细分通用场景下的内核参数优化清单?
细分通用场景下的内核参数优化清单。针对所有应用场景的参数优化,其实很难形成一套较为通用的内核参数规范,是否能针对云底座、容器底座、裸金属等维度,或按照CPU、内存、磁盘IO等资源使用强度差异的维度,提供分场景下的内核参数优化规范。
3同行回答
* CPU
kernel.sched_min_granularity_ns* 内存
vm.vfs_cache_pressure
vm.dirty_ratio
vm.dirty_background_ratio
vm.swappiness * 网络
设置calico网络mtu
ip link set dev eth0 mtu 9000;ip link set dev eth0 mtu 9000net.core.somaxconn
net.ipv4.tcp_keepalive_time
net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-ip6tables
net.ipv4.ip_forward=1* 文件系统
vm.dirty_writeback_centisecs浏览42
| 编号 | 设置值 | 说明 |
| 1 | net.ipv4.conf.all.arp_ignore = 0net.ipv4.conf.default.arp_ignore = 0 | 不允许ignore arp(只有LVS时才需要此选项)默认 |
| 2 | net.ipv4.conf.all.arp_filter = 0net.ipv4.conf.default.arp_filter = 0 | 不允许ignore arp filter(只有LVS时才需要此选项)默认 |
| 3 | net.ipv4.conf.all.rp_filter = 0 | 不开启rp_filter(防止ip欺骗)默认1 |
| 4 | net.ipv4.conf.all.log_martians =0net.ipv4.conf.default.log_martians = 0 | 不记录探测包,源路由包,重定向包 默认 |
| 5 | net.ipv4.conf.all.promote_secondaries = 1 | 禁止删除primary ip,当secondary ip地址与primary ip地址属于同一个网段时,删除primary ip地址时也会删除secondary ip地址 默认 |
| 6 | net.ipv4.ip_no_pmtu_disc = 1 | 禁用ip path mtu discover 默认1 |
| 7 | net.ipv4.icmp_echo_ignore_broadcasts = 1 | 禁止响应目的地为广播地址类型为echo的icmp包。默认 |
| 8 | net.ipv4.conf.all.accept_source_route = 0net.ipv4.conf.default.accept_source_route = 0 | 禁用源地址路由 默认对于redis和mongodb环境,需启用源地址路由:net.ipv4.conf.all.accept_source_route = 1 |
| 10 | net.ipv4.conf.all.accept_redirects = 0net.ipv4.conf.default.accept_redirects = 0 | 拒绝路由重定向包 默认 |
| 11 | net.ipv4.conf.all.secure_redirects = 0 | 也不允许网关发送的路由重定向包 默认 |
| 12 | net.ipv4.tcp_timestamps = 1 | 开启tcp时间戳选项 默认 |
| 13 | net.ipv4.icmp_ignore_bogus_error_responses = 1 | 某些路由器忽略RFC1122规定的包,发送假的错误消息给源主机,导致源主机记录大量错误信息到日志中 默认 |
| 14 | net.ipv4.conf.all.proxy_arp = 0net.ipv4.conf.default.proxy_arp = 0 | 关闭arp代理 默认 |
| 15 | net.core.somaxconn = 65535net.ipv4.tcp_max_syn_backlog = 838860 | 最大的syn包队列设置,加大tcp会话等待数对于需要支撑高并发的业务服务器,可以根据压力测试情况,将该值增大。 |
| 16 | net.ipv4.tcp_syncookies = 1 | 防止客户端使用syn包打开半链接进行拒绝攻击,默认 |
| 17 | net.ipv4.tcp_fin_timeout = 60 | 本端关闭的链接从FIN_WAIT_2到TIME_WAIT状态设置为60 默认 |
| 18 | net.ipv4.conf.all.send_redirects = 0 | 禁止发送重定向报文 默认 |
| 19 | net.ipv4.tcp_keepalive_time = 150net.ipv4.tcp_keepalive_probes = 5net.ipv4.tcp_keepalive_intvl = 6 | TCP keepalive设置 |
| 20 | net.ipv4.conf.all.forwarding = 0net.ipv4.conf.default.forwarding = 0net.ipv4.ip_forward = 0 | 禁用ip转发 默认openshift容器集群环境,需开启IP转发功能:net.ipv4.conf.all.forwarding = 1net.ipv4.conf.default.forwarding = 1net.ipv4.ip_forward = 1 |
收起
浏览47
针对前、中、后端的业务请求数、数据处理类型、长短链接等方面,是有较大差异的,在网络参数上至少是可以形成不同的参数规范。
针对云底座、容器底座、裸金属、虚机等四个不同应用场景,在使用上存在较大差异,如云底座更关注云平台、硬件之间适配兼容,容器底座涉及防火墙配置也要求更加轻量化等,虚机相比物理机可使用的资源更少,故在部署上、参数模型方面应都有不同的规范。
针对计算密集型和大IO等类型,参数规范差异也很大,操作系统本身的调优场景(tuned)就支持性能吞吐模式(throughput-performance)和网络吞吐模式(network-throughput),可用的策略如下,供参考:
Available profiles:
- atomic-guest - Optimize virtual guests based on the Atomic variant
- atomic-host - Optimize bare metal systems running the Atomic variant
- balanced - General non-specialized tuned profile
- cpu-partitioning - Optimize for CPU partitioning
- default - Legacy default tuned profile
- desktop - Optimize for the desktop use-case
- desktop-powersave - Optmize for the desktop use-case with power saving
- enterprise-storage - Legacy profile for RHEL6, for RHEL7, please use throughput-performance profile
- laptop-ac-powersave - Optimize for laptop with power savings
- laptop-battery-powersave - Optimize laptop profile with more aggressive power saving
- latency-performance - Optimize for deterministic performance at the cost of increased power consumption
- mssql - Optimize for MS SQL Server
- network-latency - Optimize for deterministic performance at the cost of increased power consumption, focused on low latency network performance
- network-throughput - Optimize for streaming network throughput, generally only necessary on older CPUs or 40G+ networks
- oracle - Optimize for Oracle RDBMS
- powersave - Optimize for low power consumption
- sap-hana - Optimize for SAP HANA
- sap-hana-vmware - Optimize for SAP HANA running inside a VMware guest
- sap-netweaver - Optimize for SAP NetWeaver
- server-powersave - Optimize for server power savings
- spindown-disk - Optimize for power saving by spinning-down rotational disks
- throughput-performance - Broadly applicable tuning that provides excellent performance across a variety of common server workloads
- virtual-guest - Optimize for running inside a virtual guest
- virtual-host - Optimize for running KVM guests
浏览110
ChatGPT 回答
针对银行行业的应用场景,以下是一些通用的内核参数优化清单:
- 文件系统参数优化:建议使用ext4文件系统,并设置inode数量和block大小,以提高文件系统的性能和可靠性。
- 内存参数优化:建议根据服务器的内存大小和应用程序的需求,设置合适的内存参数,如vm.swappiness、vm.dirty_ratio和vm.dirty_background_ratio等。
- 网络参数优化:建议根据网络带宽和延迟,设置合适的网络参数,如TCP窗口大小、TCP拥塞控制算法、TCP连接超时时间等。
- CPU参数优化:建议根据服务器的CPU型号和应用程序的需求,设置合适的CPU参数,如CPU频率调节、CPU缓存大小等。
- 磁盘IO参数优化:建议根据磁盘类型和应用程序的需求,设置合适的磁盘IO参数,如磁盘调度算法、磁盘读写缓存大小等。
针对不同的底座和资源使用强度,可以进行更加细致的内核参数优化。例如,在云底座上,可以根据云服务商的硬件配置和网络环境,设置合适的网络参数和CPU参数;在容器底座上,可以根据容器的资源限制和应用程序的需求,设置合适的内存参数和磁盘IO参数;在裸金属上,可以根据服务器硬件的特点和应用程序的需求,设置合适的CPU参数和磁盘IO参数。总之,内核参数优化需要根据具体的场景和需求进行定制化,以达到最佳的性能和稳定性。