diff --git a/docs/operational_guide/kernel_configuration.md b/docs/operational_guide/kernel_configuration.md index 3bcc243529..c719c2d0f7 100644 --- a/docs/operational_guide/kernel_configuration.md +++ b/docs/operational_guide/kernel_configuration.md @@ -1,10 +1,26 @@ -Kernel Configuration +Docker & Kernel Configuration ==================== This document lists the Kernel tweaks M3DB needs to run well. If you are running on Kubernetes, you may use our `sysctl-setter` [DaemonSet](https://github.com/m3db/m3/blob/master/kube/sysctl-daemonset.yaml) that will set these values for you. Please read the comment in that manifest to understand the implications of applying it. +## Running with Docker + +If running M3DB under Docker it is recommended to give M3DB the `SYS_RESOURCE` capability so that it may raise its file +limits. If running directly with Docker this can be accomplished using: + +``` +docker run --cap-add SYS_RESOURCE quay.io/m3/m3dbnode:latest +``` + +If you wish to run M3DB as a non-root user, you will need to use our `setcap` images: +``` +docker run --cap-add SYS_RESOURCE -u 1000:1000 quay.io/m3/m3dbnode:latest-setcap +``` + +More information on Docker's capability settings can be found [here][docker-caps]. + ## vm.max_map_count M3DB uses a lot of mmap-ed files for performance, as a result, you might need to bump `vm.max_map_count`. We suggest setting this value to `3000000`, so you don’t have to come back and debug issues later. @@ -62,3 +78,10 @@ Also note that systemd has a `system.conf` file and a `user.conf` file which may Be sure to check that those files aren't configured with values lower than the value you configure at the service level. Before running the process make sure the limits are set, if running manually you can raise the limit for the current user with `ulimit -n 3000000`. + +## Automatic Limit Raising + +When M3DB first starts up it will attempt to raise its open file limit to the current value of `fs.nr_open`. This is a +benign operation and if it fails M3DB will simply emit a warning. + +[docker-caps]: https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities diff --git a/mkdocs.yml b/mkdocs.yml index 7ae973c0c6..da236b55bf 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -101,7 +101,7 @@ pages: - "Placement/Topology Configuration": "operational_guide/placement_configuration.md" - "Namespace Configuration": "operational_guide/namespace_configuration.md" - "Bootstrapping": "operational_guide/bootstrapping.md" - - "Kernel Configuration": "operational_guide/kernel_configuration.md" + - "Docker & Kernel Configuration": "operational_guide/kernel_configuration.md" - "etcd": "operational_guide/etcd.md" - "Integrations": - "Prometheus": "integrations/prometheus.md"