Searchโ€ฆ
Server Setup

Configure Hardware

Let's save some power, raise the governor on the CPU a bit, and set GPU ram as low as we can.

Test drive speed

Write speed
1
sudo dd if=/dev/zero of=/tmp/output conv=fdatasync bs=384k count=1k; sudo rm -f /tmp/output
Copied!
Read speed
1
sudo hdparm -Tt /dev/sda
Copied!

Overclock, memory & radios

Edit /boot/firmware/config.txt. Just paste Pi Pool additions in at the bottom.
1
sudo nano /boot/config.txt
Copied!
1
[pi4]
2
max_framebuffers=2
3
โ€‹
4
[all]
5
kernel=vmlinuz
6
cmdline=cmdline.txt
7
initramfs initrd.img followkernel
8
โ€‹
9
# Enable the audio output, I2C and SPI interfaces on the GPIO header
10
dtparam=audio=on
11
dtparam=i2c_arm=on
12
dtparam=spi=on
13
โ€‹
14
# Enable the serial pins
15
enable_uart=1
16
โ€‹
17
# Comment out the following line if the edges of the desktop appear outside
18
# the edges of your display
19
disable_overscan=1
20
โ€‹
21
# If you have issues with audio, you may try uncommenting the following line
22
# which forces the HDMI output into HDMI mode instead of DVI (which doesn't
23
# support audio output)
24
#hdmi_drive=2
25
โ€‹
26
# If you have a CM4, uncomment the following line to enable the USB2 outputs
27
# on the IO board (assuming your CM4 is plugged into such a board)
28
#dtoverlay=dwc2,dr_mode=host
29
โ€‹
30
# Config settings specific to arm64
31
arm_64bit=1
32
dtoverlay=dwc2
33
โ€‹
34
## Pi Pool ##
35
over_voltage=6
36
arm_freq=2000
37
#gpu_mem=16
38
disable-wifi
39
#disable-bt
Copied!
Save and reboot.
1
sudo reboot
Copied!

Configure Raspberry Pi OS

Update The System

1
sudo apt update && sudo apt upgrade
Copied!

Disable the Pi user

1
sudo passwd -l pi
Copied!

Disable the root user

1
sudo passwd -l root
Copied!

Secure shared memory

Mount tmpfs as read only.
Open /etc/fstab.
1
sudo nano /etc/fstab
Copied!
Add this line at the bottom, save & exit.
1
tmpfs /run/shm tmpfs ro,noexec,nosuid 0 0
Copied!

Increase open file limit

Open /etc/security/limits.conf.
1
sudo nano /etc/security/limits.conf
Copied!
Add the following to the bottom, save & exit.
1
ada soft nofile 800000
2
ada hard nofile 1048576
Copied!

Optimize performance & security

Add the following to the bottom of /etc/sysctl.conf. Save and exit.
I am disabling IPv6 and IPv4 forwarding. You may want these. I have seen claims that IPv6 is slower and gets in the way.
1
sudo nano /etc/sysctl.conf
Copied!
1
## Pi Pool ##
2
โ€‹
3
# swap more to zram
4
vm.vfs_cache_pressure=500
5
vm.swappiness=100
6
vm.dirty_background_ratio=1
7
vm.dirty_ratio=50
8
โ€‹
9
fs.file-max = 10000000
10
fs.nr_open = 10000000
11
โ€‹
12
# enable forwarding if using wireguard
13
net.ipv4.ip_forward=0
14
โ€‹
15
# ignore ICMP redirects
16
net.ipv4.conf.all.send_redirects = 0
17
net.ipv4.conf.default.send_redirects = 0
18
net.ipv4.conf.all.accept_redirects = 0
19
net.ipv4.conf.default.accept_redirects = 0
20
โ€‹
21
net.ipv4.icmp_ignore_bogus_error_responses = 1
22
โ€‹
23
# disable IPv6
24
net.ipv6.conf.all.disable_ipv6 = 1
25
net.ipv6.conf.default.disable_ipv6 = 1
26
โ€‹
27
# block SYN attacks
28
net.ipv4.tcp_syncookies = 1
29
net.ipv4.tcp_max_syn_backlog = 2048
30
net.ipv4.tcp_synack_retries = 3
31
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv=45
32
โ€‹
33
# in progress tasks
34
net.ipv4.tcp_keepalive_time = 240
35
net.ipv4.tcp_keepalive_intvl = 4
36
net.ipv4.tcp_keepalive_probes = 5
37
โ€‹
38
# reboot if we run out of memory
39
vm.panic_on_oom = 1
40
kernel.panic = 10
41
โ€‹
42
# Use Google's congestion control algorithm
43
net.core.default_qdisc = fq
44
net.ipv4.tcp_congestion_control = bbr
Copied!

Load our changes after boot

Create a new file. Paste, save & close.
1
sudo nano /etc/rc.local
Copied!
1
#!/bin/sh -e
2
#
3
# rc.local
4
#
5
# This script is executed at the end of each multiuser runlevel.
6
# Make sure that the script will "exit 0" on success or any other
7
# value on error.
8
#
9
# In order to enable or disable this script just change the execution
10
# bits.
11
#
12
# By default this script does nothing.
13
โ€‹
14
# Print the IP address
15
_IP=$(hostname -I) || true
16
if [ "$_IP" ]; then
17
printf "My IP address is %s\n" "$_IP"
18
fi
19
โ€‹
20
sleep 120
21
โ€‹
22
sysctl -p /etc/sysctl.conf
23
โ€‹
24
exit 0
Copied!

Disable IRQ balance

You should turn off IRQ Balance to make sure you do not get hardware interrupts in your threads. Turning off IRQ Balance will optimize the balance between power savings and performance through the distribution of hardware interrupts across multiple processors.
Open /etc/default/irqbalance and add to the bottom. Save, exit and reboot.
1
sudo nano /etc/default/irqbalance
Copied!
1
ENABLED="0"
Copied!

Chrony

We need to get our time synchronization as accurate as possible. Open /etc/chrony/chrony.conf
1
sudo apt install chrony
Copied!
1
sudo nano /etc/chrony/chrony.conf
Copied!
Replace the contents of the file with below, Save and exit.
1
pool time.google.com iburst minpoll 2 maxpoll 2 maxsources 3 maxdelay 0.3
2
#pool time.facebook.com iburst minpoll 2 maxpoll 2 maxsources 3 maxdelay 0.3
3
pool time.euro.apple.com iburst minpoll 2 maxpoll 2 maxsources 3 maxdelay 0.3
4
pool time.apple.com iburst minpoll 2 maxpoll 2 maxsources 3 maxdelay 0.3
5
pool ntp.ubuntu.com iburst minpoll 2 maxpoll 2 maxsources 3 maxdelay 0.3
6
โ€‹
7
# This directive specify the location of the file containing ID/key pairs for
8
# NTP authentication.
9
keyfile /etc/chrony/chrony.keys
10
โ€‹
11
# This directive specify the file into which chronyd will store the rate
12
# information.
13
driftfile /var/lib/chrony/chrony.drift
14
โ€‹
15
# Uncomment the following line to turn logging on.
16
#log tracking measurements statistics
17
โ€‹
18
# Log files location.
19
logdir /var/log/chrony
20
โ€‹
21
# Stop bad estimates upsetting machine clock.
22
maxupdateskew 5.0
23
โ€‹
24
# This directive enables kernel synchronisation (every 11 minutes) of the
25
# real-time clock. Note that it canโ€™t be used along with the 'rtcfile' directive.
26
rtcsync
27
โ€‹
28
# Step the system clock instead of slewing it if the adjustment is larger than
29
# one second, but only in the first three clock updates.
30
makestep 0.1 -1
31
โ€‹
32
# Get TAI-UTC offset and leap seconds from the system tz database
33
leapsectz right/UTC
34
โ€‹
35
# Serve time even if not synchronized to a time source.
36
local stratum 10
Copied!
1
sudo service chrony restart
Copied!

Zram swap

We have found that cardano-node can safely use this compressed swap in ram essentially giving us around 20gb of ram. We already set kernel parameters for zram in /etc/sysctl.conf
Swapping to disk is slow, swapping to compressed ram space is faster and gives us some overhead before out of memory (oom).
Raspberry Pi Performance: Add ZRAM and these Kernel Parameters
Linux Systems Analyst | Hayden James
ZRAM, vm.swappiness and the future
Disable Raspbian swapfile.
1
sudo systemctl disable dphys-swapfile.service
Copied!
1
sudo apt install zram-tools
Copied!
1
sudo nano /etc/default/zramswap
Copied!
Multiply default config by 3. This will give you 12.5GB of virtual compressed swap in ram.
mem=$(((totalmem / 2 / ${NRDEVICES}) * 1024 * 3))
1
#!/bin/sh
2
# load dependency modules
3
NRDEVICES=$(grep -c ^processor /proc/cpuinfo | sed 's/^0$/1/')
4
if modinfo zram | grep -q ' zram_num_devices:' 2>/dev/null; then
5
MODPROBE_ARGS="zram_num_devices=${NRDEVICES}"
6
elif modinfo zram | grep -q ' num_devices:' 2>/dev/null; then
7
MODPROBE_ARGS="num_devices=${NRDEVICES}"
8
else
9
exit 1
10
fi
11
modprobe zram $MODPROBE_ARGS
12
# Calculate memory to use for zram (1/2 of ram)
13
totalmem=`LC_ALL=C free | grep -e "^Mem:" | sed -e 's/^Mem: *//' -e 's/ *.*//'`
14
mem=$(((totalmem / 2 / ${NRDEVICES}) * 1024 * 3))
15
# initialize the devices
16
for i in $(seq ${NRDEVICES}); do
17
DEVNUMBER=$((i - 1))
18
echo zstd > /sys/block/zram${DEVNUMBER}/comp_algorithm
19
echo $mem > /sys/block/zram${DEVNUMBER}/disksize
20
mkswap /dev/zram${DEVNUMBER}
21
swapon -p 5 /dev/zram${DEVNUMBER}
22
done
Copied!
View how much zram swap cardano-node is using.
1
CNZRAM=$(pidof cardano-node)
2
grep --color VmSwap /proc/$CNZRAM/status
Copied!
Last modified 26d ago