci): clean up dangling EBS volumes left by Packer builds (#2165)
@hunleyd hunleyd requested a review from romanhx June 12, 2026 18:09
@hunleyd hunleyd added this pull request to the merge queue Jun 12, 2026
Any commits made after this event will not be merged.
@hunleyd hunleyd changed the title ansible: move tcp_keepalive_intvl to tuned profile fix(ansible): refactor kernel parameters and fix tuned integration Jun 12, 2026
romanhx
romanhx reviewed Jun 12, 2026
View reviewed changes
Comment thread ebssurrogate/scripts/chroot-bootstrap-nix.sh
function setup_grub_conf {
# Note: Unknown kernel parameters (like zswap settings on kernels without zswap support)
# are safely ignored by the kernel and passed to user-space. This allows us to
# include them here without risking boot failures on older or incompatible kernels.

@romanhx romanhx Jun 12, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

neat

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@romanhx romanhx romanhx approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hunleyd @romanhx