lnmp 優化日誌

net.ipv4.ip_forward = 0php

net.ipv4.conf.default.rp_filter = 1html

net.ipv4.conf.default.accept_source_route = 0linux

kernel.sysrq = 0nginx

kernel.core_uses_pid = 1web

net.ipv4.tcp_syncookies = 1sql

kernel.msgmnb = 65536服務器

kernel.msgmax = 65536cookie

kernel.shmmax = 68719476736網絡

kernel.shmall = 4294967296socket

net.ipv4.tcp_max_tw_buckets = 6000

net.ipv4.tcp_sack = 1

net.ipv4.tcp_window_scaling = 1

net.ipv4.tcp_rmem = 4096 87380 4194304

net.ipv4.tcp_wmem = 4096 16384 4194304

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.core.netdev_max_backlog = 262144

net.core.somaxconn = 262144

net.ipv4.tcp_max_orphans = 3276800

net.ipv4.tcp_max_syn_backlog = 262144

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 1

net.ipv4.tcp_syn_retries = 1

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_fin_timeout = 1

net.ipv4.tcp_keepalive_time = 30

net.ipv4.ip_local_port_range = 1024 65000

在服務器安裝了LNMP(Linux+Nginx+Mysql+php)環境以後Linux服務器參數必須作必要的優化,包括網絡參數優化、文件數優化、內存優化等等。 一、網絡參數優化: 這部分主要參照張宴大師 《Nginx 0.8.x + PHP 5.2.13(FastCGI)搭建賽過Apache十倍的Web服務器(第6版)[原創]》其中 5、優化Linux內核參數的內容: vi /etc/sysctl.conf #編輯sysctl.conf文件 #在/etc/sysctl.conf中添加以下內容

網絡參數優化開始

net.ipv4.tcp_max_syn_backlog = 65536 net.core.netdev_max_backlog = 32768 net.core.somaxconn = 32768

net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1 #net.ipv4.tcp_tw_len = 1 net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30 #net.ipv4.tcp_keepalive_time = 120 net.ipv4.ip_local_port_range = 1024 65535 #網絡參數優化結束 #添加內容結束

修改完成後運行如下命令使參數生效: /sbin/sysctl -p

二、系統最大打開文件數優化 默認狀況下,系統容許最大打開文件數爲1024個,這對於訪問量較大的web服務器來講遠遠不夠用。系統最大打開文件數能夠經過ulimit來修改和查詢。 通常狀況下,能夠經過ulimit -n來查看目前系統容許的最大打開文件數,例如 : ulimit -n 1024 #系統返回

若是咱們要修改系統容許最大文件打開數,能夠經過ulimit -SHn來作,例如要臨時修改系統最大打開文件數爲51201個,那麼用以下命令: ulimit -SHn 51201 每次重啓系統時,該值會被自動還原,能夠將上述命令寫入 /etc/rc.local 中。若是想永久更改,能夠按照以下修改: vi /etc/security/limits.conf

add

  • soft nofile 51201
  • hard nofile 51201

系統最大打開文件數影響到的配置文件(如下必須設置爲系統設置相一致,例如設置系統最大打開文件數爲:51201): A、Nginx配置文件nginx.conf的配置項:worker_rlimit_nofile、worker_connections、open_file_cache等,例如設置爲: worker_rlimit_nofile 51201; events { use epoll; worker_connections 51201; } http { #其它參數略過 open_file_cache max=51201 inactive=20s;
open_file_cache_min_uses 1;
open_file_cache_valid 30s; #其它參數略過 } B、FastCGI配置文件php-fpm.conf的配置項 51201 三、系統共享內存優化: 系統共享內存大小主要影響到eaccelerator的設置: eaccelerator.shm_size="32" 該項爲eaccelerator可以使用的共享內存大小(單位爲MB)設置。 在Linux下,單個進程的最大共享內存使用量受/proc/sys/kernel/shmmax中設置的數字限制(單位爲字節),例如Redhat 4.7的shmmax默認值爲33554432字節(33554432bytes/1024/1024=32MB)。 臨時更改該值(例如修改成128MB=128x1024x1024=134217728字節): echo 134217728 > /proc/sys/kernel/shmmax echo 134217728 > /proc/sys/kernel/shmall 按照以上方法更改,在每次重啓系統時,該值會被自動還原。若是想永久更改,能夠修改/etc/sysctl.conf文件,設置: #系統共享內存大小優化 kernel.shmmax = 134217728 完整的/etc/sysctl.conf修改添加內容以下: #在/etc/sysctl.conf中添加以下內容

網絡參數優化開始

net.ipv4.tcp_max_syn_backlog = 65536 net.core.netdev_max_backlog = 32768 net.core.somaxconn = 32768

net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1 #net.ipv4.tcp_tw_len = 1 net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30 #net.ipv4.tcp_keepalive_time = 120 net.ipv4.ip_local_port_range = 1024 65535 #網絡參數優化結束 #系統共享內存大小優化開始 kernel.shmmax = 134217728 #系統共享內存大小優化結束 #添加內容結束 修改完成後運行如下命令使參數生效 /sbin/sysctl -p 以上,若有不足,歡迎你們指正和追加,謝謝!

高負載linux服務器的內核調優 vi /etc/sysctl.conf,修改內核參數: kernel.shmall = 268435456 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65000 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 5000 65000 net.ipv4.tcp_mem = 786432 1048576 1572864 net.core.wmem_max = 873200 net.core.rmem_max = 873200 net.ipv4.tcp_wmem = 8192 436600 873200 net.ipv4.tcp_rmem = 32768 436600 873200 net.core.somaxconn = 256 net.core.netdev_max_backlog = 1000 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_retries2 = 5 net.ipv4.tcp_keepalive_time = 500 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.arp_announce = 0 幾個解釋: net.ipv4.tcp_syncookies = 1 #表示開啓SYN Cookies。當出現SYN等待隊列溢出時,啓用cookies來處理,可防範少許SYN攻擊,默認爲0,表示關閉; net.ipv4.tcp_tw_reuse = 1 #表示開啓重用。容許將TIME-WAIT sockets從新用於新的TCP鏈接,默認爲0,表示關閉; net.ipv4.tcp_tw_recycle = 1 #表示開啓TCP鏈接中TIME-WAIT sockets的快速回收,默認爲0,表示關閉。 net.ipv4.tcp_fin_timeout = 30 #表示若是套接字由本端要求關閉,這個參數決定了它保持在FIN-WAIT-2狀態的時間。 net.ipv4.tcp_keepalive_time = 1200 #表示當keepalive起用的時候,TCP發送keepalive消息的頻度。缺省是2小時,改成20分鐘。 net.ipv4.ip_local_port_range = 1024 65000 #表示用於向外鏈接的端口範圍。缺省狀況下很小:32768到61000,改成1024到65000。 net.ipv4.tcp_max_tw_buckets = 5000 #表示系統同時保持TIME_WAIT套接字的最大數量,若是超過這個數字, #TIME_WAIT套接字將馬上被清除並打印警告信息。默認爲180000,改成5000。 #對於Apache、Nginx等服務器,上幾行的參數能夠很好地減小TIME_WAIT套接字數量, #可是對於Squid,效果卻不大。此項參數能夠控制TIME_WAIT套接字的最大數量,避免Squid服務器被大量的TIME_WAIT套接字拖死

完整的內核優化配置: net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 16384 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 30 net.ipv4.ip_local_port_range = 1024 65000

~]# sysctl -p net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 4294967295 kernel.shmall = 268435456 kernel.sem = 250 32000 100 128 fs.file-max = 65535 net.ipv4.ip_local_port_range = 1024 65535 net.core.wmem_max = 262144 net.core.wmem_default = 262144 net.core.rmem_default = 262144 net.core.rmem_max = 262144

修改/etc/sysctl.conf, /sbin/sysctl -p當即生效 永久修改內核參數: echo 「10″ > /proc/sys/net/ipv4/tcp_fin_timeout 各類參數的意思:http://ipsysctl-tutorial.frozentux.net/ipsysctl-tutorial.html 還參考了:http://trac.lighttpd.net/trac/wiki/Docs%3APerformance#platform-specific-notes net.ipv4.tcp_fin_timeout = 10 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 #tcp port range net.ipv4.ip_local_port_range = 4096 65000 #tcp send buffer. min, default , and max net.ipv4.tcp_wmem = 4096 65536 16777216 #tcp reservie buffer. #net.ipv4.tcp_rmem = 4096 65536 16777216

相關文章
相關標籤/搜索