System¶
The system section exposes some configuration settings of the operating
system and the VPP dataplane that are
relevant for the operation of the appliance.
Operating system¶
The following fields expose operating system settings:
dns.serversA list of DNS server IP addresses that the appliance uses for domain name resolution.
ntp.serversA list of NTP time server IP addresses that the appliance uses for time synchronization.
kernelA group of Linux kernel settings that are exposed.
Warning
Be advised that you should only change these values if you understand the implications. In case you have any questions, reach out to customer-support@anapaya.net.
hugepage_sizeThe size of hugepages the kernel should allocate at boot time.
hugepagesThe number of hugepages the kernel should allocate at boot time.
iommu_enabledA flag configuring whether the IOMMU subsystem in the Linux kernel is enabled. To improve performance, this should be set to true on all systems that support it.
Hint
Use the following command to find out if the appliance host supports IOMMU:
find /sys | grep dmar
It should report a non-empty list of devices.
Note
After changing this option the appliance needs to be rebooted.
system
The following example configures enables IOMMU and configures custom DNS and NTP servers.
"system": {
"dns": {
"servers": [
{
"address": "2.2.2.2"
}
]
},
"kernel": {
"iommu_enabled": true
},
"ntp": {
"servers": [
{
"address": "time3.example.ch"
}
]
},
}
Vector Packet Processor (VPP)¶
Warning
Be advised that you should only change these values if you understand the implications. In case you have any questions, reach out to customer-support@anapaya.net.
The appliance router and IP-in-SCION tunneling processes use a VPP dataplane to provide fast packet processing.
The following fields configure relevant settings of and related to the VPP dataplane:
buffers.data_sizeThe default size of the buffer VPP allocates for a packet, in bytes (VPP Reference).
connectionConfigures the appliance’s connection to the VPP dataplane. The VPP control service is the part of the appliance that configures the underlying network devices for the VPP dataplane and regularly performs health checks to make sure it works as expected.
health_check.probe_intervalThe interval in which a health check probe is sent to the VPP dataplane.
health_check.reply_timeoutThe time in which the VPP control service expects a reply from the VPP dataplane.
health_check.thresholdThe number of health checks, from VPP control service to the VPP dataplane, that is allowed to time out before the connection is considered dead.
reconnect_attemptsThe number of connection attempts from VPP control service to the VPP dataplane after starting up.
reconnect_intervalThe interval at which a connection is attempted from VPP control service to the VPP dataplane after starting up.
cpu.main_coreThe logical CPU core the main VPP dataplane thread runs on (VPP Reference).
cpu.workersThe number of workers that are created for the VPP dataplane. The workers are automatically pinned to consecutive CPU cores. (VPP Reference)
VPP creates a TUN device to accept packets from and route packets to Linux. The device gets created automatically and can be configured with the following fields:
tun.mtuThe MTU (Maximum Transmission Unit) on the TUN device that the VPP dataplane creates in Linux.
tun.prefixesA list of prefixes that should not be forwarded by VPP but routed to Linux.
system.vpp
The following example configures the VPP dataplane to use a larger than default buffer size and only one CPU.
"system": {
"vpp": {
"buffers": {
"data_size": 9000
},
"cpu": {
"main_core": 1,
"workers": 1
},
}
}