aguia-pescadora-bravo (#16): Swap de 12GB, swappiness 10/100 & vfs_cache_pressure 50/100

Author: fititnt

logbook/aguia-pescadora-bravo.sh

@@ -81,8 +81,56 @@ sudo apt install language-pack-pt language-pack-pt-base
 
 sudo update-locale LANG=pt_PT.utf8
 
-### Criar Swap__________________________________________________________________
-
+### Criar Swap & ajusta Swappiness______________________________________________
+# Se o sistema operacional ficar sem memória ram suficiênte, ele pode ter falha
+# crítica. Diferente de windows, no Linux swap precisa ser especificada
+# explícitamente. No caso da aguia-pescadora-bravo, tanto por estabilidade do
+# sistema como para explicitamente permitir que usuários possam fazer tarefas
+# eventualmente intensivas, vamos por 12GB de Swap (A RAM desse sistema é 8GB)
+#
+# AVISO: apesar de:
+#
+#        1) os discos SSD da OVH tenham uma performance fantástica
+#        2) não seria incomum o uso de swap em tarefas pontuais de data science
+#        3) todo usuário de aguia-pescadora-bravo esteja ciente que
+#           eventualmente colegas podem usar usar muita CPU e muita RAM
+#           e que não poderão reclamar de lentidão apps e afins
+#
+#        é uma boa prática de vizinhança
+#
+#        1) se for rodar tarefas pesadas por várias horas, esteja online
+#        2) se puder escolher horários que menos pessoas estão usando, melhor
+#        3) feche seus programas quando parar de usar, e se algo der errado
+#           avise algum admin para dar um reinstart na máquina
+
+## Cria um /swapfile de 12GB
+# @see https://www.digitalocean.com/community/tutorials/how-to-add-swap-space-on-ubuntu-18-04
+sudo fallocate -l 12G /swapfile
+sudo chmod 600 /swapfile
+ls -lh /swapfile
+sudo mkswap /swapfile
+sudo swapon /swapfile
+
+sudo cp /etc/fstab /etc/fstab.bak
+echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
+
+## Ajusta swappness (tendência do SO a fazer swap)
+# 100 = preferir fazer swap agressivamente (deixar memoria ram livre)
+# 0 = só fazer swap em caso de urgência (deixa RAM o mais ocupada possivel)
+cat /proc/sys/vm/swappiness
+# O padrão vem com 60, vamos por em 10 (para so faze swap em casos mais criticos)
+
+sudo sysctl vm.swappiness=10
+
+vim /etc/sysctl.conf
+# Adciona 'vm.swappiness=10' (sem aspas) no final do arquivo
+
+## Cache Pressure
+cat /proc/sys/vm/vfs_cache_pressure
+# 100, vamos alterar para 50
+
+vim /etc/sysctl.conf
+# Adciona 'vm.vfs_cache_pressure=50' (sem aspas) no final do arquivo
 
 #------------------------------------------------------------------------------#
 # SEÇÃO: Benchmark do sistema                                                  #

logbook/aguia-pescadora-bravo/etc/fstab

@@ -0,0 +1,2 @@
+LABEL=cloudimg-rootfs	/	 ext4	defaults	0 0
+LABEL=UEFI	/boot/efi	vfat	defaults	0 0

logbook/aguia-pescadora-bravo/etc/sysctl.conf

@@ -0,0 +1,80 @@
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See /etc/sysctl.d/ for additional system variables.
+# See sysctl.conf (5) for information.
+#
+
+#kernel.domainname = example.com
+
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 3 4 1 3
+
+##############################################################3
+# Functions previously found in netbase
+#
+
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+#net.ipv4.conf.default.rp_filter=1
+#net.ipv4.conf.all.rp_filter=1
+
+# Uncomment the next line to enable TCP/IP SYN cookies
+# See http://lwn.net/Articles/277146/
+# Note: This may impact IPv6 TCP sessions too
+#net.ipv4.tcp_syncookies=1
+
+# Uncomment the next line to enable packet forwarding for IPv4
+#net.ipv4.ip_forward=1
+
+# Uncomment the next line to enable packet forwarding for IPv6
+#  Enabling this option disables Stateless Address Autoconfiguration
+#  based on Router Advertisements for this host
+#net.ipv6.conf.all.forwarding=1
+
+
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+#net.ipv4.conf.all.log_martians = 1
+#
+
+###################################################################
+# Magic system request Key
+# 0=disable, 1=enable all
+# Debian kernels have this set to 0 (disable the key)
+# See https://www.kernel.org/doc/Documentation/sysrq.txt
+# for what other values do
+#kernel.sysrq=1
+
+###################################################################
+# Protected links
+#
+# Protects against creating or following links under certain conditions
+# Debian kernels have both set to 1 (restricted) 
+# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
+#fs.protected_hardlinks=0
+#fs.protected_symlinks=0
+#
+vm.swappiness=10
+vm.vfs_cache_pressure=50