Hi !
I’ve been now running development db LXC containers for a while and pumped into some kernel parameters what I had to tweak in order to continue with LXC.
I was wondering if anyone else have had an exp with serving database containers on LXC platform with Centos as OS ? If yes then I would hear your recommendations about the kernel parameters or any sort what may prevent or may come as surprise to me OR potentially cause an Incident while containers are running.
Currently my default settings after Centos install are,
grubby --args=“user_namespace.enable=1” --update-kernel=“$(grubby --default-kernel)”
grubby --args=“namespace.unpriv_enable=1” --update-kernel=“$(grubby --default-kernel)”
echo “user.max_user_namespaces=15000” > /etc/sysctl.d/99-userns.conf
echo “fs.inotify.max_user_instances = 512” >> /etc/sysctl.d//99-sysctl.conf
I found some parameters from another topic where mentioned to add also FOR high volume and traffic env,
Here is what we set in /etc/sysctl.conf :
fs.inotify.max_queued_events = 1048576
fs.inotify.max_user_instances = 1048576
fs.inotify.max_user_watches = 1048576
vm.max_map_count = 262144
kernel.dmesg_restrict = 1
And in /etc/security/limits.conf :
soft nofile 1048576
hard nofile 1048576
root soft nofile 1048576
root hard nofile 1048576
soft memlock unlimited
hard memlock unlimited
net.ipv4.neigh.default.gc_thresh3=8192
net.ipv6.neigh.default.gc_thresh3=8192
Is there any other parameters or services that I reccomended to tuned or keep an eye on ?
Best,
PR