[lxc-devel] [lxd/master] Initial documentation for production use of LXD

stgraber on Github lxc-bot at linuxcontainers.org
Fri Aug 5 00:44:46 UTC 2016


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 472 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160805/28537041/attachment.bin>
-------------- next part --------------
From 44ebca33c3cb6e172f5c90a9091f98dc8e9e521d Mon Sep 17 00:00:00 2001
From: Eric <naisanza at gmail.com>
Date: Mon, 1 Aug 2016 20:15:26 -0400
Subject: [PATCH] Initial documentation for production use of LXD

A collection of server changes in order for LXD to function correctly
when many file operations are requried

Closes #2256

Signed-off-by: Eric Jaw naisanza at gmail.com
---
 doc/production-setup.md | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 doc/production-setup.md

diff --git a/doc/production-setup.md b/doc/production-setup.md
new file mode 100644
index 0000000..1ddd94a
--- /dev/null
+++ b/doc/production-setup.md
@@ -0,0 +1,47 @@
+# Introduction
+So you've made it past trying out [LXD live online](https://linuxcontainers.org/lxd/try-it/), 
+or on a server scavanged from random parts. You like what you see, 
+and now you want to try doing some serious work with LXD.
+
+With the vanilla installation of Ubuntu Server 16.04, there will 
+need to be some modifications to the server configuration to avoid 
+common pitfalls when using containers that require tens of thousands 
+of file operations.
+
+
+## Common errors that may be encountered
+
+`Failed to allocate directory watch: Too many open files`
+
+`<Error> <Error>: Too many open files`
+
+`failed to open stream: Too many open files in...`
+
+
+# Server Changes
+## /etc/security/limits.conf
+
+Domain  | Type  | Item    | Value     | Default   | Description
+:-----  | :---  | :----   | :-------- | :-------- | :----------
+*       | soft  | nofile  | 1048576   | unset     | maximum number of open files
+*       | hard  | nofile  | 1048576   | unset     | maximum number of open files
+root    | soft  | nofile  | 1048576   | unset     | maximum number of open files
+root    | hard  | nofile  | 1048576   | unset     | maximum number of open files
+*       | soft  | memlock | unlimited | unset     | maximum locked-in-memory address space (KB)
+*       | hard  | memlock | unlimited | unset     | maximum locked-in-memory address space (KB)
+
+
+## /etc/sysctl.conf
+
+Parameter                       | Value     | Default | Description
+:-----                          | :---      | :---    | :---
+fs.inotify.max\_queued\_events  | 1048576   | 16384   | This specifies an upper limit on the number of events that can be queued to the corresponding inotify instance. [1]
+fs.inotify.max\_user\_instances | 1048576   | 128     | This specifies an upper limit on the number of inotify instances that can be created per real user ID. [1]
+fs.inotify.max\_user\_watches   | 1048576   | 8192    | This specifies an upper limit on the number of watches that can be created per real user ID. [1]
+vm.max\_map\_count              | 262144    | 65530   | This file contains the maximum number of memory map areas a process may have. Memory map areas are used as a side-effect of calling malloc, directly by mmap and mprotect, and also when loading shared libraries.
+
+
+Then, reboot the server.
+
+
+[1]: http://man7.org/linux/man-pages/man7/inotify.7.html


More information about the lxc-devel mailing list