This page groups host-level tuning guidance relevant to production Spooky deployments.
Host Priorities
- sufficient UDP buffer sizing
- sufficient file descriptor limits
- stable CPU scheduling under multi-worker load
- predictable network path MTU
- minimal interference from unrelated noisy workloads
Linux Tuning Areas
Important areas to validate:
- receive and send socket buffer sizes
- device backlog and packet budget
- file descriptor ceilings
- capability model for privileged ports
- conntrack impact, if present in the environment
Built-In Project Guidance
The repository already includes:
- production guidance in Production Deployment
- a Linux sysctl helper in
scripts/sysctl-linux-network-tuning.sh
Use those as a baseline, then tune with real traffic and host telemetry.
Practical Advice
- do not treat aggressive sysctl values as universally correct
- validate tuning with the same traffic pattern you expect in production
- keep cert, config, and log path permissions minimal
- isolate the process from unrelated noisy co-located workloads where possible
- verify privileged-port bind strategy before rollout