zoukankan      html  css  js  c++  java
  • CentOS 6系统配置优化

    /etc/sysctl.conf内核配置文件优化:

    # Kernel sysctl configuration file for Red Hat Linux
    #
    # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
    # sysctl.conf(5) for more details.

    # Controls IP packet forwarding
    net.ipv4.ip_forward = 0

    # Controls source route verification
    net.ipv4.conf.default.rp_filter = 1

    # Do not accept source routing
    net.ipv4.conf.default.accept_source_route = 0

    # Controls the System Request debugging functionality of the kernel
    kernel.sysrq = 0

    # Controls whether core dumps will append the PID to the core filename.
    # Useful for debugging multi-threaded applications.
    kernel.core_uses_pid = 1

    # Controls the use of TCP syncookies
    net.ipv4.tcp_syncookies = 1

    # Disable netfilter on bridges.
    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    net.bridge.bridge-nf-call-arptables = 0

    # Controls the maximum size of a message, in bytes
    kernel.msgmnb = 65536

    # Controls the default maxmimum size of a mesage queue
    kernel.msgmax = 65536

    # Controls the maximum shared segment size, in bytes
    kernel.shmmax = 68719476736

    # Controls the maximum number of shared memory segments, in pages
    kernel.shmall = 4294967296

    # User Define
    net.ipv4.tcp_fin_timeout = 1
    net.ipv4.tcp_keepalive_time = 1200
    net.ipv4.tcp_mem = 94500000 915000000 927000000
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_timestamps = 0
    net.ipv4.tcp_synack_retries = 1
    net.ipv4.tcp_syn_retries = 1
    net.ipv4.tcp_tw_recycle = 1
    net.core.rmem_max = 16777216
    net.core.wmem_max = 16777216
    net.core.netdev_max_backlog = 262144
    net.core.somaxconn = 262144
    net.ipv4.tcp_max_orphans = 3276800
    net.ipv4.tcp_max_syn_backlog = 262144
    net.core.wmem_default = 8388608
    net.core.rmem_default = 8388608

    关闭selinux,修改/etc/selinux/config:

    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    # enforcing - SELinux security policy is enforced.
    # permissive - SELinux prints warnings instead of enforcing.
    # disabled - No SELinux policy is loaded.
    SELINUX=disabled
    # SELINUXTYPE= can take one of these two values:
    # targeted - Targeted processes are protected,
    # mls - Multi Level Security protection.
    SELINUXTYPE=targeted

    系统最大打开文件数,修改/etc/security/limits.conf:

    # /etc/security/limits.conf
    #
    #Each line describes a limit for a user in the form:
    #
    #<domain> <type> <item> <value>
    #
    #Where:
    #<domain> can be:
    # - an user name
    # - a group name, with @group syntax
    # - the wildcard *, for default entry
    # - the wildcard %, can be also used with %group syntax,
    # for maxlogin limit
    #
    #<type> can have the two values:
    # - "soft" for enforcing the soft limits
    # - "hard" for enforcing hard limits
    #
    #<item> can be one of the following:
    # - core - limits the core file size (KB)
    # - data - max data size (KB)
    # - fsize - maximum filesize (KB)
    # - memlock - max locked-in-memory address space (KB)
    # - nofile - max number of open files
    # - rss - max resident set size (KB)
    # - stack - max stack size (KB)
    # - cpu - max CPU time (MIN)
    # - nproc - max number of processes
    # - as - address space limit (KB)
    # - maxlogins - max number of logins for this user
    # - maxsyslogins - max number of logins on the system
    # - priority - the priority to run user process with
    # - locks - max number of file locks the user can hold
    # - sigpending - max number of pending signals
    # - msgqueue - max memory used by POSIX message queues (bytes)
    # - nice - max nice priority allowed to raise to values: [-20, 19]
    # - rtprio - max realtime priority
    #
    #<domain> <type> <item> <value>
    #

    #* soft core 0
    #* hard rss 10000
    #@student hard nproc 20
    #@faculty soft nproc 20
    #@faculty hard nproc 50
    #ftp hard nproc 0
    #@student - maxlogins 4
    * soft nofile 65535
    * hard nofile 65535
    # End of file

     

  • 相关阅读:
    索引失效原因总结
    Kafka、RabbitMQ、RocketMQ等消息中间件的介绍和对比
    一次JVM OOM问题的解决
    Java 如何有效地避免OOM:善于利用软引用和弱引用
    一个java内存泄漏的排查案例
    http的理解
    session和cookie区别
    数据库4种范式
    数据库的四种隔离级别
    C++malloc/free与new/delete的区别
  • 原文地址:https://www.cnblogs.com/TerryLiang/p/2491399.html
Copyright © 2011-2022 走看看