# mounts are shared to run containers later, eg. cilium, falco
# should be handled in openrc, see: https://github.com/OpenRC/openrc/pull/526/files
mount --make-rshared /

# Enable THP incl. defrag but very conservatively
# see: https://go.dev/doc/gc-guide#Linux_transparent_huge_pages
echo "madvise" > /sys/kernel/mm/transparent_hugepage/enabled
echo "defer+madvise" > /sys/kernel/mm/transparent_hugepage/defrag
echo "0" > /sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none