You can fine-tune the parameters of virtual machines (VM). This will allow you to adjust the performance of the cluster and improve network security. The parameters available for fine-tuning depend on the type of virtualization in the cluster.

Changing the fine settings is not recommended if you are not completely sure about your actions.

Available parameters


Clusters with KVM virtualization

  • resources:
    • vCPU — CPU count;
    • RAM — RAM, MB;
    • Storage — main disk space, GB; 

    • partition for extension — the partition of the main disk that will be enlarged when the Storage parameter is changed. For example, /dev/sda2 or sda2;

  • limits:
    • CPU weight — CPU usage priority. Values range from 128 to 10000. For example, a VM weighing 2048 will access the CPU twice as often as a VM weighing 1024;
    • I/O usage weight — input/output operations priority. Values range from 100 to 1000. For example, a VM with the I/O weight of 200 will perform read and write operations to disk twice as often as a VM with the weight of 100;
    • read speed, IOPS (change without VM rebooting is supported);
    • write speed, IOPS (change without VM rebooting is supported);
    • read speed, Mbps (change without VM rebooting is supported);
    • write speed, Mbps (change without VM rebooting is supported);
    • inbound traffic speed, Mbps (change without VM rebooting is supported);
    • outgoing traffic speed, Mbps (change without VM rebooting is supported);

      VMs with a traffic speed higher than 1000 Mbps may not work correctly.

    • incoming TCP-connections;
    • outgoing TCP-connections;
  • antispoofing settings:
    • Antispoofing enable/Antispoofing disable switch — enable or disable protection against network attacks using the IP-spoofing method;
    • Tagged traffic is permitted/Tagged traffic is not permitted switch — allow or deny traffic with the VLAN tags;

      IP spoofing is a type of hacking attack that uses someone else's IP address to deceive a security system. During IP spoofing, hackers change the sender's address in the L3 packet. This allows hackers to hide the attacker's true address and send a reply packet to the desired address.

      To protect VMs from IP spoofing, the platform checks the source MAC address in all L2 frames sent from the VM. If the source MAC address matches the VM's MAC address, the platform checks the source IP address in the L3 packet of the frame. If the source IP address does not match the VM's IP address, the L2 frame is discarded and is not transmitted further.

  • port restrictions — restriction of connections to certain virtual machine (VM) ports. Read more in Restricting access to a VM;

  • VM disks settings:
    • Storage — disk space, GB;
    • partition for extension — t he partition of the disk that will be enlarged when the Storage parameter is changed. For example, /dev/sda2 or sda2;

  • virtualization parameters:
    • CPU emulation mode — VM CPU specification defining method :
      • By default — QEMU virtual CPU is emulated;
      • Host-model — the emulated CPU will have the same function flags as the cluster node CPU;
      • Host-passthrough — the emulated CPU will exactly match the CPU on the host machine cluster node and have the same function flags. This emulation mode provides better performance and may also be mandatory for some applications. Migration of such virtual machine is possible only to the fully matching CPU.
    • boot loader type — BIOS or UEFI.

Clusters with LXD virtualization

  • resources:
    • vCPU — CPU count;
    • RAM — RAM, MB;
    • Storage — disk space, GB;

      For the platform to be able to resize a disk, the storage must have free space of at least the same size as the original disk.

  • limits:
    • CPU weight — CPU usage priority. Values range from 0 to 10. For example, a VM weighing 2 will access the CPU twice as often as a VM weighing 1;
    • I/O usage weight — input/output operations priority. Values range from 0 to 10. For example, a VM with the I/O weight of 10 will perform read and write operations to disk twice as often as a VM with the weight of 5;
    • network weight — priority in time allocated for processing requests . Values range from 1 to 10. For example, VM requests with a network weight of 2 will be allocated twice as often as VM requests with the weight of 1;
    • process count;
    • read speed, IOPS (change without VM rebooting is supported);
    • write speed, IOPS (change without VM rebooting is supported);
    • read speed, Mbps (change without VM rebooting is supported);
    • write speed, Mbps (change without VM rebooting is supported);

      In the LXD cluster, the following settings cannot be used simultaneously:

      • "read speed, IOPS" and "read speed, Mbps";
      • "write speed, IOPS" and "write speed, Mbps".


    • inbound traffic speed, Mbps (change without VM rebooting is supported);
    • outgoing traffic speed, Mbps (change without VM rebooting is supported);

      VMs with a traffic speed higher than 1000 Mbps may not work correctly.


    • incoming TCP-connections;
    • outgoing TCP-connections;
  • antispoofing settings:
    • Antispoofing enable/Antispoofing disable switch — enable or disable protection against network attacks using the IP-spoofing method;
    • Tagged traffic is permitted/Tagged traffic is not permitted switch — allow or deny traffic with the VLAN tags;

      IP spoofing is a type of hacking attack that uses someone else's IP address to deceive a security system. During IP spoofing, hackers change the sender's address in the L3 packet. This allows hackers to hide the attacker's true address and send a reply packet to the desired address.

      To protect VMs from IP spoofing, the platform checks the source MAC address in all L2 frames sent from the VM. If the source MAC address matches the VM's MAC address, the platform checks the source IP address in the L3 packet of the frame. If the source IP address does not match the VM's IP address, the L2 frame is discarded and is not transmitted further.

  • port restrictions — restriction of connections to certain virtual machine (VM) ports. Read more in Restricting access to a VM;
  • сontainerization parameters:

    • nested containerization — creating containers inside a container using Docker, Podman, LXC, etc.

Changing vCPU and RAM


In clusters with KVM virtualization type, you can increase the vCPU and RAM values without rebooting the VM:

  • vCPU — no limitations;
  • RAM — only in 1024 MB increments and not more than 16 times for each VM.

If the vCPU and RAM values decrease, the VM will be rebooted.

To increase the resource value without rebooting, enable the Increase CPU and RAM values without rebooting the VM option on the Resources and limits tab.

The option reserves a part of the VM's RAM. Before enabling the option, make sure that the VM RAM is not fully loaded. For example, when creating a VM with Ubuntu 20.04, 22.04, it is recommended to allocate at least 1 GB.

Increasing disk size


In clusters with the KVM virtualization type, there are two ways to increase the VM disk: 

  • with VM reboot — the platform enlarges the disk partition specified in the settings or adds unallocated space to the VM if no partition is specified;
  • without rebooting the VM — the platform resizes the block device. Disk partitions remain unchanged.

Only one of the methods can be activated for each VM at a time. The selected method applies to all disks of the VM.

Specifics of operation for VMs with Windows OS

Partition increase is performed in the Linux environment using the virt-resize utility. Therefore, for Windows VMs, you have to specify a partition in Linux OS format in the Partition for expansion field. For example, /dev/sda4. To get the list of partitions:

  1. Connect to the cluster node with the VM via SSH.
  2. Run the command:

    virt-filesystems -d <domain> --all -l
    BASH

    <domain> — VM domain in id_VM-name format. For example, 34_vmtest

Increase with VM reboot

For the platform to be able to resize a disk, the storage must have free space of at least the same size as the original disk.

To increase the disk size:

  1. Enter Virtual machines → select the VM → Parameters button Fine-tuning settings section → VM disk settings tab.
  2. Disable the Increase disk size without rebooting the VM option.
  3. In the Storage field, specify the desired disk size.
  4. Specify the Partition for expansion. For example, /dev/sda2 or sda2.

    • You can specify an external or an internal partition name. For example, the /dev/sda2 section in CentOS 8 can have the internal name /dev/vda2. Specify the internal name only if this partition is mounted on the system.
    • To enlarge the disk by creating a new partition, leave the parameter blank. VMmanager will add unallocated disk space to the VM. You will be able to create a new partition in this space using the OS.
  5. Click the Change and restart button.

With this method, the platform:

  1. Shuts down the VM.
  2. Creates a new disk with a specified size.
  3. Copies data from the VM's original disk to the new disk.
  4. Turns on the VM.
  5. If the disk increase is successful, deletes the VM's original disk.
  6. If an error occurred during disk increase, restores VM operation with the original disk.

Increase without VM reboot

The method is supported for EXT4, XFS, NTFS file systems.

To increase the disk size:

  1. Enter Virtual machines → select the VM → Parameters button Fine-tuning settings section → VM disk settings tab.
  2. Disable the Increase disk size without rebooting the VM option.
  3. In the Storage field, specify the desired disk size.
  4. The value in the Partition for expansion field will not be taken into account when the disk is changed.
  5. Click the Edit button.

With this method, the platform only changes the size of the block device. To increase a disk partition in the file system:

  • Linux (EXT4, XFS):
    1. Connect to the VM via SSH.
    2. Install utilities to resize the disk: 

      Debian, Ubuntu

      apt-get install cloud-guest-utils
      BASH

      AlmaLinux

      dnf install cloud-utils-growpart
      BASH

      CentOS

      yum install cloud-utils-growpart
      BASH
    3. Define the partition and file system type: 

      lsblk -f
      BASH

      In the example below, the partition is vda2 and the file system type is EXT4.

      NAME   FSTYPE LABEL UUID                                 MOUNTPOINT
      vda                                                      
      ├─vda1                                                   
      └─vda2 ext4         4a9ea381-1b1c-f135-a540-685a8d3e82f8 /
      BASH
    4. Perform a partition expansion: 

      growpart /dev/<partition_name> <partition_number>
      CODE

      <partition_name> — partition name

      <partition_number> — partition number

      For example, for vda2 partition, the command is: growpart /dev/vda 2

    5. Change the file system size:

      EXT4

      resize2fs /dev/<partition>
      BASH

      XFS

      xfs_growfs -d /dev/<partition>
      BASH

      <partition> — partition

  • Windows (NTFS):
    1. Connect to the VM via VNC or SPICE.
    2. Change the partition size using the Disk Management tool. Read more in the Microsoft documentation.

Fine-tuning procedure


To fine-tune the parameters:

  1. Enter Virtual machines → select the VM → Parameters button Fine-tuning settings section.
  2. Specify the required parameter values on the Resources and limits tab.
  3. If the VM requires adding vCPU and RAM without rebooting, enable the Increase CPU and RAM values without rebooting option. 

    To apply this setting, the VM will be rebooted.

  4. If the VM requires increasing disk size without rebooting, enable the Increase disk size without rebooting the VM option. 
  5. Configure Port restrictions for the VM Read more in Restricting access to a VM .
  6. If there are multiple disks connected to the VM in a KVM cluster, specify the required parameter values on the VM disk settings tab. Read more about virtual disks in Managing VM disks

    If disk settings are changed, the VM will be rebooted.


  7. Select the required parameter values on the Virtualization (Containerization) tab. 

    If the CPU emulation mode or boot loader type is changed, the VM will be rebooted.


  8. Press Edit (Change and restart).

Performance benchmarks of VMs using third-party software do not guarantee unbiased data. This is due to the limitations of virtualization — the presence of additional levels of abstraction between software and hardware.

An example of resources and limits configuration

Example of VM disks configuration

An example of virtualization parameters configuration