Mailing List Archive: Kernel config

Kernel config

May 12, 2003, 2:29 AM

Post #1 of 7 (239 views)

For reference, attached is the kernel configuration file for the kernel
I'm compiling right now.

It's a 2.4.20; unpatched so far as I know. (Unless Jason added anything to
it earlier.)

-- brion vibber (brion @ pobox.com)

Re: Kernel config [ In reply to ]

vibber at aludra

May 12, 2003, 3:10 AM

Post #2 of 7 (237 views)

So far so good with the new kernel, we've got 2 gigs again. :) I've set
LILO so if we reboot it'll go back to the previous one for now.

-- brion vibber (brion @ pobox.com)

Re: Kernel config [ In reply to ]

May 12, 2003, 9:08 AM

Post #3 of 7 (244 views)

On Mon, 2003-05-12 at 03:10, Brion Vibber wrote:
> So far so good with the new kernel, we've got 2 gigs again. :) I've set
> LILO so if we reboot it'll go back to the previous one for now.

[brion@pliny brion]$ uptime
3:33pm up 5:34, 1 user, load average: 10.16, 9.79, 10.23

[brion@pliny brion]$ vmstat 1 20
procs memory swap io system cpu
r b w swpd free buff cache si so bi bo in cs us sy id
1 2 0 235888 14584 32400 1102440 5 6 269 251 291 860 57 6 37
0 1 1 235888 14136 32436 1102808 0 0 341 1777 947 763 39 6 54
0 1 0 235888 13744 32452 1103128 0 0 296 468 667 756 65 4 31
4 0 0 235888 13300 32468 1103356 0 0 177 216 679 506 34 5 60
0 9 1 235888 13152 32500 1103712 12 0 352 1941 764 760 48 11 41
4 21 4 235888 14588 32500 1103932 0 0 200 683 889 469 31 8 61
7 2 4 235888 13892 32528 1104504 0 0 296 436 815 812 72 11 17
9 0 0 235888 13552 32552 1104812 0 0 276 1624 945 844 53 7 40
1 1 0 235888 13328 32556 1105032 0 0 200 220 668 788 79 4 17
1 2 0 235888 12740 32580 1105708 4 0 660 456 701 532 20 4 75
2 0 0 235888 12532 32600 1105816 0 0 108 327 604 604 48 5 47
2 0 0 235888 11784 32604 1106192 4 0 356 0 796 886 49 4 48
0 0 0 235888 11592 32604 1106384 0 0 180 0 717 449 17 5 78
2 0 0 235888 11256 32608 1106916 0 0 516 100 677 1286 73 9 18
3 0 0 235888 11032 32616 1107096 0 0 168 208 577 816 46 4 50
1 0 0 235888 10680 32640 1107420 0 0 312 344 652 3895 17 4 79
0 0 0 235888 10572 32648 1107784 8 0 476 124 576 455 20 5 74
3 1 0 235888 10512 32648 1108172 0 52 556 52 609 925 54 15 31
0 4 1 235888 10476 32652 1108272 32 0 2028 248 837 881 72 8 19
1 0 0 235888 10488 32664 1108368 0 0 2244 580 847 631 12 5 83

[brion@pliny brion]$ free
total used free shared buffers cached
Mem: 2068912 2058352 10560 0 32476 1099424
-/+ buffers/cache: 926452 1142460
Swap: 2047992 239256 1808736

Looking pretty good! We do have some swap used, but we're back to having
very little actual swapping, and over a gig of the used memory is disk
cache, which means it's working for us and it can be taken over by apps
if they need it. Purring along nicely, reaction time seems good.

So far I'm pleased. :)

-- brion vibber (brion @ pobox.com)

Re: Kernel config [ In reply to ]

May 12, 2003, 11:49 AM

Post #4 of 7 (240 views)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi everyone,

I am not that firm in kernel configuration and the effect to the system
(memory usage etc.). But reading the .config file it seems there is a
lot of stuff compiled in the server kernel which is not needed?!

brion@pliny.wikipedia.org wrote:

>CONFIG_MODULES=y
>CONFIG_MODVERSIONS=y
>CONFIG_KMOD=y

Does Wikipedia need to use modules? Don't know if this will give some
more speed but at least for security reasons I wouldn't use them (yes, I
am a little bit paranoic ;-)

>CONFIG_ISA=y

I don't think there is an ISA card in the server?

>CONFIG_HOTPLUG=y

Is this to change a disk on the fly? Otherwise I would not enable
hot-plugging

>CONFIG_PCMCIA=y
>CONFIG_CARDBUS=y

Does the server really use PCMCIA?

>CONFIG_NETFILTER=y

Will the server do anything with iptables? NAT?

>CONFIG_BLK_DEV_CMD640=y

Not useful on an AMD system

>CONFIG_PIIX_TUNING=y

Dito

>CONFIG_NET_PCMCIA=y

>CONFIG_PCMCIA_PCNET=y

As above, don't think PCMCIA is used.

Again, I am no kernel wizard, but maybe this helps giving Wikipedia even
more speed on the new server.
Regards

Thomas aka Urbanus
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+v+zPUfI+mHkmMg8RAsHWAJ9YLQxE5FJ3LQLu4y2qsX2oa8gxPACeM2WO
JtKaBATeNK1GU5LEB0JGIXA=
=n2Qc
-----END PGP SIGNATURE-----

Re: Kernel config [ In reply to ]

jowens.wiki at ghiapet

May 12, 2003, 4:40 PM

Post #5 of 7 (238 views)

On Mon, 12 May 2003, Thomas Luft wrote:

> Date: Mon, 12 May 2003 20:49:51 +0200
> From: Thomas Luft <tluft@web.de>
> Subject: Re: [Wikitech-l] Kernel config
>
> Hi everyone,
>
> I am not that firm in kernel configuration and the effect to the system
> (memory usage etc.). But reading the .config file it seems there is a
> lot of stuff compiled in the server kernel which is not needed?!
>
> brion@pliny.wikipedia.org wrote:
<commentary snipped for brevity>
>
> >CONFIG_MODULES=y
> >CONFIG_MODVERSIONS=y
> >CONFIG_KMOD=y
>
> >CONFIG_ISA=y
>
> >CONFIG_HOTPLUG=y
>
> >CONFIG_PCMCIA=y
> >CONFIG_CARDBUS=y
>
> >CONFIG_NETFILTER=y
>
> >CONFIG_BLK_DEV_CMD640=y
>
> >CONFIG_PIIX_TUNING=y
>
> >CONFIG_NET_PCMCIA=y
>
> >CONFIG_PCMCIA_PCNET=y
>
> Again, I am no kernel wizard, but maybe this helps giving Wikipedia even
> more speed on the new server.

I would add to the list of features we could probably do without:

CONFIG_PM=y

does *.wikipedia.org ever go into power-saving mode? Unless it's
for blanking a terminal screen attached to it, if there is one.

CONFIG_BLK_DEV_RZ1000=y

unless the host actually uses this chipset

CONFIG_BLK_DEV_PIIX=y
CONFIG_PIIX_TUNING=y

I KNOW it isn't a PII or other Pentium

CONFIG_BLK_DEV_IDE_MODES=y

CONFIG_SCSI_AIC7XXX=y
CONFIG_AIC7XXX_CMDS_PER_DEVICE=253
CONFIG_AIC7XXX_RESET_DELAY_MS=15000

I think this was the default SCSI controller, I know I also found
SYM53C8XX added.

I would favour keeping the module support, though. Otherwise, yeah, what
Thomas said.

--
John R. Owens http://www.ghiapet.homeip.net/
Men rarely (if ever) manage to dream up a god superior to themselves.
Most gods have the manners and morals of a spoiled child.
--- Lazarus Long

Re: Kernel config [ In reply to ]

hfastjava at yahoo

May 12, 2003, 8:57 PM

Post #6 of 7 (238 views)

reducing these options will maybe shave a couple hundred k of the size of the kernel image.

triming down a kernel does not make it faster, it might save you 4 microseconds at boot time...
There is *NO* good reason to recompile kernels unless you have to.

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

Re: Kernel config [ In reply to ]

l.tulipan at mpwi

May 13, 2003, 6:28 AM

Post #7 of 7 (239 views)

> Message: 5
> Date: Mon, 12 May 2003 20:57:14 -0700 (PDT)
> From: Hunter Peress <hfastjava@yahoo.com>
> Subject: Re: [Wikitech-l] Kernel config
> To: wikitech-l@wikipedia.org
> Reply-To: wikitech-l@wikipedia.org
>
> reducing these options will maybe shave a couple hundred k of the size of the kernel image.
>
> triming down a kernel does not make it faster, it might save you 4 microseconds at boot time...
> There is *NO* good reason to recompile kernels unless you have to.
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
>

Basically you are right, all except loadable module support are not
really worth the hassle.
But I think, if you want to secure things, you sould really disable
loadable module support. Most root-kits need this to work. If you can
somehow disable it, the chance of a permanent security breach are pretty
slim.
And for that to work you need to shave of those couple of 100 k's to get
all in one nice kernel package.
It all depends on how paranoid you are (or how you trust your backups
:-)

Cheers
Leo