業務上要求集群提供10w+并發,10w+并發聽上去不是很難,但10w并發持續1小時呢
在業務上線之前還需要我們自己對業務進行壓測,俗稱benchmark。
壓測的服務器也是需要進行性能調優的,以下列出調優前后的參數對比,更直觀的分析和感受參數對程序的影響
壓測前內核參數自檢
#!/bin/bash
print_header() {echo -e "\n\033[1;34m$1\033[0m"echo "--------------------------------"
}
print_header "文件描述符和端口范圍"
sysctl fs.file-max
sysctl fs.nr_open
sysctl net.ipv4.ip_local_port_range
print_header "TCP連接建立和釋放"
sysctl net.ipv4.tcp_max_syn_backlog
sysctl net.core.somaxconn
sysctl net.ipv4.tcp_fin_timeout
sysctl net.ipv4.tcp_syncookies
sysctl net.ipv4.tcp_fastopen 2>/dev/null || echo "net.ipv4.tcp_fastopen: [不支持]"
sysctl net.ipv4.tcp_synack_retries
sysctl net.ipv4.tcp_syn_retries
sysctl net.ipv4.tcp_tw_reuse
print_header "TCP連接保持和超時"
sysctl net.ipv4.tcp_keepalive_time
sysctl net.ipv4.tcp_keepalive_intvl
sysctl net.ipv4.tcp_keepalive_probes
sysctl net.ipv4.tcp_max_tw_buckets
print_header "內存和緩沖區設置"
sysctl net.core.wmem_max
sysctl net.core.rmem_max
sysctl net.ipv4.tcp_rmem
sysctl net.ipv4.tcp_wmem
sysctl net.core.optmem_max 2>/dev/null || echo "net.core.optmem_max: [不支持]"
print_header "網絡性能和擁塞控制"
sysctl net.core.netdev_max_backlog
sysctl net.ipv4.tcp_slow_start_after_idle 2>/dev/null || echo "net.ipv4.tcp_slow_start_after_idle: [不支持]"
sysctl net.ipv4.tcp_mtu_probing
sysctl net.ipv4.tcp_sack
sysctl net.ipv4.tcp_window_scaling
sysctl net.ipv4.tcp_adv_win_scale 2>/dev/null || echo "net.ipv4.tcp_adv_win_scale: [不支持]"
sysctl net.ipv4.tcp_rfc1337 2>/dev/null || echo "net.ipv4.tcp_rfc1337: [不支持]"
sysctl net.ipv4.tcp_congestion_control
print_header "連接跟蹤相關"
sysctl net.netfilter.nf_conntrack_max 2>/dev/null || echo "net.netfilter.nf_conntrack_max: [未加載conntrack模塊]"
sysctl net.netfilter.nf_conntrack_tcp_timeout_established 2>/dev/null || echo "net.netfilter.nf_conntrack_tcp_timeout_established: [未加載conntrack模塊]"
sysctl net.netfilter.nf_conntrack_tcp_timeout_time_wait 2>/dev/null || echo "net.netfilter.nf_conntrack_tcp_timeout_time_wait: [未加載conntrack模塊]"
sysctl net.ipv4.conf.all.rp_filter
print_header "其他系統限制"
sysctl vm.swappiness
sysctl vm.max_map_count
sysctl kernel.panic 2>/dev/null || echo "kernel.panic: [不支持]"echo -e "\n腳本執行完畢。請將輸出結果保存以便與優化參數進行對比。"
參數修改前后對比表格
壓測客戶端內核參數與默認值對比表
此表格展示了Linux系統默認內核參數值與已優化的壓測客戶端參數值的對比。
文件描述符和端口范圍
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| fs.file-max | ~65536 | 2000000 | 30.5倍 | 大幅提高系統可打開的文件描述符總數 |
| fs.nr_open | 1048576 | 2000000 | 1.9倍 | 提高單個進程可打開的文件描述符數量 |
TCP連接建立和釋放
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| net.ipv4.tcp_synack_retries | 5 | 1 | 80%減少 | 減少服務端響應SYN+ACK的重試次數 |
| net.ipv4.tcp_max_syn_backlog | 1024 | 65536 | 64倍 | 極大提高SYN半連接隊列容量 |
| net.core.somaxconn | 128 | 1048576 | 8192倍 | 極大提高已完成連接隊列容量 |
| net.ipv4.tcp_fin_timeout | 60 | 15 | 75%減少 | 大幅加速FIN_WAIT連接的釋放 |
TCP連接保持和超時
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| net.ipv4.tcp_keepalive_time | 7200 | 60 | 99%減少 | 極大減少檢測失效連接的等待時間 |
| net.ipv4.tcp_keepalive_intvl | 75 | 30 | 60%減少 | 加速keepalive探測間隔 |
| net.ipv4.tcp_keepalive_probes | 9 | 3 | 67%減少 | 減少確認連接失效前的探測次數 |
內存和緩沖區設置
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| net.core.wmem_max | 212992 | 12582912 | 59倍 | 極大提高寫緩沖區上限 |
| net.core.rmem_max | 212992 | 12582912 | 59倍 | 極大提高讀緩沖區上限 |
| net.ipv4.tcp_rmem | 4096 87380 6291456 | 10240 87380 12582912 | 最大值增加2倍 | 提高TCP讀緩沖區最大值 |
| net.ipv4.tcp_wmem | 4096 16384 4194304 | 10240 87380 12582912 | 最大值增加3倍 | 提高TCP寫緩沖區最大值 |
| kernel.msgmnb | 65536 | 131072 | 2倍 | 提高消息隊列的最大字節數 |
| kernel.msgmax | 65536 | 131072 | 2倍 | 提高單個消息的最大字節數 |
網絡性能和擁塞控制
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| net.core.netdev_max_backlog | 1000 | 65536 | 65.5倍 | 極大提高網絡設備接收隊列容量 |
| net.ipv4.tcp_max_tw_buckets | 180000 | 1440000 | 8倍 | 大幅提高TIME_WAIT狀態連接的容量 |
| net.ipv4.tcp_slow_start_after_idle | 1 | 0 | 禁用 | 防止空閑連接重啟時的性能下降 |
| net.ipv4.tcp_mtu_probing | 0 | 1 | 啟用 | 提高網絡路徑MTU探測能力 |
其他系統限制
| 參數 | 默認值 | 優化值 | 變化比例 | 影響 |
|---|
| vm.swappiness | 60 | 10 | 83%減少 | 大幅減少內存交換傾向 |
| vm.max_map_count | 65530 | 262144 | 4倍 | 提高內存映射區域數量上限 |
參數應用
應用方法
將需要修改的參數添加到 /etc/sysctl.conf 文件或 /etc/sysctl.d/ 目錄下的配置文件中,例如創建 /etc/sysctl.d/99-performance.conf,然后執行以下命令使其生效:
sudo sysctl -p /etc/sysctl.d/99-performance.conf
配置文件示例
以下是一個配置文件示例,只包含需要修改的參數:
fs.file-max = 2000000
fs.nr_open = 2000000
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_max_syn_backlog = 65536
net.core.somaxconn = 1048576
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.core.wmem_max = 16777216
net.core.rmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 87380 16777216
kernel.msgmnb = 131072
kernel.msgmax = 131072
net.ipv4.tcp_mem = 786432 1048576 1572864
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_notsent_lowat = 16384
vm.swappiness = 10
vm.max_map_count = 262144
ulimit調整
還需要調優ulimit數量,一般情況下都設置為65535,這里我的服務器基礎性能高,所以給更大
vim /etc/security/limits.conf
* soft nofile 1000000
* hard nofile 1000000
root soft nofile 1000000
root hard nofile 1000000
)
)
)
)
