From 3c6797a3838967aa875ef6dbb2e18a9a5a0dbf04 Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 15:53:15 -0700 Subject: [PATCH 1/8] accidentally committed, safe to delete --- .../config/core-pool-sysctl.yaml.bak | 43 ------------------- 1 file changed, 43 deletions(-) delete mode 100644 vendor/google/gke/node-pool/config/core-pool-sysctl.yaml.bak diff --git a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml.bak b/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml.bak deleted file mode 100644 index 1e22a09b9..000000000 --- a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml.bak +++ /dev/null @@ -1,43 +0,0 @@ -kubeletConfig: - cpuManagerPolicy: static -# kubeletExtraConfig: -# allowedUnsafeSysctls: 'net.core.*,net.ipv4.*' -linuxConfig: - sysctl: - # tune the ipv4 settings to not cause nginx to use all of the tcp memory - # addresses: https://jira-secure.berkeley.edu/browse/DH-3 - # - # following this process: - # https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config - # - # man page: - # https://man7.org/linux/man-pages/man7/tcp.7.html - # - # figures below are measured in units of system page size (4096B), - # and gleaned from the following articles: - # https://cromwell-intl.com/open-source/performance-tuning/tcp.html - # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-tcpip-ipv4-settings - # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-network-stack-settings - # - # net.ipv4.tcp_mem seems to be automagically generated from the supplied tcp_rmem - # and tcp_wmem settings. i believe? - # - # here be dragons. - # - # original values (as of 2023-19-04): - # net.core.netdev_max_backlog=1000 - # net.core.rmem_max=212992 - # net.core.wmem_max=212992 - # net.ipv4.tcp_rmem=4096 87380 6291456 - # net.ipv4.tcp_wmem=4096 16384 4194304 - # - # https://fasterdata.es.net/host-tuning/linux/#toc-anchor-2 - net.core.netdev_max_backlog: '30000' - net.ipv4.tcp_max_syn_backlog: '8192' - net.core.rmem_default: - net.core.rmem_max: '67108864' - net.core.wmem_max: '67108864' - net.ipv4.tcp_rmem: '4096 87380 33554432' - net.ipv4.tcp_wmem: '4096 87380 33554432' - # http://simonhf.wordpress.com/2010/10/01/node-js-versus-sxe-hello-world-complexity-speed-and-memory-usage/ - net.core.somaxconn: '65535' From de1e3efeab81d4e9e5ed56f42d467b653df003df Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 15:58:24 -0700 Subject: [PATCH 2/8] end of file fixer --- .../google/gke/node-pool/config/user-pool-sysctl.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 vendor/google/gke/node-pool/config/user-pool-sysctl.yaml diff --git a/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml b/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml new file mode 100644 index 000000000..48a476106 --- /dev/null +++ b/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml @@ -0,0 +1,11 @@ +kubeletConfig: + cpuManagerPolicy: static +linuxConfig: + sysctl: + # tune the systcl settings of user pools to allow for more ephemeral ports + # https://jira-secure.berkeley.edu/browse/DH-377 + # https://github.com/jupyterhub/configurable-http-proxy/issues/557 + # + # original values: + # net.ipv4.ip_local_port_range = 32768 60999 + net.ipv4.ip_local_port_range=10000 65000 From f495b4a978105f7f9be2fee60667dc453687ec72 Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 15:59:48 -0700 Subject: [PATCH 3/8] update docs --- docs/tasks/new-hub.qmd | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/tasks/new-hub.qmd b/docs/tasks/new-hub.qmd index a59f5e0ae..ac4755416 100644 --- a/docs/tasks/new-hub.qmd +++ b/docs/tasks/new-hub.qmd @@ -103,6 +103,7 @@ gcloud container node-pools create "user--" \ --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" \ --no-enable-autoupgrade --enable-autorepair \ --max-surge-upgrade 1 --max-unavailable-upgrade 0 --max-pods-per-node "110" + --system-config-from-file=vendor/google/gke/node-pool/config/user-pool-sysctl.yaml ``` ### Creating a new filestore instance From c43e78cd4f3a16b1afcf76002085d3324343610c Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 16:04:44 -0700 Subject: [PATCH 4/8] derp, we're not modifying the user pool --- .../google/gke/node-pool/config/user-pool-sysctl.yaml | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 vendor/google/gke/node-pool/config/user-pool-sysctl.yaml diff --git a/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml b/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml deleted file mode 100644 index 48a476106..000000000 --- a/vendor/google/gke/node-pool/config/user-pool-sysctl.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kubeletConfig: - cpuManagerPolicy: static -linuxConfig: - sysctl: - # tune the systcl settings of user pools to allow for more ephemeral ports - # https://jira-secure.berkeley.edu/browse/DH-377 - # https://github.com/jupyterhub/configurable-http-proxy/issues/557 - # - # original values: - # net.ipv4.ip_local_port_range = 32768 60999 - net.ipv4.ip_local_port_range=10000 65000 From b3ae2db22934865bf1ff599b8b4c45c30814d590 Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 16:05:24 -0700 Subject: [PATCH 5/8] derp, we're not modifying the user pool --- .../node-pool/config/core-pool-sysctl.yaml | 96 ++++++++++--------- 1 file changed, 52 insertions(+), 44 deletions(-) diff --git a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml b/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml index 793ae82e3..ce62ca14c 100644 --- a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml +++ b/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml @@ -4,48 +4,56 @@ kubeletConfig: # allowedUnsafeSysctls: 'net.core.*,net.ipv4.*' linuxConfig: sysctl: - # tune the ipv4 settings to not cause nginx to use all of the tcp memory - # addresses: https://jira-secure.berkeley.edu/browse/DH-3 - # - # following this process: - # https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config - # - # man page: - # https://man7.org/linux/man-pages/man7/tcp.7.html - # - # figures below are measured in units of system page size (4096B), - # and gleaned from the following articles: - # https://cromwell-intl.com/open-source/performance-tuning/tcp.html - # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-tcpip-ipv4-settings - # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-network-stack-settings - # - # net.ipv4.tcp_mem seems to be automagically generated from the supplied tcp_rmem - # and tcp_wmem settings. i believe? - # - # here be dragons. - # - # original values (as of 2023-04-19): - # net.core.netdev_max_backlog=1000 - # net.core.rmem_max=212992 - # net.core.wmem_max=212992 - # net.ipv4.tcp_rmem=4096 87380 6291456 - # net.ipv4.tcp_wmem=4096 16384 4194304 - # - # changes and additional tweaks (2024-04-11): - # net.ipv4.tcp_max_syn_backlog=4096 - # net.core.rmem_max=3276800 - # net.core.wmem_max=3276800 - # net.ipv4.tcp_rmem=4096 87380 16777216 - # net.ipv4.tcp_wmem=4096 87380 16777216 - # net.core.somaxconn=1024 - # - # https://fasterdata.es.net/host-tuning/linux/#toc-anchor-2 - net.core.netdev_max_backlog: '30000' - net.core.somaxconn: '4096' - # net.ipv4.tcp_max_syn_backlog: '8192' + # tune the ipv4 settings to not cause nginx to use all of the tcp memory + # addresses: https://jira-secure.berkeley.edu/browse/DH-3 + # + # following this process: + # https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config + # + # man page: + # https://man7.org/linux/man-pages/man7/tcp.7.html + # + # figures below are measured in units of system page size (4096B), + # and gleaned from the following articles: + # https://cromwell-intl.com/open-source/performance-tuning/tcp.html + # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-tcpip-ipv4-settings + # https://www.ibm.com/docs/en/linux-on-systems?topic=tuning-network-stack-settings + # + # net.ipv4.tcp_mem seems to be automagically generated from the supplied tcp_rmem + # and tcp_wmem settings. i believe? + # + # here be dragons. + # + # original values (as of 2023-04-19): + # net.core.netdev_max_backlog=1000 + # net.core.rmem_max=212992 + # net.core.wmem_max=212992 + # net.ipv4.tcp_rmem=4096 87380 6291456 + # net.ipv4.tcp_wmem=4096 16384 4194304 + # + # changes and additional tweaks (2024-04-11): + # net.ipv4.tcp_max_syn_backlog=4096 + # net.core.rmem_max=3276800 + # net.core.wmem_max=3276800 + # net.ipv4.tcp_rmem=4096 87380 16777216 + # net.ipv4.tcp_wmem=4096 87380 16777216 + # net.core.somaxconn=1024 + # + # https://fasterdata.es.net/host-tuning/linux/#toc-anchor-2 + net.core.netdev_max_backlog: '30000' + net.core.somaxconn: '4096' + # net.ipv4.tcp_max_syn_backlog: '8192' - # these values are in bytes - net.core.rmem_max: '67108864' - net.core.wmem_max: '67108864' - net.ipv4.tcp_rmem: '4096 87380 33554432' - net.ipv4.tcp_wmem: '4096 87380 33554432' + # these values are in bytes + net.core.rmem_max: '67108864' + net.core.wmem_max: '67108864' + net.ipv4.tcp_rmem: '4096 87380 33554432' + net.ipv4.tcp_wmem: '4096 87380 33554432' + + # the chp was also running out of ehpemeral ports: + # https://jira-secure.berkeley.edu/browse/DH-377 + # https://github.com/jupyterhub/configurable-http-proxy/issues/557 + # + # original values: + # net.ipv4.ip_local_port_range = 32768 60999 + net.ipv4.ip_local_port_range: '10000 65000' From 68b4dcb8f4289b39edd596edb608d275ce9e725f Mon Sep 17 00:00:00 2001 From: shane knapp Date: Mon, 28 Oct 2024 16:13:45 -0700 Subject: [PATCH 6/8] undo doc change --- docs/tasks/new-hub.qmd | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/tasks/new-hub.qmd b/docs/tasks/new-hub.qmd index ac4755416..a59f5e0ae 100644 --- a/docs/tasks/new-hub.qmd +++ b/docs/tasks/new-hub.qmd @@ -103,7 +103,6 @@ gcloud container node-pools create "user--" \ --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" \ --no-enable-autoupgrade --enable-autorepair \ --max-surge-upgrade 1 --max-unavailable-upgrade 0 --max-pods-per-node "110" - --system-config-from-file=vendor/google/gke/node-pool/config/user-pool-sysctl.yaml ``` ### Creating a new filestore instance From 1bf7c6809fd3b3c90fc31bcb7f49d84e6a5902cd Mon Sep 17 00:00:00 2001 From: shane knapp Date: Tue, 29 Oct 2024 11:25:42 -0700 Subject: [PATCH 7/8] revert addition of ephemeral port settings --- vendor/google/gke/node-pool/config/core-pool-sysctl.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml b/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml index ce62ca14c..c81b79680 100644 --- a/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml +++ b/vendor/google/gke/node-pool/config/core-pool-sysctl.yaml @@ -49,11 +49,3 @@ linuxConfig: net.core.wmem_max: '67108864' net.ipv4.tcp_rmem: '4096 87380 33554432' net.ipv4.tcp_wmem: '4096 87380 33554432' - - # the chp was also running out of ehpemeral ports: - # https://jira-secure.berkeley.edu/browse/DH-377 - # https://github.com/jupyterhub/configurable-http-proxy/issues/557 - # - # original values: - # net.ipv4.ip_local_port_range = 32768 60999 - net.ipv4.ip_local_port_range: '10000 65000' From fc0c73f7cc997fbc7bf52c470c9f53f3c544b1fc Mon Sep 17 00:00:00 2001 From: shane knapp Date: Tue, 29 Oct 2024 11:28:34 -0700 Subject: [PATCH 8/8] add .bak to gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 1bdc6b279..93baf27cd 100644 --- a/.gitignore +++ b/.gitignore @@ -11,4 +11,6 @@ hub/charts **/__pycache__ **/*.pyc +# random stuff **/.DS_Store +**/*.bak