Ubuntu 系统初始化
# 设置系统进程和文件描述符限制
echo '* soft noproc 655350' | sudo tee -a /etc/security/limits.conf
echo '* hard noproc 655350' | sudo tee -a /etc/security/limits.conf
echo '* soft nofile 655350' | sudo tee -a /etc/security/limits.conf
echo '* hard nofile 655350' | sudo tee -a /etc/security/limits.conf
# 为 root 用户设置进程和文件描述符限制
echo 'root soft noproc 655350' | sudo tee -a /etc/security/limits.conf
echo 'root hard noproc 655350' | sudo tee -a /etc/security/limits.conf
echo 'root soft nofile 655350' | sudo tee -a /etc/security/limits.conf
echo 'root hard nofile 655350' | sudo tee -a /etc/security/limits.conf
# 设置 systemd 的文件描述符限制
echo 'DefaultLimitNOFILE=655360' | sudo tee -a /etc/systemd/user.conf
echo 'DefaultLimitNOFILE=655360' | sudo tee -a /etc/systemd/system.conf
echo "session required pam_limits.so" >> /etc/pam.d/common-session
echo "session required pam_limits.so" >> /etc/pam.d/common-session-noninteractive
# 设置 ulimit 限制
echo 'ulimit -HSn 1024000' | sudo tee -a /etc/profile.d/limits.sh
chmod +x /etc/profile.d/limits.sh$ cat /etc/sysctl.conf
vm.swappiness = 0
kernel.sysrq = 1
net.ipv4.tcp_mtu_probing = 1
net.ipv4.neigh.default.gc_stale_time = 120
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
#net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_max_tw_buckets = 5000
net.core.somaxconn = 32768
net.ipv4.tcp_max_syn_backlog = 56384
net.core.netdev_max_backlog = 56384
net.core.rmem_default = 262144
net.core.wmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.optmem_max = 16777216
net.ipv4.tcp_rmem = 1024 4096 16777216
net.ipv4.tcp_wmem = 1024 4096 16777216
net.ipv4.ip_local_port_range = 1024 65535
net.netfilter.nf_conntrack_max = 1000000
fs.file-max = 655350rebootLast updated