Performance: Difference between revisions

From neuromatch
No edit summary
No edit summary
Line 84: Line 84:
* https://thomas-leister.de/en/scaling-up-mastodon/
* https://thomas-leister.de/en/scaling-up-mastodon/
* https://hazelweakly.me/blog/scaling-mastodon/
* https://hazelweakly.me/blog/scaling-mastodon/
* https://www.digitalocean.com/community/tutorials/how-to-scale-your-mastodon-server


[[Category:Mastodon]]
[[Category:Mastodon]]
[[Category:Admin]]
[[Category:Admin]]
[[Category:Tech WG]]
[[Category:Tech WG]]

Revision as of 21:51, 25 November 2023

Up to: Tech WG

How 2 make the masto run good.

Changes Made

The changes we have actually made from the default configuration, each is either described below or on a separate page:

  • Increase Sidekiq DB_POOL and -c values from from 25 to 75

Sidekiq

The Sidekiq queue processes tasks requested by the mastodon rails app.

There are a few strategies in this post for scaling sidekiq performance.

  • Increase the DB_POOL value in the default service file (below)
  • Make separate services for each of the queues
  • Make multiple processes for a queue (after making a separate service)

Configuration

By default, the mastodon-sidekiq service is configured with 25 threads, the full service file is as follows:

[Unit]
Description=mastodon-sidekiq
After=network.target

[Service]
Type=simple
User=mastodon
WorkingDirectory=/home/mastodon/live
Environment="RAILS_ENV=production"
Environment="DB_POOL=25"
Environment="MALLOC_ARENA_MAX=2"
Environment="LD_PRELOAD=libjemalloc.so"
ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 25
TimeoutSec=15
Restart=always
# Proc filesystem
ProcSubset=pid
ProtectProc=invisible
# Capabilities
CapabilityBoundingSet=
# Security
NoNewPrivileges=true
# Sandboxing
ProtectSystem=strict
PrivateTmp=true
PrivateDevices=true
PrivateUsers=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
RestrictAddressFamilies=AF_INET
RestrictAddressFamilies=AF_INET6
RestrictAddressFamilies=AF_NETLINK
RestrictAddressFamilies=AF_UNIX
RestrictNamespaces=true
LockPersonality=true
RestrictRealtime=true
RestrictSUIDSGID=true
RemoveIPC=true
PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@cpu-emulation @debug @keyring @ipc @mount @obsolete @privile>
SystemCallFilter=@chown
SystemCallFilter=pipe
SystemCallFilter=pipe2
ReadWritePaths=/home/mastodon/live

[Install]
WantedBy=multi-user.target

References