Hello,
We have a 3 node cluster with PVE 8 and ceph 17.2.7. Of course it will be upgraded to current versions.
Now we have an order to apply some sysctl and kernel options. So i would like to ask about compatibility of these options: is it safe to apply them on PVE nodes or they will broke a node and/or some functions?
Thanks in advance
We have a 3 node cluster with PVE 8 and ceph 17.2.7. Of course it will be upgraded to current versions.
Code:
root@pve-down-1:~# pveversion
pve-manager/8.0.9/fd1a0ae1b385cdcd (running kernel: 6.2.16-19-pve)Now we have an order to apply some sysctl and kernel options. So i would like to ask about compatibility of these options: is it safe to apply them on PVE nodes or they will broke a node and/or some functions?
Code:
SYSCTL:
kernel.dmesg_restrict=1
kernel.kptr_restrict=2
init_on_alloc=1
net.core.bpf_jit_harden=2
kernel.perf_event_paranoid=3
kernel.kexec_load_disabled=1
user.max_user_namespaces=0
kernel.unprivileged_bpf_disabled=1
vm.unprivileged_userfaultfd=0
dev.tty.ldisc_autoload=0
vm.mmap_min_addr=4096
kernel.randomize_va_space=2
kernel.yama.ptrace_scope=3
fs.protected_symlinks=1
fs.protected_hardlinks=1
fs.protected_fifos=2
fs.protected_regular=2
fs.suid_dumpable=0
KERNEL:
init_on_alloc=1
slab_nomerge
iommu=force
iommu.strict=1
iommu.passthrough=0
randomize_kstack_offset=1
mitigations=auto,nosmt
vsyscall=none
debugfs=no-mount
tsx=offThanks in advance