Add database profile for database servers and in-memory caches.
Parameters
The following is just a quick draft of possibly relevant parameters and recommended values. Researching them in + reasoning for implementation is the actual work to do.
Memory
| Parameter |
Value |
Auto-calculated |
vm.swappiness |
10 |
- |
vm.vfs_cache_pressure |
50 |
- |
vm.overcommit_memory |
0 |
- |
vm.overcommit_ratio |
80 |
- |
vm.zone_reclaim_mode |
0 |
- |
kernel.shmmax |
- |
RAM_bytes / 2 |
kernel.shmall |
- |
RAM_pages / 2 |
vm.min_free_kbytes |
- |
min(RAM_KB * 0.01, 2097152) |
Dirty pages
| Parameter |
Value |
vm.dirty_ratio |
40 |
vm.dirty_background_ratio |
10 |
vm.dirty_expire_centisecs |
3000 |
vm.dirty_writeback_centisecs |
500 |
OOM
| Parameter |
Value |
vm.oom_kill_allocating_task |
1 |
vm.panic_on_oom |
0 |
I/O
| Parameter |
Value |
fs.aio-max-nr |
1048576 |
Network
| Parameter |
Value |
net.ipv4.tcp_syncookies |
1 |
net.ipv4.conf.all.rp_filter |
1 |
net.ipv4.conf.default.rp_filter |
1 |
net.ipv4.conf.all.accept_redirects |
0 |
net.ipv4.conf.default.accept_redirects |
0 |
net.ipv4.conf.all.send_redirects |
0 |
net.ipv4.conf.default.send_redirects |
0 |
net.ipv4.conf.all.accept_source_route |
0 |
net.ipv4.conf.default.accept_source_route |
0 |
net.ipv4.conf.all.log_martians |
1 |
net.ipv4.conf.default.log_martians |
1 |
net.ipv4.icmp_echo_ignore_broadcasts |
1 |
net.ipv4.icmp_ignore_bogus_error_responses |
1 |
net.ipv6.conf.all.accept_redirects |
0 |
net.ipv6.conf.default.accept_redirects |
0 |
net.ipv6.conf.all.accept_source_route |
0 |
net.ipv6.conf.default.accept_source_route |
0 |
Kernel
| Parameter |
Value |
kernel.randomize_va_space |
2 |
Filesystem
| Parameter |
Value |
fs.protected_hardlinks |
1 |
fs.protected_symlinks |
1 |
fs.protected_fifos |
2 |
fs.protected_regular |
2 |
fs.suid_dumpable |
0 |
Scope limitation
THP settings are in /sys/kernel/mm/transparent_hugepage/, not sysctl.
References
Acceptance criteria
