? Linux內(nèi)核參數(shù)調(diào)優(yōu)主要是通過修改/proc偽文件系統(tǒng)和/etc/sysctl.conf配置文件的參數(shù)來(lái)實(shí)現(xiàn)的。

? /proc目錄結(jié)構(gòu)如下：

/proc/driver? 與驅(qū)動(dòng)器相關(guān)的信息

/proc/fs文件系統(tǒng)參數(shù)

/proc/net 網(wǎng)絡(luò)信息

/proc/pid 每個(gè)進(jìn)程的信息

/proc/sys? 內(nèi)核參數(shù)

/proc/scsi 與scsi相關(guān)的信息

/proc/meminfo內(nèi)存相關(guān)信息

/proc/cpuinfoCPU相關(guān)信息

/proc/loadavg系統(tǒng)負(fù)載

/proc/modules系統(tǒng)加載的模塊或驅(qū)動(dòng)

/proc/partitions 系統(tǒng)分區(qū)信息

/proc/version內(nèi)核版本信息

/proc/stat? ? ? CPU利用率、磁盤、內(nèi)存頁(yè)

/proc/devices可用設(shè)備列表

/proc/sys/kernel 通用內(nèi)核參數(shù)

/proc/sys/vm? 內(nèi)存管理參數(shù)

/proc/sys/dev? 與設(shè)備相關(guān)的信息

/proc/sys/net 網(wǎng)絡(luò)信息

?某個(gè)進(jìn)程目錄下的文件說明如下：

/proc/pid/fd 進(jìn)程打開的文件描述符

/proc/pid/exe? ? 進(jìn)程的可執(zhí)行文件

/proc/pid/cmdline當(dāng)前進(jìn)程運(yùn)行的一些參數(shù)

/proc/pid/environ當(dāng)前進(jìn)程的環(huán)境變量

/proc/pid/status 當(dāng)前進(jìn)程的基本狀態(tài)

vim /etc/sysctl.conf

net.ipv4.tcp_syncookies = 1#開啟SYN Cookies。可以防范少量的SYN***。

net.ipv4.ip_local_port_range = 10000 65535 #設(shè)置向外連接的端口范圍

net.ipv4.route.gc_timeout = 100#路由緩存刷新頻率

net.core.netdev_max_backlog = 16384? #允許排隊(duì)更多的報(bào)文

net.core.somaxconn = 16384 #指定更大的accept隊(duì)列backlog

net.ipv4.tcp_max_syn_backlog = 16384 #增加SYN隊(duì)列長(zhǎng)度

net.ipv4.tcp_synack_retries = 1#重新發(fā)送響應(yīng)的次數(shù)

net.ipv4.tcp_retries2 = 5 #向遠(yuǎn)程主機(jī)重新發(fā)送數(shù)據(jù)的次數(shù)

net.ipv4.tcp_keepalive_time = 1200 #內(nèi)核向遠(yuǎn)程主機(jī)發(fā)送Keepalive消息的頻度

net.ipv4.tcp_keepalive_intvl = 30 #內(nèi)核向遠(yuǎn)程主機(jī)發(fā)送探測(cè)消息的間隔

? 系統(tǒng)優(yōu)化腳本：

#!/bin/bash

yum -y groupinstall "Development tools"

cd /usr/local/src

wget https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

rpm -ivh epel-release-6-8.noarch.rpm

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

sed -i 's/start on control-alt-delete/#start on control-alt-delete/' /etc/init/control-alt-delete.conf

sed -i 's@exec /sbin/shutdown -r now "Control-Alt-Delete pressed"@#exec /sbin/shutdown -r now "Control-Alt-Delete pressed"@' /etc/init/control-alt-delete.conf

service iptables stop

chkconfig iptables off

ulimit -SHn 65534

echo "ulimit -SHn 65534" >> /etc/rc.local

cat >> /etc/sysctl.conf << EOF

net.ipv4.tcp_syncookies = 1

net.ipv4.ip_local_port_range = 10000 65535

net.ipv4.route.gc_timeout = 100

net.core.netdev_max_backlog = 16384

net.core.somaxconn = 16384

net.ipv4.tcp_max_syn_backlog = 16384

net.ipv4.tcp_synack_retries = 1

net.ipv4.tcp_retries2 = 5

net.ipv4.tcp_keepalive_time = 1200

net.ipv4.tcp_keepalive_intvl = 30

EOF

/sbin/sysctl -p

for i in `chkconfig | grep 3:on | awk &#39;{print $1}&#39;`

do

?chkconfig --level 3 $i off

done

for service in crond rsyslog sshd network

do

?chkconfig --level 3 $service on

done

reboot

了解更多相關(guān)內(nèi)容歡迎關(guān)注http://www.vecloud.com/