Linux 内核参数优化
1.将vm,swappiness设置为0-10
2.将vm,dirty_background_ratio设置为5-10,将vm,dirty_ratio设置为它的两倍左右,以确保能持续将脏数据刷新到磁盘,避免瞬间I/O写,产生严重等待
3.优化TCP协议栈
#减少TIME_WAIT,提高TCP效率 net.ipv4.tcp_tw_recyle=1 net.ipv4.tcp_tw_reuse=1 #减少处于FIN-WAIT-2连接状态的时间,使系统可以处理更多的连接 net.ipv4.tcp_fin_timeout=2 #减少TCP KeepAlived连接侦测的时间,使系统可以处理更多的连接。 net.ipv4.tcp_keepalived_time=600 #提高系统支持的最大SYN半连接数(默认1024) net.ipv4.tcp_max_syn_backlog = 16384 #减少系统SYN连接重试次数(默认5) net,ipv4.tcp_synack_retries = 1 net.ipv4.tcp_sync_retries = 1 #在内核放弃建立的连接之前发送SYN包的数量 net.ipv4.ip_local_prot_range = 4500 65535 #允许系统打开的端口范围
4.网络优化
#优化系统套接字缓冲区
#Increase TCP max buffer size net.core.rmem_max=16777216 #最大socket读buffer net.core.wmem_max=16777216 #最大socket写buffer net.core.wmem_default = 8388608 #该文件指定了接收套接字缓冲区大小的缺省值(以字节为单位) net.core.rmem_default = 8388608
#优化TCP接收/发送缓冲区
# Increase Linux autotuning TCP buffer limits net.ipv4.tcp_rmem=4096 87380 16777216 net.ipv4.tcp_wmem=4096 65536 16777216 net.ipv4.tcp_mem = 94500000 915000000 927000000
#优化网络设备接收队列
net.core.netdev_max_backlog=3000
5.其他优化
net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_tw_buckets = 360000
6. 优化linux打开文件数和进程数
[root@Python ~]# cat /etc/security/limits.d/20-nproc.conf # Default limit for number of user's processes to prevent # accidental fork bombs. # See rhbz #432903 for reasoning. * soft nproc 65535 root soft nproc unlimited [root@Python ~]# cat /etc/security/limits.conf |tail -5 # End of file * soft nproc 65535 * hard nproc 65535 * soft nofile 204800 * hard nofile 204800 [root@Python ~]# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 7217 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 7217 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
7.完整/etc/sysctl/conf优化文件
# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # # Use '/sbin/sysctl -a' to list all possible parameters. # Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification # Do not accept source routing net.ipv4.conf.default.accept_source_route = 0 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 # Controls the use of TCP syncookies # Controls the default maxmimum size of a mesage queue kernel.msgmnb = 65536 # Controls the maximum size of a message, in bytes kernel.msgmax = 65536 # Controls the maximum shared segment size, in bytes kernel.shmmax = 68719476736 # Controls the maximum number of shared memory segments, in pages kernel.shmall = 4294967296 vm.swappiness = 0 net.ipv4.neigh.default.gc_stale_time=120 # see details in https://help.aliyun.com/knowledge_detail/39428.html net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.default.arp_announce = 2 net.ipv4.conf.lo.arp_announce=2 net.ipv4.conf.all.arp_announce=2 # see details in https://help.aliyun.com/knowledge_detail/41334.html net.ipv4.tcp_max_tw_buckets = 36000 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_synack_retries = 1 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv4.tcp_fin_timeout = 2 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_keepalive_time = 600 net.ipv4.ip_local_port_range = 4000 65000 net.ipv4.route.gc_timeout = 100 net.ipv4.tcp_syn_retries = 1 net.core.somaxconn = 16384 net.core.netdev_max_backlog = 16384 net.ipv4.tcp_max_orphans = 16384 fs.file-max = 2000000