c/pve-kernel-qoup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5fd5ec0e77
pve-kernel-qoup/README
Fabian Grünbichler 1e99f45be0 build: replace 4.13 with 4.15 
as well as artful with bionic, and reset KREL/PKGREL accordingly
2018-03-09 14:47:21 +01:00

148 lines
3.7 KiB
Plaintext
Raw Blame History

KERNEL SOURCE:
==============
We currently use the Ubuntu kernel sources, available from:
http://kernel.ubuntu.com/git/ubuntu/ubuntu-bionic.git/
Ubuntu will maintain those kernels till:
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable
Additional/Updated Modules:
---------------------------
- include latest e1000e driver from intel/sourceforge
- include latest ixgbe driver from intel/sourceforge
- include latest igb driver from intel/sourceforge
- include native OpenZFS filesystem kernel modules for Linux
* https://github.com/zfsonlinux/
For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ
RELATED PACKAGES:
=================
proxmox-ve
----------
top level meta package, depends on current default kernel series meta package.
git clone git://git.proxmox.com/git/proxmox-ve.git
pve-kernel-meta
---------------
depends on latest kernel and header package within a certain kernel series,
e.g., pve-kernel-4.15 / pve-headers-4.15
git clone git://git.proxmox.com/git/pve-kernel-meta.git
pve-firmware
------------
contains the firmware for all released PVE kernels.
git clone git://git.proxmox.com/git/pve-firmware.git
NOTES:
======
Watchdog blacklist
------------------
By default, all watchdog modules are black-listed because it is totally undefined
which device is actually used for /dev/watchdog.
We ship this list in /lib/modprobe.d/blacklist_pve-kernel-<VERSION>.conf
The user typically edit /etc/modules to enable a specific watchdog device.
Additional information
----------------------
We use the default configuration provided by Ubuntu, and apply
the following modifications:
see debian/rules (PVE_CONFIG_OPTS)
- enable INTEL_MEI_WDT=m (to allow disabling via patch)
- disable CONFIG_SND_PCM_OSS (enabled by default in Ubuntu, not needed)
- switch CONFIG_TRANSPARENT_HUGEPAGE to MADVISE from ALWAYS
- enable CONFIG_CEPH_FS=m (request from user)
- enable common CONFIG_BLK_DEV_XXX to avoid hardware detection
problems (udev, undate-initramfs have serious problems without that)
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_DEV_SR=y
CONFIG_BLK_DEV_DM=y
- add workaround for Debian bug #807000 (see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000)
CONFIG_BLK_DEV_NVME=y
- compile NBD and RBD modules
CONFIG_BLK_DEV_NBD=m
CONFIG_BLK_DEV_RBD=m
- set LOOP_MIN_COUNT to 8 (debian defaults)
CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
- disable module signatures (CONFIG_MODULE_SIG)
- enable IBM JFS file system
This is disabled in RHEL kernel for no real reason, so we enable
it as requested by users (bug #64)
- enable apple HFS and HFSPLUS
This is disabled in RHEL kernel for no real reason, so we enable
it as requested by users
- enable CONFIG_BCACHE=m (requested by user)
- enable CONFIG_BRIDGE=y
Else we get warnings on boot, that
net.bridge.bridge-nf-call-iptables is an unknown key
- enable CONFIG_DEFAULT_SECURITY_APPARMOR
We need this for lxc
- set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
because if not set, it can give some dynamic memory or cpu frequencies
change, and vms can crash (mainly windows guest).
see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273
- use 'deadline' as default scheduler
This is the suggested setting for KVM. We also measure bad fsync
performance with ext4 and cfq.
- disable CONFIG_INPUT_EVBUG
Module evbug is not blacklisted on debian, so we simply disable it
to avoid key-event logs (which is a big security problem)
- enable CONFIG_MODVERSIONS (needed for ABI tracking)
- switch default UNWINDER to FRAME_POINTER
the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS
- enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)
Reference in New Issue View Git Blame Copy Permalink