OpenHandsをインストールしてみた (メモ)

要約

• OpenHandsを公式の手順通りにインストールしてOpenRouteで動かしてみた
• Ubuntu 24.04のファイアウォール(ufw)設定を行う必要があった → $ sudo ufw allow proto tcp from 172.16.0.0/12 to any

インストール

ISOイメージ

ttps://releases.ubuntu.com/24.04/ubuntu-24.04.2-live-server-amd64.iso

パーティション構成

EFI	1.049G
/	948.0 GB	btrfs
swap	4.817 GB

PCの初期設定

$ sudo -i
# apt install ufw vim-tiny
# ufw enable
# ufw status verbose

# apt update
# apt upgrade

# apt install screen acpid apparmor-profiles irqbalance logrotate rsyslog smartmontools

# timedatectl set-timezone Asia/Tokyo

# vi /etc/default/grub
    GRUB_RECORDFAIL_TIMEOUT=5
	GRUB_CMDLINE_LINUX_DEFAULT="zswap.enabled=1 zswap.compressor=zstd zswap.zpool=zsmalloc"

# update-grub

# vi /etc/systemd/timesyncd.conf
	NTP=ntp.jst.mfeed.ad.jp
	FallbackNTP=time.cloudflare.com

# systemctl restart systemd-timesyncd

# vi /etc/fstab
	defaults,compress=zstd:1,autodefrag

# reboot

# btrfs filesystem defrag -r -v -czstd /
# btrfs filesystem usage /

# systemctl enable fstrim.timer

# ssh-keygen -t ed25519 -b 256 -f /etc/ssh/ssh_host_ed25519_key -N ''
# ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N ''
# ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ''


# vi /etc/sysctl.conf

    # Security
    net.ipv4.conf.default.rp_filter            = 1 # Default:2
    net.ipv4.conf.all.rp_filter                = 1 # Default:2
    
    net.ipv4.tcp_syncookies                    = 1 # Default:1
    
    net.ipv4.icmp_ignore_bogus_error_responses = 1 # Default:1
    net.ipv4.icmp_echo_ignore_broadcasts       = 1 # Default:1
    net.ipv4.icmp_echo_ignore_all              = 0 # Default:
    
    net.ipv4.conf.default.accept_redirects     = 0 # Default:0
    net.ipv4.conf.default.accept_source_route  = 0 # Default:1
    net.ipv4.conf.default.send_redirects       = 0 # Default:1
    net.ipv4.conf.all.accept_redirects         = 0 # Default:0
    net.ipv4.conf.all.accept_source_route      = 0 # Default:0
    net.ipv4.conf.all.send_redirects           = 0 # Default:1
    
    net.ipv6.conf.default.accept_redirects     = 0 # Default:0
    net.ipv6.conf.default.accept_source_route  = 0 # Default:0
    net.ipv6.conf.all.accept_redirects         = 0 # Default:0
    net.ipv6.conf.all.accept_source_route      = 0 # Default:0
    
    kernel.sysrq  = 0  # Default:176
    
    
    # Performance
    vm.swappiness = 10 # Default:60
    kernel.panic  = 60 # Default:0
    
    net.ipv4.tcp_fastopen         = 0   # Default:1
    net.ipv4.tcp_window_scaling   = 1   # Default:1
    net.ipv4.tcp_moderate_rcvbuf  = 1   # Default:1
    net.ipv4.tcp_no_metrics_save  = 1   # Default:0
    net.ipv4.tcp_sack             = 1   # Default:1
    net.ipv4.tcp_timestamps       = 0   # Default:1
    net.ipv4.tcp_syn_retries      = 3   # Default:6
    net.ipv4.tcp_synack_retries   = 3   # Default:5
    net.ipv4.tcp_tw_reuse         = 1   # Default:2
    net.ipv4.tcp_rfc1337          = 1   # Default:0
    net.ipv4.tcp_fin_timeout      = 30  # Default:60
    net.ipv4.tcp_keepalive_time   = 30  # Default:7200
    net.ipv4.tcp_keepalive_intvl  = 10  # Default:75
    net.ipv4.tcp_keepalive_probes = 6   # Default:9
    net.ipv4.ip_local_port_range  = 32768 60999 # Default:32768 60999
    
    net.core.netdev_max_backlog  = 65535  # Default:1000
    net.core.somaxconn           = 65535  # Default:4096
    net.ipv4.tcp_max_syn_backlog = 65535  # Default:128
    
    net.ipv4.tcp_max_tw_buckets    = 65535   # Default:4096
    
    net.core.rmem_max = 16777216             # Default:212992 Bytes
    net.core.wmem_max = 16777216             # Default:212992 Bytes
    net.ipv4.tcp_rmem = 4096 212992 16777216 # Default:4096 131072 6291456
    net.ipv4.tcp_wmem = 4096 212992 16777216 # Default:4096 16384  4194304
    
    
    # LXD
    fs.aio-max-nr                 = 524288      # Default:65536
    fs.inotify.max_queued_events  = 1048576     # Default:16384
    fs.inotify.max_user_instances = 1048576     # Default:128
    fs.inotify.max_user_watches   = 1048576     # Default:8192
    kernel.dmesg_restrict         = 1           # Default:0
    kernel.keys.maxbytes          = 2000000     # Default:20000
    kernel.keys.maxkeys           = 2000        # Default:200
    net.ipv4.neigh.default.gc_thresh3 = 8192    # Default:1024
    net.ipv6.neigh.default.gc_thresh3 = 8192    # Default:1024
    vm.max_map_count              = 262144      # Default:65530
    
    net.core.bpf_jit_limit        = 1000000000  # Default:264241152
    

# vi /etc/security/limits.conf
    *	soft	nofile	1048576
    *	hard	nofile	1048576
    root	soft	nofile	1048576
    root	hard	nofile	1048576
    *	soft	memlock	unlimited
    *	hard	memlock	unlimited
    root	soft	memlock	unlimited
    root	hard	memlock	unlimited


# vi /etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service
	ExecStart に --any --timeout=5 を追記する

# systemctl daemon-reload

# ufw allow proto tcp from 172.16.0.0/12 to any
# ufw allow 3000

# apt install docker.io

# docker pull docker.all-hands.dev/all-hands-ai/runtime:0.27-nikolaik

# docker run -it --rm --pull=always \
    -e SANDBOX_RUNTIME_CONTAINER_IMAGE=docker.all-hands.dev/all-hands-ai/runtime:0.27-nikolaik \
    -e LOG_ALL_EVENTS=true \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v ~/.openhands-state:/.openhands-state \
    -p 3000:3000 \
    --add-host host.docker.internal:host-gateway \
    --name openhands-app \
    docker.all-hands.dev/all-hands-ai/openhands:0.27

OpenRouterで動かしてみる

• ブラウザを立ち上げてPort 3000を開く
  

• 設定はこんな感じに。
  

• 動かしてみる
  

動作確認環境

• Dell Inspiron 14 5445 (P185G003)
  • AMD Ryzen7 8840U
  • 16GB (DDR5-5600)
  • KIOXIA 1TB M.2 PCIe NVMe SSD
• OpenHands 0.27.0 - 2025-02-27