Linux 内核参数优化
1.将vm,swappiness设置为0-10 2.将vm,dirty_background_ratio设置为5-10,将vm,dirty_ratio设置为它的两倍左右,以确保能持续将脏数据刷新到磁盘,避免瞬间I/O写,产生严重等待 3.优化TCP协议栈
#减少TIME_WAIT,提高TCP效率net.ipv4.tcp_tw_recyle=1net.ipv4.tcp_tw_reuse=1#减少处于FIN-WAIT-2连接状态的时间,使系统可以处理更多的连接net.ipv4.tcp_fin_timeout=2#减少TCP KeepAlived连接侦测的时间,使系统可以处理更多的连接。net.ipv4.tcp_keepalived_time=600#提高系统支持的最大SYN半连接数(默认1024)net.ipv4.tcp_max_syn_backlog = 16384#减少系统SYN连接重试次数(默认5)net,ipv4.tcp_synack_retries = 1net.ipv4.tcp_sync_retries = 1#在内核放弃建立的连接之前发送SYN包的数量net.ipv4.ip_local_prot_range = 4500 65535#允许系统打开的端口范围
4.网络优化
#优化系统套接字缓冲区
#Increase TCP max buffer sizenet.core.rmem_max=16777216 #最大socket读buffernet.core.wmem_max=16777216 #最大socket写buffernet.core.wmem_default = 8388608 #该文件指定了接收套接字缓冲区大小的缺省值(以字节为单位)net.core.rmem_default = 8388608
#优化TCP接收/发送缓冲区
# Increase Linux autotuning TCP buffer limitsnet.ipv4.tcp_rmem=4096 87380 16777216net.ipv4.tcp_wmem=4096 65536 16777216net.ipv4.tcp_mem = 94500000 915000000 927000000
#优化网络设备接收队列
net.core.netdev_max_backlog=3000
5.其他优化
net.ipv4.tcp_timestamps = 0net.ipv4.tcp_max_orphans = 3276800net.ipv4.tcp_max_tw_buckets = 360000
6. 优化linux打开文件数和进程数
[root@Python ~]# cat /etc/security/limits.d/20-nproc.conf # Default limit for number of user's processes to prevent# accidental fork bombs.# See rhbz #432903 for reasoning.* soft nproc 65535root soft nproc unlimited[root@Python ~]# cat /etc/security/limits.conf |tail -5# End of file* soft nproc 65535* hard nproc 65535* soft nofile 204800* hard nofile 204800[root@Python ~]# ulimit -acore file size (blocks, -c) 0data seg size (kbytes, -d) unlimitedscheduling priority (-e) 0file size (blocks, -f) unlimitedpending signals (-i) 7217max locked memory (kbytes, -l) 64max memory size (kbytes, -m) unlimitedopen files (-n) 1024pipe size (512 bytes, -p) 8POSIX message queues (bytes, -q) 819200real-time priority (-r) 0stack size (kbytes, -s) 8192cpu time (seconds, -t) unlimitedmax user processes (-u) 7217virtual memory (kbytes, -v) unlimitedfile locks (-x) unlimited
7.完整/etc/sysctl/conf优化文件
# Kernel sysctl configuration file for Red Hat Linux## For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and# sysctl.conf(5) for more details.## Use '/sbin/sysctl -a' to list all possible parameters.# Controls IP packet forwardingnet.ipv4.ip_forward = 1# Controls source route verification# Do not accept source routingnet.ipv4.conf.default.accept_source_route = 0# Controls the System Request debugging functionality of the kernelkernel.sysrq = 0# Controls whether core dumps will append the PID to the core filename.# Useful for debugging multi-threaded applications.kernel.core_uses_pid = 1# Controls the use of TCP syncookies# Controls the default maxmimum size of a mesage queuekernel.msgmnb = 65536# Controls the maximum size of a message, in byteskernel.msgmax = 65536# Controls the maximum shared segment size, in byteskernel.shmmax = 68719476736# Controls the maximum number of shared memory segments, in pageskernel.shmall = 4294967296vm.swappiness = 0net.ipv4.neigh.default.gc_stale_time=120# see details in https://help.aliyun.com/knowledge_detail/39428.htmlnet.ipv4.conf.all.rp_filter=0net.ipv4.conf.default.rp_filter=0net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.lo.arp_announce=2net.ipv4.conf.all.arp_announce=2# see details in https://help.aliyun.com/knowledge_detail/41334.htmlnet.ipv4.tcp_max_tw_buckets = 36000net.ipv4.tcp_syncookies = 1net.ipv4.tcp_max_syn_backlog = 16384net.ipv4.tcp_synack_retries = 1net.ipv6.conf.all.disable_ipv6 = 1net.ipv6.conf.default.disable_ipv6 = 1net.ipv6.conf.lo.disable_ipv6 = 1net.ipv4.tcp_fin_timeout = 2net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_keepalive_time = 600net.ipv4.ip_local_port_range = 4000 65000net.ipv4.route.gc_timeout = 100net.ipv4.tcp_syn_retries = 1net.core.somaxconn = 16384net.core.netdev_max_backlog = 16384net.ipv4.tcp_max_orphans = 16384fs.file-max = 2000000