#!/bin/bash #============================================================================== # This script serves as a guide defining best-practice configurables for a # production environment. See documentation regarding configurables here: # https://www.perforce.com/perforce/doc.current/manuals/cmdref/Content/CmdRef/configurables.configurables.html # # Copyright and license info is available in the LICENSE file included with # the Server Deployment Package (SDP), and also available online: # https://swarm.workshop.perforce.com/projects/perforce-software-sdp/view/main/LICENSE #------------------------------------------------------------------------------ # Set P4PORT and P4USER and run p4 login before running this script. declare DepotSpecFile= declare LOGFILE= # Verify instance value INSTANCE=$1 if [[ -n "$INSTANCE" ]]; then # shellcheck disable=SC1091 source /p4/common/bin/p4_vars "$INSTANCE" ||\ { echo -e "\\nError: Failed to load SDP environment."; exit 1; } # shellcheck disable=SC1091 source /p4/common/bin/backup_functions.sh ||\ { echo -e "\\nError: Failed to load backup_functions.sh."; exit 1; } else echo "Error: An instance argument is required." exit 1 fi LOGFILE="${LOGS:-/tmp}/configure_new_server.$(date +'%Y%m%d-%H%M').log" check_vars set_vars touch "${LOGFILE}" ||\ { echo -e "\\nError: Couldn't touch log file [${LOGFILE}].\\n"; exit 1; } # Redirect stdout and stderr to a log file. exec > >(tee "${LOGFILE}") exec 2>&1 log "${0##*/} configuring $P4SERVER on $(date)." echo "Logging to: $LOGFILE" echo -e "See documentation regarding configurables here:\\n https://www.perforce.com/perforce/doc.current/manuals/cmdref/Content/CmdRef/configurables.configurables.html\\n" # Basic secruity features. p4 configure set run.users.authorize=1 # The server.depot.root configurable was introduced in 2014.1. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2014.1" ]]; then p4 configure set server.depot.root="$DEPOTS" fi p4 configure set journalPrefix="$CHECKPOINTS/p4_${INSTANCE}" p4 configure set dm.user.noautocreate=2 p4 configure set dm.info.hide=1 p4 configure set filesys.P4ROOT.min=5G p4 configure set filesys.depot.min=5G p4 configure set filesys.P4JOURNAL.min=5G # Note: With the SDP structure, filesys.P4LOG.min=5G and # filesys.TEMP.min=5G don't need to be set, as they are # stored on the same volume as the journal and are thus # accounted for with filesys.P4JOURNAL.min. p4 configure set server=4 p4 configure set monitor=1 # For P4D 2013.2+, setting db.reorg.disable=1, which turns off # dynamic database reorg, has been shown to significantly improve # performance when Perforce databases (db.* files) are stored on # some solid state storage devices, while not making a difference # on others. # shellcheck disable=SC2072 [[ "$P4D_VERSION" > "2013.1" ]] && p4 configure set db.reorg.disable=1 # For P4D 2017.2.1594901 or greater, enable net.autotune. For net.autotune # to take effect, it must be enabled on both sides of a connection. So, to # get the full benefit, net.autotune must be enabled on all brokers, proxies, # and clients. See this KB article for details on fully enabling net.autotune: # https://community.perforce.com/s/article/15368 # # For connections in which net.autotune is not enabled, the p4d default value # of net.tcpsize takes effect. # # When P4D is older than 2014.2 but less than 2017.2.1594901, set net.tcpsize # to 512k. In 2014.2, the default value for net.tcpsize became 512k, a # reasonable default, so it should not be set explicitly. Also, there are # indications it can reduce performance if set when not needed. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" < "2014.2" ]]; then p4 configure set net.tcpsize=524288 elif [[ "$P4D_VERSION" > "2017.2.1594900" ]]; then p4 configure set net.autotune=1 p4 configure unset net.tcpsize else p4 configure unset net.tcpsize fi # For P4D 2016.2.1468155+, set db.monitor.shared = max value. if [[ "$P4D_VERSION" > "2016.2.1468154" ]]; then # This is the number of 8k pages to set aside for monitoring, # which requires pre-allocation of sufficient RAM. The default # is 256, or 2MB, enough for about 128 active/concurrent processes. # The max as of 2016.2 is 4096. Setting db.monitor.shared=0 # causes the db.monitor on disk to be used instead, which can # potentially be a bottleneck. p4 configure set db.monitor.shared=4096 fi p4 configure set net.backlog=2048 p4 configure set lbr.autocompress=1 p4 configure set lbr.bufsize=1M p4 configure set filesys.bufsize=1M p4 configure set serverlog.file.3="$LOGS/errors.csv" p4 configure set serverlog.retain.3="$KEEPLOGS" # The following are useful if using Interset Threat Detection with Perforce, # or if P4AUDIT logs are otherwise desired. # p4 configure set serverlog.file.4="$LOGS/audit.csv" # p4 configure set serverlog.retain."4=$KEEPLOGS" p4 configure set serverlog.file.7="$LOGS/events.csv" p4 configure set serverlog.retain.7="$KEEPLOGS" p4 configure set serverlog.file.8="$LOGS/integrity.csv" p4 configure set serverlog.retain.8="$KEEPLOGS" # Add a custom trigger for tracking trigger events: p4 configure set serverlog.events.11=11 p4 configure set serverlog.file.11="$LOGS/triggers.csv" p4 configure set serverlog.retain.11="$KEEPLOGS" DepotSpecFile="${0%/*}/spec.depot.p4s" if [[ -r "$DepotSpecFile" ]]; then echo "Creating a depot named 'spec' of type 'spec'." p4 -s depot -i < "$DepotSpecFile" ||\ { echo -e "\\nError: Failed to create spec depot."; } else echo -e "\\nWarning: Skipping spec depot creation due to missing spec file: $DepotSpecFile" fi DepotSpecFile="${0%/*}/unload.depot.p4s" if [[ -r "$DepotSpecFile" ]]; then echo "Creating a depot named 'unload' of unload 'unload'." p4 -s depot -i < "$DepotSpecFile" ||\ { echo -e "\\nError: Failed to create unload depot."; } else echo -e "\\nWarning: Skipping unload depot creation due to missing spec file: $DepotSpecFile" fi # Load shedding and other performance-preserving configurable. # See: http://answers.perforce.com/articles/KB/1272 # For p4d 2013.1+ # shellcheck disable=SC2072 [[ "$P4D_VERSION" > "2013.1" ]] && p4 configure set server.maxcommands=2500 # For p4d 2013.2+ -Turn off max* commandline overrides. # shellcheck disable=SC2072 [[ "$P4D_VERSION" > "2013.2" ]] && p4 configure set server.commandlimits=2 echo See: https://community.perforce.com/s/article/3867 p4 configure set rpl.checksum.auto=1 p4 configure set rpl.checksum.change=2 p4 configure set rpl.checksum.table=1 # Define number of login attempts before there is a delay, to thwart # automated password crackers. Default is 3; set to a higher value to # be more friendly to humans without compromising the protection. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2013.1" ]]; then p4 configure set dm.user.loginattempts=7 fi # For p4d 2016.1 Patch 5+ # Enable a server with an expired temp license to start, albeit with limited # functionality, so that license expiry doesn't make it impossible to perform # license management via the front-door. This configurable allows the server # to be started regardless of a bad license, though users will still be blocked # by license invalid messages. Perpetual commercial licenses never expire; # this configurable will not affect those. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2016.1.1408676" ]]; then p4 configure set server.start.unlicensed=1 fi # Starting with p4d 2015.1 Patch 5, disallow P4EXP v2014.2 (a client # version known to misbehave) from connecting to the server. # See: http://answers.perforce.com/articles/KB/15014 # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2015.1.1126924" ]]; then p4 configure set rejectList="P4EXP,version=2014.2" fi # For p4d 2011.1 thru 2015.1, set rpl.compress=3. For p4d 2015.2+, set # rpl.compress=4. This setting compresses journal data only, which is # almost always advantageous as it compresses well, while avoiding # compression of archive data, which is a mixed bag in terms of performance # benefits, and potentially a net netagive. # server.global.views - makes client views global in a commit/edge or cluster environment. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2015.2" ]]; then p4 configure set rpl.compress=4 p4 configure set server.global.client.views=1 elif [[ "$P4D_VERSION" > "2011.1" ]]; then p4 configure set rpl.compress=3 fi # Starting with p4d 2016.2, enable these features. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2016.2" ]]; then p4 configure set filesys.checklinks=2 p4 configure set server.locks.global=1 p4 configure set proxy.monitor.level=3 fi # Recommended for Swarm p4 configure set dm.shelve.promote=1 p4 configure set dm.keys.hide=2 p4 configure set filetype.bypasslock=1 # Starting with p4d 2018.2 (as tech-preview, 2019.2 for GA), add best # practices for Extensions. if [[ "$P4D_VERSION" > "2018.2" ]]; then p4 configure set server.extensions.dir="$DEPOTS"/p4-extensions fi # Starting with p4d 2016.1, use auth.id to simplify ticket handling. # After setting auth.id, login again. # shellcheck disable=SC2072 if [[ "$P4D_VERSION" > "2016.1" ]]; then p4 configure set rpl.forward.login=1 p4 configure set auth.id="$P4SERVER" "$P4CBIN"/p4login fi # Set SDP version identifing info. p4 counter SDP_DATE "$(date +'%Y-%m-%d')" p4 counter SDP_VERSION "$SDP_VERSION" echo "Restarting server to ensure all configurable changes take effect." stop_p4d start_p4d echo "Logging in." "$P4CBIN"/p4login echo -e "\\nIt is recommended that you run 'p4 configure set security=3' or\\n'p4 configure set security=4'.\\nSee: http://www.perforce.com/perforce/doc.current/manuals/p4sag/chapter.superuser.html#DB5-49899\\n" if [[ "$P4D_VERSION" > "2017.2.1594900" ]]; then echo -e "The net.autotune value has been set on the server. To get the full benefit, it must also be\\nenabled on proxies, brokers, and clients as well." fi
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#44 | 30388 | C. Thomas Tyler |
Released SDP 2024.1.30385 (2024/06/11). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#43 | 30297 | C. Thomas Tyler |
Released SDP 2023.2.30295 (2024/05/08). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#42 | 30043 | C. Thomas Tyler |
Released SDP 2023.2.30041 (2023/12/22). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#41 | 29954 | C. Thomas Tyler |
Released SDP 2023.1.29949 (2023/12/01). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#40 | 29891 | C. Thomas Tyler |
Released SDP 2023.1.29699 (2023/07/11). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#39 | 29612 | C. Thomas Tyler |
Released SDP 2023.1.29610 (2023/05/25). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#38 | 28651 | C. Thomas Tyler |
Released SDP 2021.2.28649 (2022/03/03). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#37 | 27901 | C. Thomas Tyler |
Released SDP 2020.1.27899 (2021/07/13). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#36 | 27761 | C. Thomas Tyler |
Released SDP 2020.1.27759 (2021/05/07). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#35 | 27527 | C. Thomas Tyler |
Released SDP 2020.1.27524 (2021/02/26). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#34 | 27331 | C. Thomas Tyler |
Released SDP 2020.1.27325 (2021/01/29). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#33 | 26573 | C. Thomas Tyler | SDP patch for SDP-543. | ||
#32 | 26403 | C. Thomas Tyler |
Released SDP 2019.3.26400 (2020/03/28). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#31 | 26161 | C. Thomas Tyler |
Released SDP 2019.3.26159 (2019/11/06). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#30 | 25933 | C. Thomas Tyler |
Released SDP 2019.2.25923 (2019/08/05). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#29 | 25245 | C. Thomas Tyler |
Released SDP 2019.1.25238 (2019/03/02). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#28 | 23510 | C. Thomas Tyler |
Released SDP 2018.1.23504 (2018/01/19). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev', with selective removal of work-in-progress files. |
||
#27 | 23331 | C. Thomas Tyler |
Released SDP 2017.4.23329 (2017/12/05). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#26 | 23006 | C. Thomas Tyler |
Released SDP 2017.3.23003 (2017/10/19). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#25 | 22685 | Russell C. Jackson (Rusty) | Update main with current changes from dev. | ||
#24 | 22185 | C. Thomas Tyler |
Released SDP 2017.2.22177 (2017/05/17). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#23 | 21723 | C. Thomas Tyler |
Released SDP 2017.1.21720 (2017/02/17). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#22 | 21483 | C. Thomas Tyler |
Released SDP 2016.2.21480 (2017/01/11). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#21 | 21381 | C. Thomas Tyler |
Released SDP 2016.2.21379 (2016/12/20). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#20 | 21244 | C. Thomas Tyler |
Released SDP 2016.2.21239 (2016/12/06). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#19 | 21193 | Russell C. Jackson (Rusty) | Update main from dev. | ||
#18 | 20353 | C. Thomas Tyler |
Released SDP 2016.1.20348. Copy Up using 'p4 copy -r -b perforce_software-sdp-dev', with selective removal of changes related to work-in-progress changes. |
||
#17 | 19841 | C. Thomas Tyler |
Released SDP 2016.1.19838 (2016/06/26). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#16 | 19694 | C. Thomas Tyler |
Released SDP/MultiArch/2016.1/19661 (2016/06/08). Copy Up using 'p4 copy -r -b perforce_software-sdp-dev'. |
||
#15 | 19414 | C. Thomas Tyler | Released SDP/MultiArch/2016.1/19410 (2016/05/17). | ||
#14 | 18961 | C. Thomas Tyler | Released: SDP/MultiArch/2016.1/18958 (2016/04/08). | ||
#13 | 16807 | Russell C. Jackson (Rusty) | Merged approved changes in from dev. | ||
#12 | 16459 | C. Thomas Tyler |
For p4d 2011.1 thru 2015.1, set rpl.compress=3. For p4d 2015.2+, set rpl.compress=4. A value of 4, new in P4D 2015.2, compresses journal data only, which is almost always advantageous as it compresses well, while avoiding compression of archive data, which is a mixed bag in terms of performance benefits, and potentially a net netagive. #review @scommon |
||
#11 | 16276 | Russell C. Jackson (Rusty) | Bumped mins up to 5G | ||
#10 | 15856 | C. Thomas Tyler |
Replaced the big license comment block with a shortened form referencing the LICENSE file included with the SDP package, and also by the URL for the license file in The Workshop. |
||
#9 | 15552 | C. Thomas Tyler |
Removed net.maxwait setting. Considerations: * Our KB Article says not to set it: http://answers.perforce.com/articles/KB/3751 * The value of 600 (10 mintues) was too low, and was observed to break replication. * This was originally thought to be a server-side 'zombie process' defense, but it has undesirable side-effects. #review-15553 |
||
#8 | 12112 | Russell C. Jackson (Rusty) | Increased maxcommands to 2500 and dropped maxwait to 600. | ||
#7 | 12106 | C. Thomas Tyler |
Corrected annoying but otherwise harmless warnings due to having Windows batch style comments in the Unix shell script. |
||
#6 | 12029 | C. Thomas Tyler |
Clarified appropriate P4D version string checks in *.sh version, and made cosmetic tweaks to *.sh and *.bat versions. |
||
#5 | 12026 | C. Thomas Tyler |
Updated a few configurables, including net.maxwait that may help prevent P4EXP from building up idle prococesses on p4d. |
||
#4 | 11722 | adrian_waters |
Remove redundant version-specific setting of monitor: [[ "$P4D_VERSION" > "2014.1" ]] && p4 configure set monitor=1 Script subsequently sets monitor=1 independant of version |
||
#3 | 11524 | Russell C. Jackson (Rusty) | Released updated version of the SDP from Dev. | ||
#2 | 11408 | C. Thomas Tyler |
Added recommended SDP setting setting of db.reorg.disable=1. It is commented out by default, with a comment indicating that the db.reorg.disable configurable should be considered when databases are stored on solid state storage, as it results in performance improvement for some (but not all) solid state storage devices. #review-11175 @michael_shields Updated from first shelve for review: * Changed version from 2014.2 to 2013.2. * Fixed grammatical error in comment. * Corrected comment style to Windows for *.bat file ('#' --> '::'). Updated from second shelve for review: * Updated comments above and in the code based on feedback, especially that the performance improvement is not universal on all solid state devices. |
||
#1 | 10148 | C. Thomas Tyler | Promoted the Perforce Server Deployment Package to The Workshop. |