Back to Zing Documentation Home
Zing Virtual Machine with ZST Post Installation Tasks
The following post-installation steps are not directly required when starting to use Zing, but it is recommended to go through them to avoid later problems in production systems.
Transferring JDK Customizations
If you have applied customizations to the existing non-ZST ZVM installation location, you might need to transfer those to the Zing.
Those customizations could be, for example, JAR files added to the directory $JAVA_HOME/jre/lib/ext or changes in the security settings below $JAVA_HOME/jre/lib/security. Zing offers the same directories to store custom jar files and security policies.
Setting an Unlimited ulimit
Ensure the ulimit is unlimited for virtual memory, resident memory, and core file size. At the command line, type:
$ ulimit -v unlimited -m unlimited -c unlimited
Some operating systems default the ulimit to -v unlimited, others do not. The -v unlimited value is required prior to launching a ZVM instance for the first time. The -m and -c options issue warnings and do not prevent a ZVM instance from launching.
Set the ulimit prior to launching any ZVM instances or add it to a system start command file.
Ensuring Sufficient Virtual Memory Areas
If you are running Oracle HotSpot or OpenJDK and using XX:+UseLargePages, you must ensure there is sufficient memory allocated to each: Zing and Linux memory.
To ensure that OS settings are appropriate for performance sensitive applications, apply the following settings:
- Disable
transparent_hugepageson your Linux system where you are running Zing. - Turn off SWAP either by removing swap or by setting
swappinessto0. Best practice removes swap. - Set
vm.min_free_kbytesto 1 GB or more. Best practice assigns more than 1 GB. - Set
vm.max_map_count=1000000.
JDK Configuration Compatibility
If your Java application requires access to any javax.crypto unlimited strength policy files:
- If they are included with your existing version of the JDK, copy them to the Linux JDK where the ZVM software package is installed.
- If you do not have an existing JDK, download the
javax.cryptopolicy files from the Oracle website directly and store them to the Linux JDK where the ZVM software package is installed.
Since ZVM 17.11.0.0 the Java Cryptography Extension (JCE) jurisdiction policy files are included. In order to use encryption with key lengths more than 128 bit, no installation of JCE files is required and adding the following line in your code is sufficient:
Security.setProperty("crypto.policy", "unlimited");
With ZVM 17.11.0.0 no additional encryption algorithm code was added compared to earlier releases, it only enabled existing code by default.
The previous approach of copying the policy files is still available and all policy files for limited and unlimited key lengths are now included. To activate the unlimited key length:
cp /opt/zing/zing-jdk8/jre/lib/security/policy/unlimited/* /opt/zing/zing-jdk8/jre/lib/security/
See Also
- Zing System Tools Release Notes
- Zing with ZST System Requirements
- ZVM with ZST Installation Prerequisites Details
- Installing the Zing System Tools
- Installing the Zing Virtual Machine with ZST
- Installing Zing System Tools Using DKMS
- Verifying Zing Virtual Machine with ZST Installation
- Run a Java Application with ZVM and ZST
- Zing Compatibility Reference
- Zing ZST Compatibility and API Versions
- Transparent HugePages Settings
- ZST Memory Configuration
- Installing and Configuring Zing Using Read-Only Images
- Upgrading or Uninstalling Zing Components
- ZVM with ZST Monitoring and Management
Last modified: December 9, 2019
|
© Azul Systems, Inc. 2020 All rights reserved. |
   
|
|
