cloux
commented
4 years ago Hello p, nice to hear that!
As I optimized the kernel for AWS EC2, I looked at Amazon Linux, Clear Linux and others who made some kernel optimizations. I took their switches and adjusted for better performance as reported by Phoronix tests, and added some additional features (VPN tunnelling, Docker support etc.). Overall I would say that my kernel has pretty good performance/features ratio. That being said, less-frequently used features are simply left out. There is however an easy way for you to compile any additional kernel module you want. This might be easy, but lacks documentation, so here we go:
1) Add kernel module
First you have to compile the missing module from Linux kernel source. In my Devuan system, this is pretty simple to do by using the sin command. First check the file /etc/default/kernel-update, there should be a parameter CLEANUP=n. This means that after the update all source files will be kept in place. This should be the default behavior, but still worth checking. Now run:
sin kerneland wait for ~20 minutes while your new kernel gets compiled for you. This depends on the speed/CPU of your EC2 instance. NOTE: If the the latest kernel is already installed, the command will simply say "We already have that one". In that case you can change the /etc/default/kernel-update and set MONIKER=mainline which will pull a different kernel branch. Alternatively, install my older release that does not have the latest kernel yet and start the kernel update on that older instance.
If all went OK, your kernel source should be in /usr/src/linux-X.Y.Z. Now you can:
cd /usr/src/linux-*
make menuconfigNow you can add/remove any kernel module you want. For dm-crypt, press '/' and search for DM_CRYPT. Set it to 'Y' or 'M', save, and run:
make
make modules_install
make installThis will recompile your changes and put your kernel to /boot. Now you can:
update-grub
restartThat's it, in about 10 seconds your EC2 instance should be back online with your new kernel. I hope these steps are not too complicated to follow. In order to use your new kernel on all your instances it can be easily shared, so other instances can pull your binary by running sin pull kernel. Let me know if you need to know how to do this. It would require a new Issue, Ticket, or a better Manpage;)
NOTE: The minimal allowed EBS size of my instance is set to 4GB. The main reason is that less than 4GB would not be enough to compile a new kernel. If you want to keep several kernels around you might want to use a bigger base EBS.
Please let me know if there are any issues with the steps above.
2) Is there a functional difference between using 5.6 and 4.19 kernel
Yes! To mention a few, the 5.6 branch includes PSI for the oomd system (since kernel 4.20), wireguard VPN (since 5.6), and my kernel is carefully optimized for EC2 environment: includes AWS virtual network drivers (ixgbevf and ENA), XEN virtualization support, and lot more. Just check /boot/config-* files and compare for yourself. At the same time all unnecessary stuff is excluded to keep things slim and fast. To speed up the boot time even INITRD is stripped away. My system boots directly into the kernel and initializes from runit stage1, no need for initramfs.
For additional AWS compatibility, performance gain and stability features (oomd) I would definitely recommend my kernel over the "stock" from the repo. However, if you don't care about any of these things and 4.19 simply works for you, go for it! Please note that the speed measurements and feature list in the readme are directly related to my kernel and I will not be able to provide support for issues with other kernels.
3) Is there an officially recommended way to switch from the 5.6 kernel to one of the standard kernels shipped with Devuan, such as linux-image-cloud-amd64
Well, no. I recommend not to do it. If any of the stock kernels would perform well, I would be using it. All stock kernels require initramfs. That adds bloat. Even the specialized big players on EC2 like Amazon Linux waste the boot time trying to show you a desktop boot animation on headless cloud servers with no graphics. Clear Linux for EC2 being the faster from the bunch is actually slightly modified Android kernel. While it includes nonsense like drivers for Huawei mobile phones (?!?), it does not support VPN tunnels. This is a mess.
To be honest, I was only looking and comparing the kernels provided by the big players on EC2 platform. The overall quality is somewhat disappointing, so I would not expect much from a "stock" kernel, even if it's marketed as "cloud". Your mileage may vary.
You have been warned, but as I said before: try it and if it works for you, great!
p
Hi,
Thank you for providing this aws image. I was looking for a systemd-free OS to run on amazon.
One issue I ran into was I wanted to use disk encryption (cryptsetup/dm-crypt) and it appears that the kernel that comes with aws-devuan does not include dm-crypt modules (and in general has very few modules included?). Eventually I dealt with this by installing
linux-image-cloud-amd64, removing/boot/*5.6*and runningupdate-grub. The system seems to work with kernel 4.19.The questions I have are:
linux-image-cloud-amd64?linux-image-cloud-amd64?Thanks in advance.