Difference between revisions of "ASL prerequisites"

From Atomicorp Wiki
Jump to: navigation, search
(Recommendations)
(Database)
Line 49: Line 49:
 
For systems with high volumes of events we recommend you move your mysql databases to their own I/O channel separate from your web sites and/or other file system intensive operations.  This will give the database its own dedicated I/O channel to the database files.  Databases can be quite large, and the ASL events database will grow over time based on the archive settings you have configured in your [[ASL configuration]].  Therefore, a faster way of reading these databases will improve performance on the system.
 
For systems with high volumes of events we recommend you move your mysql databases to their own I/O channel separate from your web sites and/or other file system intensive operations.  This will give the database its own dedicated I/O channel to the database files.  Databases can be quite large, and the ASL events database will grow over time based on the archive settings you have configured in your [[ASL configuration]].  Therefore, a faster way of reading these databases will improve performance on the system.
  
 +
=== mysql tuning ===
 +
 +
If you are using mysql, we highly recommend you tune it with a professionals help.  mysql is a wonderful and powerful database server, but it is not tuned in its default configuration and will performance very poorly as a result.  You can use the excellent tool mysqltuner to help with this, however this tool is just providing recommendations and an experts assistance should be consulted to make the best use of these recommendations.
 +
 +
To install mysqltuner, please run this command as root:
 +
 +
yum install mysqltuner
 +
 +
And to run it, just run this command:
 +
 +
mysqltuner
 +
 +
More information is available about mysqltuner at this website:
 +
 +
http://www.mysqltuner.com/
  
 
== Test Server ==
 
== Test Server ==
  
 
Each ASL license lets you install ASL on a product server, a QA server and a test server.  We recommend, as do all software companies, that you always test ASL and ASL upgrades on a test machine before making any changes to your production environment.  We test our products heavily before putting out an updates, but no software company can account for every possible condition, configuration or environment so you should test upgrade on non-production machines before putting them into production.
 
Each ASL license lets you install ASL on a product server, a QA server and a test server.  We recommend, as do all software companies, that you always test ASL and ASL upgrades on a test machine before making any changes to your production environment.  We test our products heavily before putting out an updates, but no software company can account for every possible condition, configuration or environment so you should test upgrade on non-production machines before putting them into production.

Revision as of 11:31, 22 June 2012

Contents

Introduction

ASL is a powerful security suite that will be analyzing actions of your system in real time. For it to work correctly it will need a well tuned system with reasonable resources. This document outlines the requirements for ASL to function, and recommendations for it perform optimally.

Requirements

Memory

ASL requires at least 1 GB of memory. 2 GB of memory is highly recommend to make use of all of ASLs features.

CPU

ASL does not require a 64bit CPU, however the use of 64Bit CPUs is highly recommended.

Database

When using mysql, querying caching must be enabled. The following setting in mysql must be set for ASL to perform correctly. Failure to set this will result in significant performance impact to ASL, and the system.

query_cache_size=64m

Recommendations

Memory

4 GB of memory is recommended for sites with lots of events and/or domains.

CPU

Multiple 64Bit CPUs are highly recommended for systems with lots of events and/or events.

Database

Query caching

When using mysql, querying caching must be enabled. Larger query caches will result in greater performance, however this must be tuned to the capabilities of the system. Larger query caches also require more memory, so to increase this setting you will need at least 2GB of RAM and preferably 4GB of RAM or more.

For example, on a system with 2GB of RAM the query cache should be set to 128M.

query_cache_size=96m

For systems with 4GB of RAM, or more, a large query cache can be used:

query_cache_size=128m

You can try larger cache sizes, but we find that 128m is generally as high as you need to go. High values may be counter productive.

Dedicated I/O channel

For systems with high volumes of events we recommend you move your mysql databases to their own I/O channel separate from your web sites and/or other file system intensive operations. This will give the database its own dedicated I/O channel to the database files. Databases can be quite large, and the ASL events database will grow over time based on the archive settings you have configured in your ASL configuration. Therefore, a faster way of reading these databases will improve performance on the system.

mysql tuning

If you are using mysql, we highly recommend you tune it with a professionals help. mysql is a wonderful and powerful database server, but it is not tuned in its default configuration and will performance very poorly as a result. You can use the excellent tool mysqltuner to help with this, however this tool is just providing recommendations and an experts assistance should be consulted to make the best use of these recommendations.

To install mysqltuner, please run this command as root:

yum install mysqltuner

And to run it, just run this command:

mysqltuner

More information is available about mysqltuner at this website:

http://www.mysqltuner.com/

Test Server

Each ASL license lets you install ASL on a product server, a QA server and a test server. We recommend, as do all software companies, that you always test ASL and ASL upgrades on a test machine before making any changes to your production environment. We test our products heavily before putting out an updates, but no software company can account for every possible condition, configuration or environment so you should test upgrade on non-production machines before putting them into production.

Personal tools