Centos 7.5 Kernel limits and general configuration for serving databases

Hi !

I’ve been now running development db LXC containers for a while and pumped into some kernel parameters what I had to tweak in order to continue with LXC.

I was wondering if anyone else have had an exp with serving database containers on LXC platform with Centos as OS ? If yes then I would hear your recommendations about the kernel parameters or any sort what may prevent or may come as surprise to me OR potentially cause an Incident while containers are running.

Currently my default settings after Centos install are,

grubby --args=“user_namespace.enable=1” --update-kernel="$(grubby --default-kernel)"
grubby --args=“namespace.unpriv_enable=1” --update-kernel="$(grubby --default-kernel)"
echo “user.max_user_namespaces=15000” > /etc/sysctl.d/99-userns.conf
echo “fs.inotify.max_user_instances = 512” >> /etc/sysctl.d//99-sysctl.conf

I found some parameters from another topic where mentioned to add also FOR high volume and traffic env,

Here is what we set in /etc/sysctl.conf :

fs.inotify.max_queued_events = 1048576
fs.inotify.max_user_instances = 1048576
fs.inotify.max_user_watches = 1048576
vm.max_map_count = 262144
kernel.dmesg_restrict = 1
And in /etc/security/limits.conf :

  •           soft    nofile          1048576
  •           hard    nofile          1048576

root soft nofile 1048576
root hard nofile 1048576

  •           soft    memlock         unlimited
  •           hard    memlock         unlimited


Is there any other parameters or services that I reccomended to tuned or keep an eye on ?



I can answer tomyself here - https://github.com/lxc/lxd/blob/master/doc/production-setup.md found this thre