killYoself

User Tools

Site Tools

Trace: system_opt
projects:system_opt

Table of Contents

⚙️ System Optimization & Stability

📂 Projects > ⚙️ System Optimization

🌟 High-Level Overview

This project focuses on the fine-tuning of the Kubuntu 25.10 Host environment. The objective is to maintain a “Middle Ground” between aggressive performance (for gaming and AI workloads) and rock-solid stability (required for SR-IOV iGPU sharing). The system follows a “Fail Closed” security philosophy, prioritizing system integrity over ease-of-use where necessary.

🛠️ Technical Specifications

1. Hardware & BIOS Tuning

* Platform: MSI z890-s WiFi * CPU: Intel Ultra 7 265k (Arrow Lake-S) * Memory: 64GB DDR5 G.Skill Trident @ 6000 MT/s (iEXPO enabled) * CPU Profile: Intel 200s Boost Profile (Customized for stability)

2. Kernel & OS Optimizations

* Xanmod Kernel (6.19.6): Downgraded and held via APT to match i915-sriov-dkms driver compatibility. * GRUB Boot Flags:

  • intel_iommu=on & i915.force_probe=7d67: Required for SR-IOV/iommu mapping.
  • mitigations=off: Disables CPU side-channel mitigations for maximum performance.
  • pcie_aspm=off: Disables Active State Power Management for PCIe (improves stability).
  • nosplash & quiet: Clean boot for easier diagnostic.
  • nvme_core.default_ps_max_latency_us=0: Prevents NVMe drives from entering deep sleep (reduces latency).
  • i915.enable_guc=3 & i915.max_vfs=1: Configures the iGPU for SR-IOV.

3. Storage & Filesystem (Btrfs)

* Mount Options (fstab):

  • noatime: Disables access-time updates to reduce write overhead.
  • commit=60: Increases the commit interval from 30s to 60s (improves I/O throughput).
  • compress=zstd:1: Enables real-time Zstandard compression for space and speed.

* Data Integrity: Periodic btrfs scrub scheduled to monitor for bit-rot/corruption.

4. Virtualization (KVM/QEMU)

* vCPU Pinning:

  • Host P-Cores (1-4) pinned to the Windows VM to minimize context switching.
  • IOThread pinned to Core 9 for dedicated disk/network processing.

* Memory Performance:

  • hugepages: Enabled for lower memory latency.
  • memfd shared memory: Required for high-speed iGPU buffer sharing.

* VirtIO Migration:

  • Boot disk migrated from SATA to virtio-scsi for high-performance I/O.
  • Network NIC migrated to virtio (RedHat drivers).

5. Web & Wiki Services

* Public Access: DuckDNS dynamic IP update script (/usr/local/bin/duckdns-update.sh). * SSL/TLS: Let's Encrypt (Certbot) enabled for killmyself.duckdns.org with HTTP→HTTPS redirect. * Interactive Tables: SortableJS plugin installed for the RAID stats table.

📊 Monitoring & Automation

* check_sriov_health.sh: Custom script to ensure iGPU VFs are active post-reboot. * security_audit.sh: Scans for unauthorized logins, open ports, and VF hijacks. * Netdata Integration: Real-time anomaly detection and performance dashboarding.

🗓️ History of Major Changes

Date Action Outcome
2026-03-22 Public DNS & SSL Exposed DokuWiki via DuckDNS + Certbot.
2026-03-22 RAID Stats Sorting Installed SortableJS for interactive tables.
2026-03-21 Btrfs Tuning Applied commit=60 and zstd compression.
2026-03-21 VM Optimization Added IOThreads, Hugepages, and vCPU pinning.
2026-03-20 Kernel Downgrade Aligned Xanmod 6.19.6 for SRIOV stability.
2026-03-16 VirtIO Migration Migrated VM disk/network for high performance.
projects/system_opt.txt · Last modified: by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki