[lxc-devel] [lxd/master] Initial documentation for production use of LXD
stgraber on Github
lxc-bot at linuxcontainers.org
Fri Aug 5 00:44:46 UTC 2016
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 472 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160805/28537041/attachment.bin>
-------------- next part --------------
From 44ebca33c3cb6e172f5c90a9091f98dc8e9e521d Mon Sep 17 00:00:00 2001
From: Eric <naisanza at gmail.com>
Date: Mon, 1 Aug 2016 20:15:26 -0400
Subject: [PATCH] Initial documentation for production use of LXD
A collection of server changes in order for LXD to function correctly
when many file operations are requried
Closes #2256
Signed-off-by: Eric Jaw naisanza at gmail.com
---
doc/production-setup.md | 47 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 47 insertions(+)
create mode 100644 doc/production-setup.md
diff --git a/doc/production-setup.md b/doc/production-setup.md
new file mode 100644
index 0000000..1ddd94a
--- /dev/null
+++ b/doc/production-setup.md
@@ -0,0 +1,47 @@
+# Introduction
+So you've made it past trying out [LXD live online](https://linuxcontainers.org/lxd/try-it/),
+or on a server scavanged from random parts. You like what you see,
+and now you want to try doing some serious work with LXD.
+
+With the vanilla installation of Ubuntu Server 16.04, there will
+need to be some modifications to the server configuration to avoid
+common pitfalls when using containers that require tens of thousands
+of file operations.
+
+
+## Common errors that may be encountered
+
+`Failed to allocate directory watch: Too many open files`
+
+`<Error> <Error>: Too many open files`
+
+`failed to open stream: Too many open files in...`
+
+
+# Server Changes
+## /etc/security/limits.conf
+
+Domain | Type | Item | Value | Default | Description
+:----- | :--- | :---- | :-------- | :-------- | :----------
+* | soft | nofile | 1048576 | unset | maximum number of open files
+* | hard | nofile | 1048576 | unset | maximum number of open files
+root | soft | nofile | 1048576 | unset | maximum number of open files
+root | hard | nofile | 1048576 | unset | maximum number of open files
+* | soft | memlock | unlimited | unset | maximum locked-in-memory address space (KB)
+* | hard | memlock | unlimited | unset | maximum locked-in-memory address space (KB)
+
+
+## /etc/sysctl.conf
+
+Parameter | Value | Default | Description
+:----- | :--- | :--- | :---
+fs.inotify.max\_queued\_events | 1048576 | 16384 | This specifies an upper limit on the number of events that can be queued to the corresponding inotify instance. [1]
+fs.inotify.max\_user\_instances | 1048576 | 128 | This specifies an upper limit on the number of inotify instances that can be created per real user ID. [1]
+fs.inotify.max\_user\_watches | 1048576 | 8192 | This specifies an upper limit on the number of watches that can be created per real user ID. [1]
+vm.max\_map\_count | 262144 | 65530 | This file contains the maximum number of memory map areas a process may have. Memory map areas are used as a side-effect of calling malloc, directly by mmap and mprotect, and also when loading shared libraries.
+
+
+Then, reboot the server.
+
+
+[1]: http://man7.org/linux/man-pages/man7/inotify.7.html
More information about the lxc-devel
mailing list