Merge pull request #4575 from avoidik/patch-2

Add more essential notes into production hardening guide

website/source/guides/operations/production.html.md

@@ -108,3 +108,14 @@ and practical.
   corruption or loss by modifying or deleting keys. Access to the storage
   backend should be restricted to only Vault to avoid unauthorized access or
   operations.
+
+* **Disable Shell Command History**. You may want the `vault` command itself to
+  not appear in history at all. Refer to [additional methods](/guides/secret-mgmt/static-secrets.html#additional-discussion)
+  for guidance.
+
+* **Tweak ulimits**. It is possible that your Linux distribution has strict process `ulimits`.
+  Consider to review `ulimits` for maximum amount of open files, connections, etc. before
+  going into production; they may need increasing.
+
+* **Docker Containers**. To leverage the ["memory lock"](/docs/configuration/index.html#disable_mlock)
+  feature inside the Vault container you will likely need to use the `overlayfs2` or another supporting driver.