update limits (#1679)

Despire · CI/CD pipeline · web-flow · commit 9d08448487a5 · 2025-03-07T14:12:28.000Z
Closes #1633 --------- Co-authored-by: CI/CD pipeline <CI/CD-pipeline@users.noreply.github.com>
diff --git a/manifests/claudie/kustomization.yaml b/manifests/claudie/kustomization.yaml
@@ -57,7 +57,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: ghcr.io/berops/claudie/ansibler
-  newTag: 5d487af-3268
+  newTag: 0940997-3281
 - name: ghcr.io/berops/claudie/autoscaler-adapter
   newTag: 19ec4b8-3279
 - name: ghcr.io/berops/claudie/builder
diff --git a/services/ansibler/server/ansible-playbooks/longhorn-req.yml b/services/ansibler/server/ansible-playbooks/longhorn-req.yml
@@ -2,6 +2,10 @@
 - hosts: all
   gather_facts: no
   become: yes
+  vars:
+    nofile_soft: 65535
+    nofile_hard: 65535
+    file_max: 2097152
   # Install longhorn  dependencies
   tasks:
     - name: install open-iscsi
@@ -34,3 +38,49 @@
       # some cloud providers may not use the multipathd service
       # thus make the error not fatal.
       ignore_errors: yes
+
+      # Update node limits.
+    - name: Modify limits.conf
+      blockinfile:
+        path: /etc/security/limits.conf
+        block: |
+          * soft nofile {{ nofile_soft }}
+          * hard nofile {{ nofile_hard }}
+          root soft nofile {{ nofile_soft }}
+          root hard nofile {{ nofile_hard }}
+        state: present
+
+    - name: Ensure PAM limits are enabled
+      lineinfile:
+        path: /etc/pam.d/common-session
+        line: "session required pam_limits.so"
+        state: present
+
+    - name: Ensure PAM limits are enabled for non-interactive sessions
+      lineinfile:
+        path: /etc/pam.d/common-session-noninteractive
+        line: "session required pam_limits.so"
+        state: present
+
+    - name: Configure systemd system limits
+      ansible.builtin.lineinfile:
+        path: /etc/systemd/system.conf
+        regexp: "^#?DefaultLimitNOFILE="
+        line: "DefaultLimitNOFILE={{ nofile_hard }}"
+
+    - name: Configure systemd user limits
+      ansible.builtin.lineinfile:
+        path: /etc/systemd/user.conf
+        regexp: "^#?DefaultLimitNOFILE="
+        line: "DefaultLimitNOFILE={{ nofile_hard }}"
+
+    - name: Reload systemd configuration
+      ansible.builtin.systemd:
+        daemon_reload: yes
+
+    - name: Set kernel file handle maximum
+      ansible.builtin.sysctl:
+        name: fs.file-max
+        value: "{{ file_max }}"
+        state: present
+        reload: yes
