readme: general updates

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2021-09-28 07:08:46 +02:00
parent 5e8e351552
commit 5d60271071

29
README
View File

@ -8,6 +8,10 @@ We currently use the Ubuntu kernel sources, available from:
Ubuntu will maintain those kernels till: Ubuntu will maintain those kernels till:
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable
or
https://pve.proxmox.com/pve-docs/chapter-pve-faq.html#faq-support-table
whatever happens to be earlier.
Additional/Updated Modules: Additional/Updated Modules:
@ -60,7 +64,7 @@ pve-kernel-meta
--------------- ---------------
depends on latest kernel and header package within a certain kernel series, depends on latest kernel and header package within a certain kernel series,
e.g., pve-kernel-4.15 / pve-headers-4.15 e.g., pve-kernel-5.11 / pve-headers-5.11
git clone git://git.proxmox.com/git/pve-kernel-meta.git git clone git://git.proxmox.com/git/pve-kernel-meta.git
@ -138,45 +142,34 @@ NOTE: For the exact and current list see debian/rules (PVE_CONFIG_OPTS)
CONFIG_BLK_DEV_RBD=m CONFIG_BLK_DEV_RBD=m
- enable IBM JFS file system as module - enable IBM JFS file system as module
requested by users (bug #64)
enable it as requested by users (bug #64)
- enable apple HFS and HFSPLUS as module - enable apple HFS and HFSPLUS as module
requested by users
enable it as requested by users
- enable CONFIG_BCACHE=m (requested by user) - enable CONFIG_BCACHE=m (requested by user)
- enable CONFIG_BRIDGE=y - enable CONFIG_BRIDGE=y
to avoid warnings on boot, e.g. that net.bridge.bridge-nf-call-iptables is an unknown key
Else we get warnings on boot, that
net.bridge.bridge-nf-call-iptables is an unknown key
- enable CONFIG_DEFAULT_SECURITY_APPARMOR - enable CONFIG_DEFAULT_SECURITY_APPARMOR
We need this for lxc We need this for lxc
- set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y - set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
because if not set, it can give some dynamic memory or cpu frequencies because if not set, it can give some dynamic memory or cpu frequencies
change, and vms can crash (mainly windows guest). change, and vms can crash (mainly windows guest).
see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273 see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273
- use 'deadline' as default scheduler - use 'deadline' as default scheduler
This is the suggested setting for KVM. We also measure bad fsync performance with ext4 and cfq.
This is the suggested setting for KVM. We also measure bad fsync
performance with ext4 and cfq.
- disable CONFIG_INPUT_EVBUG - disable CONFIG_INPUT_EVBUG
Module evbug is not blacklisted on debian, so we simply disable it to avoid
Module evbug is not blacklisted on debian, so we simply disable it key-event logs (which is a big security problem)
to avoid key-event logs (which is a big security problem)
- enable CONFIG_MODVERSIONS (needed for ABI tracking) - enable CONFIG_MODVERSIONS (needed for ABI tracking)
- switch default UNWINDER to FRAME_POINTER - switch default UNWINDER to FRAME_POINTER
the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS
- enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation) - enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)