On Tue, Apr 8, 2014 at 2:24 PM, Nux! nux@li.nux.ro wrote:
Hello,
While the Cloud SIG is still being established, let's get to actual work and think of a set of features for a CentOS cloud template. I am referring here to VMs, not containers (e.g. docker).
This is how I see it so far, please feel free to come with suggestions/comments/questions.
A - Single partition for simplicity (and lack of good arguments against it)
I was wondering about LVM. It makes reconfiguration much easier (like adding swap). But growroot doesn't support LVM.
- dracut-modules-growroot included so the template partition willexpand to match target, cloud-init in charge of resize2fs
Only required for kernel < 3.8. Later kernels can do online partition resizing (handled by cloud-init post initrd).
B - To swap or not to swap?
Some service providers charge for disk IOs and nobody wants to pay for swap activity, so I vote against swap.
C - "tuned-adm profile virtual-host" which translates to: - kern.sched_min_granularity_ns 10ms - kernel.sched_wakeup_granularity_ns 15ms - vm.dirty_ratio 40% - vm.swappiness 30 - IO scheduler "deadline" - fs barriers off - CPU governor "performance" - disk readahead 4x
Where do these come from? What's the rational?
D - tso and gso off on the network interfaces http://s.nux.ro/gsotso
These seem to be settings on the host, not the guest.
E - network interface remapping (75-persistent-net-generator.rules, BZ 912801)
Not authorized to access that bug.
F - Selinux on. Do we relabel for uniqueness? Seen small VMs run out of memory while relabelling..
Ack.
G - PERSISTENT_DHCLIENT="1" (BZ 1011013)
Ack.
H - Bundle all the paravirt drivers in the ramdisk (virtio/xen/vmware/hyperv) so the same image can boot everywhere?
Seems reasonable. What's the impact on the initrd size?
I - Per "stack" requirements (e.g. cloudstack relies a lot on root user and password logins, openstack tends not to, SSH key only logins etc etc)
Can we have a single image that fits all the different requirements?
That's about all that crosses my mind for now.
K - No firwall. Handled by the service provider.
L - Timezone is set to UTC, Hostname is set to 'centos', lang is en_US.UTF-8, keyboard is us (or whatever you guys think makes sense).
M - NOZEROCONF=yes
N - Along with the image, we'll also provide md5/sha1/sha256 checksums, gpg signed files and a manifest (list of installed packages and their versions).
...Juerg
Thoughts?
Lucian
-- Sent from the Delta quadrant using Borg technology!
Nux! www.nux.ro _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel