Ref: https://github.com/systemd/systemd/issues/9513
Not sure what the intended use case of this configuration parameter is
but it appears to be a known limitation that it does not work for what
we need it to do, so remove.
Should help by giving 3GB headroom instead of 1GB for the server and
operating system. Empirically, it looks like the OOM killer is
operating properly and killing user code rather than system processes,
but the small amount of headroom could have been a problem.
Extensive usage of swap could also have been a problem so I disabled
swap for user code. Reduced the CPU quota to eliminate access to
bursting from user code, as well, and bumped the pid quota because we
had a lot of headroom there.
Radon Rosborough