Client Management: Configuring the Linux Kernel to properly support the agents on a Relay or Master Server

Version 2
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC Client Management


    COMPONENT:

    Client Management


    APPLIES TO:

    Any version of BMC Client Management (BCM)



    QUESTION:

    What are the Linux Server configuration best practices when used as the OS for either a BMC Client Management Master or Relay Server?
    Why do I see "Possible SYN flooding on port 1610. Sending cookies" in the linux /var/log/messages file?
    Why do I see "kernel: hrtimer: interrupt took 6031134 ns" in the linux /var/log/messages file?
    Why does my Linux based Server not accept client connections in some cases?


    ANSWER:

     

       
       The most common cause for deteriorated performance (with frequent crash) of masters and relays on Linux is because the default values set for descriptors are very low. The following configurations should help improve the performance (and avoid crashes) of masters and relays on a Linux platform:   
      
    1) - Ensure that Linux OS updates are applied   
    Common OS updates are often applied with the following command lines:     
    - RHEL: $ sudo yum update    
    - Debian/Ubuntu: $ sudo apt-get update && sudo apt-get dist-upgrade   
      
    As of 12.9, it is not mandatory that is has all the very latest updates though. It's really fontconfig that matters. More information in this Knowledge Article (KA): Client Management: Graphs are not generated in reports.   
      
    2) Connect to the device locally or using SSH then launch the terminal and execute following command as root :   
      
    - ulimit –Hn   and    ulimit -Sn   
    This returns maximum number of open files per user login   
    If one of the returned value is less than 10240, run the commands in the step 3a.   
      
    - sysctl fs.file-max   
    System-wide maximum number of open files.   
    If the value returned is less than 100000, Run the commands in the step 3b.   
      
    - sysctl net.ipv4.tcp_max_syn_backlog   
    TCP max sync backlog.   
    If the value returned is less than 5000, Run the commands in the step 3c.   
      
     blockdev ––getra /dev/sda   
    Read-ahead parameter.   
    If the value returned is less than 8192 , run the commands in the step 3d.    
      
    - grep 'net.ipv4.tcp_tw_re' /etc/sysctl.conf   
    Must return nothing or 0. If return something different run the commands in the step 3e.   
      
    - ps --no-headers -o comm 1   
    If retruns 'systemd' then run the commands in the step 3f   
      
      
    3) Depending on the returned values in step 2, run the following commands:   
      
    3a) To set the maximum number of open file descriptors per user login (value returned by the ulimit-HnRun command):   
      
    # vi /etc/security/limits.conf   
      
    root soft nofile 10240   
    root hard nofile 10240   
      
    Save the file (:q) and run the following command to validate the changes:   
      
    # ulimit -Hn   
    # ulimit -Sn   
      
    3b) To set the system-wide maximum number of open files:   
      
    # vi /etc/sysctl.conf   
    fs.file-max = 209708        (ou plus)   
      
    Save the file (:q) and run the following command to validate the changes:   
      
    # sysctl -p   
      
    Run the following command to double-check:   
      
    # sysctl fs.file-max   
      
    3c) To set the TCP maximum sync backlog:   
      
    # vi /etc/sysctl.conf   
    net.ipv4.tcp_max_syn_backlog=5000   
      
    Save the file (:q) and run the following command to validate the changes:   
      
    # sysctl -p   
      
    Run the following command to double-check:   
      
    # sysctl net.ipv4.tcp_max_syn_backlog   
      
    3d) To set the Read-Ahead value to 8192 for each /dev/sd drive on your server, edit the /etc/rc.local file and add the following block at the end of the file (this is an example of a server with three drive entries - a, b, and c):   
      
    blockdev --setra 8192 /dev/sda    
    blockdev --setra 8192 /dev/sdb    
    blockdev --setra 8192 /dev/sdc    
      
    3e) Remove the following two directives or set to 0 as shown:   
    vi /etc/sysctl.conf   
    net.ipv4.tcp_tw_recycle = 0   
    net.ipv4.tcp_tw_reuse = 0   
      
    3f) Edit both /etc/systemd/system.conf and /etc/systemd/user.conf in order to add the following line under the [Manager] section:   
    DefaultLimitNOFILE=65535   
      
      
    4) Applying noatime attribute can also significantly improve the file I/O performance. To apply noatime attribute by editing the /etc/fstab file and replacing the 'defaults' with 'defaults,noatime', run the following command:   
      
    # /etc/fstab   
    /dev/mapper/centos-root /                       xfs     defaults,noatime 0 0   
    UUID=a8f64424-1a43-4735-a20e-54a8f43304fe /boot xfs     defaults,noatime 0 0   
    /dev/mapper/centos-home /home                   xfs     defaults,noatime 0 0   
    /dev/mapper/centos-swap swap                    swap    defaults,noatime 0 0   
      
      
    5) Reboot the device   
       
      

     


    Article Number:

    000215883


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles