Skip to main content

What's in the baseline

The recurring adjustments, and the reasoning for each:

  • Swap — present and small on the general VMs as a safety cushion, but off on the Kubernetes nodes (the kubelet wants it gone). The point isn't "swap good" or "swap bad" — it's matching the swap policy to the role.
  • I/O scheduler — for disks that are really virtual devices on an SSD-backed pool, the kernel's elaborate reordering schedulers just add latency. Setting the scheduler to none lets the host and SSD do the scheduling they're better at.
  • Periodic TRIM (fstrim) — tells the underlying SSD/thin storage which blocks are free again, keeping space usage honest and writes fast over time.
  • TCP congestion control (BBR) — on the internet-facing jump host, BBR noticeably improves throughput over lossy/long-haul links compared to the default.
  • Kernel currency — keeping a consistent, current kernel across the fleet, so behaviour is the same everywhere.
role            swap     scheduler   notes
general VM      small     none        fstrim on
k8s node        OFF       none        kubelet requires no swap
jump host       small     none        + BBR (faces the internet)

Why we use this: each of these is the kind of setting that does nothing visible on a quiet day and saves you on a busy one. Defaults are tuned for "a physical laptop"; a virtual disk on an SSD pool, or an internet-facing gateway, wants something slightly different.

No comments to display

Back to top