Does the juju charm lxd do a production grade installation?

I had great success deploying the juju charm to a manually installed LXD host.

juju deploy lxd --num-units 1 --config snap-channel="5.0/stable" --config lxd-listen-https=true --config lxd-listen-metrics=true --config lxd-preseed="$(cat preseed.yaml) --to 0"

So, my question is if the charm does per default the production grade config as described here: Production setup - LXD documentation

The documentation of the charm doesn’t tell.

Thanx for a great experience so far with LXD and the Juju charm that comes with it.

I use the following setup taken from the above and I can see a few differences: https://github.com/erik78se/mydocs/blob/main/lxd/production-setup.md

This is what I found on the host, but I’m not sure if that comes from the charm:

cat /etc/sysctl.d/60-lxd.conf 
fs.aio-max-nr = 524288
fs.inotify.max_queued_events = 1048576
fs.inotify.max_user_instances = 1048576
fs.inotify.max_user_watches = 1048576
kernel.dmesg_restrict = 1
kernel.keys.maxbytes = 2000000
kernel.keys.maxkeys = 2000
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv6.neigh.default.gc_thresh3 = 8192
vm.max_map_count = 262144

That’s a good point, it was not explicit those files were generated by the LXD charm.
https://github.com/canonical/charm-lxd/pull/88 should improve this by adding a comment at the top.

As for the other sysctl configs for network tuning, those are somewhat more system specific as not all deployment have identical hardware (1G, 10G, 40G, 100G, …). If you however find some that are worth tuning in all circumstances, please let us know and we’ll integrate them in the doc and the charm!

Thanks Eric!

@erik_lonroth, that’s not related to this topic but while browsing around, I found https://github.com/erik78se/mydocs/blob/main/lxd/enable-tcpdump-in-container.md

I’ve been working around this by using tcpdump -l previously but apparently, it’s not needed anymore. At least, here with kernel 5.15 on Focal+HWE or Jammy hosts, I don’t need it anymore.