add some perf optimizations for Fedora

master
Max Erenberg 3 months ago
parent 360461f91c
commit f0a2e9501e
  1. 2
      Makefile
  2. 22
      README.md
  3. 6
      pkg/distros/almalinux.go
  4. 6
      pkg/distros/fedora.go
  5. 7
      pkg/distros/resources/journald.conf
  6. 25
      pkg/distros/template_manager.go

@ -7,7 +7,7 @@ APPLIANCE_VERSION = 1.46.0
# Export LIBGUESTFS_DEBUG=1 to debug
all:
LIBRARY_PATH=$(LIBRARY_PATH) CGO_LDFLAGS='-l:libvirt.so.0 -l:libyajl.so.2' go build
LIBRARY_PATH=$(LIBRARY_PATH) go build
run:
LD_LIBRARY_PATH=$(LIBRARY_PATH) LIBGUESTFS_PATH=$(LIBGUESTFS_PATH) LIBGUESTFS_HV=$(LIBGUESTFS_HV) LIBGUESTFS_BACKEND_SETTINGS=force_tcg ./cloudbuild

@ -3,30 +3,18 @@ cloudbuild downloads, modifies and uploads VM templates for the CSC cloud
(CloudStack) using publicly available images for common Linux distros.
## Installing dependencies
If you have root access, run
Run the following in a Debian Docker/Podman container.
```sh
sudo apt install golang-guestfs-dev
apt install golang-guestfs-dev
scripts/create-libguestfs-module.sh
```
Otherwise, run
```sh
make deps
```
### Optional dependencies
If you are developing cloudbuild, you may wish to install
[guestfish](https://libguestfs.org/guestfish.1.html), an interactive shell
for guestfs.
If you have root access, run
```sh
sudo apt install libguestfs-tools
```
Otherwise, run
for guestfs:
```sh
make guestfish-deps
apt install libguestfs-tools
```
To run:
@ -77,6 +65,8 @@ export UPLOAD_DIRECTORY=/var/www/csc-cloud-images
export UPLOAD_BASE_URL=http://biloba.csclub.uwaterloo.ca/csc-cloud-images
# notification emails will be sent here
export EMAIL_RECIPIENT=root@csclub.uwaterloo.ca
# directory where SSH keys are stored to SSH into VMs created in CloudStack
export SSH_KEY_PATH=~/.ssh
```
Finally:

@ -112,5 +112,11 @@ func (mgr *AlmaLinuxTemplateManager) PerformDistroSpecificModifications(handle *
if err = mgr.replaceYumMirrorUrls(handle, mgr.transformAlmaLinuxYumRepoBaseUrl); err != nil {
return
}
if err = mgr.dnfRemoveUnnecessaryPackages(handle); err != nil {
return
}
if err = mgr.setJournaldConf(handle); err != nil {
return
}
return
}

@ -157,5 +157,11 @@ func (mgr *FedoraTemplateManager) PerformDistroSpecificModifications(handle *gue
if err = mgr.replaceYumMirrorUrls(handle, mgr.transformFedoraYumRepoBaseUrl); err != nil {
return
}
if err = mgr.dnfRemoveUnnecessaryPackages(handle); err != nil {
return
}
if err = mgr.setJournaldConf(handle); err != nil {
return
}
return
}

@ -0,0 +1,7 @@
[Journal]
# The default on Debian is Audit=no, but the default on Fedora is Audit=yes.
# The audit messages are quite noisy, especially given that the first value
# of kernel.printk (console_loglevel) is 7 on Fedora. To avoid negatively
# impacting disk I/O, I chose to explicitly set this to off.
# Audit records will still be collected if the user decides to install auditd.
Audit=no

@ -563,6 +563,23 @@ func (mgr *TemplateManager) replaceDebianMirrorUrls(handle *guestfs.Guestfs) (er
return
}
func (mgr *TemplateManager) dnfRemoveUnnecessaryPackages(handle *guestfs.Guestfs) (err error) {
// SSSD is unnecessary in single-user environments and consumes a lot of resources.
// auditd spams the system log and uses lots of disk IO.
args := []string{"dnf", "-C", "remove", "-y", "sssd-common", "audit"}
mgr.logger.Debug().Msg("Running '" + strings.Join(args, " ") + "'")
_, err = handle.Command(args)
if err != nil {
return
}
// Now that we removed SSSD, we also have to make sure that it's not being used in PAM.
// The way to do this on Fedora (and likely other RHEL-based distros) is with authselect.
args = []string{"authselect", "select", "minimal"}
mgr.logger.Debug().Msg("Running '" + strings.Join(args, " ") + "'")
_, err = handle.Command(args)
return err
}
// requires an Augeas handle to be open
func (mgr *TemplateManager) updateSshdConfig(handle *guestfs.Guestfs) error {
mgr.logger.Debug().Msg("Setting PrintLastLog=no in sshd_config")
@ -577,6 +594,14 @@ func (mgr *TemplateManager) setTimesyncdConf(handle *guestfs.Guestfs) (err error
return handle.Write("/etc/systemd/timesyncd.conf.d/csclub.conf", getResource("timesyncd.conf"))
}
func (mgr *TemplateManager) setJournaldConf(handle *guestfs.Guestfs) (err error) {
mgr.logger.Debug().Msg("Writing custom journald.conf")
if err = handle.Mkdir_p("/etc/systemd/journald.conf.d"); err != nil {
return
}
return handle.Write("/etc/systemd/journald.conf.d/csclub.conf", getResource("journald.conf"))
}
func (mgr *TemplateManager) setMotd(handle *guestfs.Guestfs) error {
mgr.logger.Debug().Msg("Writing to /etc/motd")
return handle.Write("/etc/motd", getResource("motd"))

Loading…
Cancel
Save