Home IT Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Efficient running Linux virtual machine Six Tips     - Use of the storage-level replication technology will quickly clone a ASM database to the target environment (Database)

- The Linux firewall is configured to use proxy (Linux)

- Safe learning through self-extracting package to achieve invasion (Linux)

- How to contribute code on GitHub uploads (Linux)

- Five strokes to find out the IP address you want to know (Linux)

- Use Linux built-in firewall to improve network access control (Linux)

- Linux character device - a simple character device model (Linux)

- ORA-12154: TNS: could not resolve the connect identifier specified solve (Database)

- Various sorting algorithms implemented in Python (Programming)

- How to install Linux on a MacBook Pro Retina (Linux)

- Linux-du and df command (Linux)

- Function Getting the Linux shell (Programming)

- Sorting algorithm of dichotomy (binary) insertion sort algorithm (Programming)

- Java generate two-dimensional code by Zxing (Programming)

- Ubuntu to install systems Indicator Sticky Notes 0.4.4 (Linux)

- Linux / BSD firewall M0n0wall Profile (Linux)

- ARM platform compiler installation Golang (Linux)

- Spring Data JPA call a stored procedure examples (Programming)

- Linux boot the system does not display a progress bar setting method (Linux)

- To install Oracle Database Details and FAQ Summary under CentOS (Database)

  Efficient running Linux virtual machine Six Tips
  Add Date : 2018-11-21      
  Linux in the enterprise data center has been popular for many years. LAMP service, Web servers, proxy servers, firewalls, and load balancers, just a few basic Linux operating system use cases. In the past decade, with the improvement of the usability and improve the document, many Linux distributions use significantly increased. In the growth phase, we will virtualization technology into the data center. At the same time, when running Linux virtual machine to pay attention to some caveats.

Logical Volume Management

Many recent Linux distributions include the Logical Volume Manager (LVM) this technology, because it belongs to the disk and partition management, allowing administrators to perform a number of tasks. Some segmentation features - extended across multiple disks or data segment - in the virtual world may be less common, users will often in the same storage area network or the data stored in the data storage area. In addition to these, LVM also provides other interesting features. By enabling LVM, network administrators can extend the file system extensions different partition and file system at work, while keeping the file system and can be accessed online. According to strict compliance requirements, LVM allows us to perform a volume-based snapshots for backup and restore without calling vSphere brought functions.

My advice is, if you have a rigorous workload availability and use of online strategy adjustment, the virtual machine must be LVM partition. If you do not need a large amount of uptime or do not intend to install Linux on a separate partition runs, LVM complexity will be far greater than the benefits, ultimately disabling LVM.

Partition options

The default installation of Linux usually prompting the user to use only one partition of all files. In some cases the right to do so, but when you try to adjust and improve the safety and performance of virtual machines, each file has a separate partition, such as / tmp, / var, / home, / usr, do more meaning - especially if you want each partition has different installation options. By using the / etc / fstab file, you can specify the corresponding line option for installing different partitions, as follows:

UUID = 0aef28b9-3d11-4ab4-a0d4-d53d7b4d3aa4 / tmp ext4 defaults, noexec 1 2

Such as Web servers, one of the most common use cases for the Linux virtual machine, we'll soon find some "default" installation option ultimately undermine security and performance plan.

Noatime / atime / relatime: These installation option determines how timestamps are included in the partition file. In older Linux releases, the default is "one," which means once every reader, the operating system for the file metadata write a timestamp - is, just read the number of calls. Provide external file has been using a Web server, you can imagine the cost of this process. By specifying storage "noatime" Web server data on the partition, you can not update the access time, reduce server overhead. The new release is the default option "relatime", its function is very powerful, if the modification time update only update the access time.

Noexec / exec: execute a given partition disable or enable binary files. For example, Web server is concerned, with the "noexec" install / tmp partition is significant. In fact, many hardening guidelines recommend use this option to improve security.

Care must be taken when the user changes the access time parameters. Some applications, such as e-mail-related features, requires a complete "one" installation option. In the case of the Web server, as long as safety guidelines allow it access, you can use the "noatime" Install Web server data. Noexec on, the judicious use of this option, many automatic setup and installation package to extract it to / tmp and started from there. It is easy to open and close, but at least I can / tmp add noexec.


For a long time, we recommend the use of VMXNET3 network adapters and disk adapters paravirtualized virtual machine. Windows-based systems in a virtual machine, we can only specify these drivers also use VMware tools installed automatically. Using this hardware, Linux poses some challenges. First, the new version of the Linux distributions usually have their own VMXNET3 adapter and driver, even if VMware tools are installed, they will also be used as the default driver.

The old Linux distributions may contain an outdated VMXNET3 driver version, it may not provide a complete set of features included in the VMware Tools version for you. VMware KB2020567 overview of how to enable some features VMXNET drive. If you want to install VMware VMXNET3 driven tool, you can specify the following options when VMware Tools installation:

./vmware-install.pl -clobber-kernel-modules = vmxnet3

Low-cost CPU wants to get some extra throughput, paravirtualization SCSI adapter is a good way. Be sure to check the list of supported operating systems before making this choice, in order to ensure paravirtualization SCSI adapter supports kernel or distribution.

If possible, I recommend that administrators use VMXNET3 and PVSCSI. If you are using an older kernel on the installation of VMware Tools VMXNET3 version. If you are using a newer kernel, use the native Linux driver in the distribution.

Memory Management

Linux operating system will continue to store the page is moved from physical memory pages to the local swap partition, which is by design. In fact, VMware use of memory management functions do the same thing. But Linux memory management act a little different, even if the physical memory - virtual memory currently available, also moves memory pages. Linux virtual machine in order to reduce the inter-exchange activity, we can adjust a "swapiness" value. A higher value indicates more movement and a lower value indicates a memory does not move. To adjust this value, just add /etc/sysctl.conf "Vm.swappiness = ##", the restart after "##" is replaced by the value you want.

I like to replace the default value to a value lower than the numbers 60. At the same time using the operating system and the vSphere management swap your memory does not make sense. Moreover, depending on the application, but I usually set this value to 15-20.

I / O scheduler

ESXi play a great role in terms of memory management, when it belongs to the I / O scheduler and written to disk, it presents another state. In addition, Linux operating system, the internal repeat some of this functionality. 2.6 kernel, most distributions have been used as the default Completely Fair Queuing I / O scheduler. Other available is NOOP, Anticipatory and Deadline. VMware only explains how to change the value you want to change and why, scheduling two I / O does not make sense. In short, the transition to the grub kernel entry by additional machines using the Linux kernel by default I / O scheduler can be switched.

You do not need to re-arrange the operating system to schedule management program. I recommend using NOOP I / O scheduler, because it does not optimize disk I / O, and allows vSphere discretionary management.

Remove unused hardware and disable unnecessary services

In the past year, how many times you use the virtual floppy and internal computer speakers in a virtual machine do? If you do not intend to use these devices, put them pull into the blacklist. Remove the floppy command is as follows:

echo "blacklist floppy" | tee /etc/modprobe.d/blacklist-floppy.conf

rmmod floppy

update-initramfs -u

There is no need to tangle unused hardware. If you are still using, you may disable any Virtual Console. This can be done in / etc / inittab in the following implementation:

1: 2345: respawn: / sbin / getty 38400 tty1

2: 23: respawn: / sbin / getty 38400 tty2

# 3: 23: respawn: / sbin / getty 38400 tty3

# 4: 23: respawn: / sbin / getty 38400 tty4

# 5: 23: respawn: / sbin / getty 38400 tty5

# 6: 23: respawn: / sbin / getty 38400 tty6

I suggest you remove the floppy disk. Remember that you must also remove the hardware configuration of the virtual machine, the virtual machine and disable it in the BIOS. For other services, you can be blacklisted them, including monitoring disk array configuration (mptctl), pcspker, snd_pcm, snd_page_alloc, snd_timer, snd, snd_soundcore, coretemp, parport and parport_pc.

Before you pull into the blacklist these services, you want to make sure that they are not used. At the same time, I always turn on several virtual consoles may be used, but a bit more open six.

This is some notes run Linux virtual machines. Taking into account the performance gains, everyone should be, as the case may be. Make some minor adjustments, you may see more performance improvement, and some performance degradation. As usual, before the change, to be tested in a lab environment. Technology is constantly changing, so the test can be achieved by advancing the best results. If you have any other tips or suggestions can be made in the comments.
- To see the Linux device tree (Linux)
- Oracle 11g upgrade PSU detailed steps (Database)
- Linux loopback adapter Driven Design (Programming)
- Lua4.0 interpreter entrance (Programming)
- Single list summarizes the basic operation (Programming)
- MySQL Tutorial: Philosophical Reflections on the unauthenticated user (Database)
- ActionContext and ServletActionContext Summary (Programming)
- To update Python version under CentOS system (Linux)
- Oracle 11g partition maintenance (two) - Coalescing Partitions (Database)
- File permissions under Linux (Linux)
- Open container cluster management system architecture and components introduced Kubernetes (Server)
- Iptables on the request URL for IP access control (Linux)
- How to use Quagga BGP (Border Gateway Protocol) router to filter BGP routing (Linux)
- Packages with Snort intrusion monitoring light (Linux)
- Use GLOBK batch command network adjustment (Linux)
- Getting Started with Linux system to learn: how to install the Shrew Soft IPsec VPN on Linux (Linux)
- Repair fatal error in Linux: lame / lame.h: No such file or dir Error (Linux)
- Linux OOM killer mechanism (Linux)
- Shell scripts get a snapshot of the page and generates thumbnails (Linux)
- Nginx Beginner Guide (Server)
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.