README.rst
1.. SPDX-License-Identifier: GPL-3.0-or-later
2
3.. _cache_sizing:
4
5Cache sizing
6------------
7
8For personal use-cases and small deployments cache size around 100 MB is more than enough.
9
10For large deployments we recommend to run Knot Resolver on a dedicated machine, and to allocate 90% of machine's free memory for resolver's cache.
11
12For example, imagine you have a machine with 16 GB of memory.
13After machine restart you use command ``free -m`` to determine amount of free memory (without swap):
14
15.. code-block:: bash
16
17 $ free -m
18 total used free
19 Mem: 15907 979 14928
20
21Now you can configure cache size to be 90% of the free memory 14 928 MB, i.e. 13 453 MB:
22
23.. code-block:: lua
24
25 -- 90 % of free memory after machine restart
26 cache.size = 13453 * MB
27
28.. _cache_persistence:
29
30Cache persistence
31-----------------
32.. tip:: Using tmpfs for cache improves performance and reduces disk I/O.
33
34By default the cache is saved on a persistent storage device
35so the content of the cache is persisted during system reboot.
36This usually leads to smaller latency after restart etc.,
37however in certain situations a non-persistent cache storage might be preferred, e.g.:
38
39 - Resolver handles high volume of queries and I/O performance to disk is too low.
40 - Threat model includes attacker getting access to disk content in power-off state.
41 - Disk has limited number of writes (e.g. flash memory in routers).
42
43If non-persistent cache is desired configure cache directory to be on
44tmpfs_ filesystem, a temporary in-memory file storage.
45The cache content will be saved in memory, and thus have faster access
46and will be lost on power-off or reboot.
47
48
49.. note:: In most of the Unix-like systems ``/tmp`` and ``/var/run`` are commonly mounted to tmpfs.
50 While it is technically possible to move the cache to an existing
51 tmpfs filesystem, it is *not recommended*: The path to cache is specified in
52 multiple systemd units, and a shared tmpfs space could be used up by other
53 applications, leading to ``SIGBUS`` errors during runtime.
54
55Mounting the cache directory as tmpfs_ is recommended approach.
56Make sure to use appropriate ``size=`` option and don't forget to adjust the
57size in the config file as well.
58
59.. code-block::
60
61 # /etc/fstab
62 tmpfs /var/cache/knot-resolver tmpfs rw,size=2G,uid=knot-resolver,gid=knot-resolver,nosuid,nodev,noexec,mode=0700 0 0
63
64.. code-block:: lua
65
66 # /etc/knot-resolver/config
67 cache.size = 2 * GB
68
69.. _tmpfs: https://en.wikipedia.org/wiki/Tmpfs
70