首页 > 代码库 > 老男孩培训视频听课笔记九(在51cto上听的)--5.8 64bit 基础优化
老男孩培训视频听课笔记九(在51cto上听的)--5.8 64bit 基础优化
定时清理clientmqueue目录垃圾文件防止占满磁盘空间:
/var/spool/clientmqueue --这个目录会自动创建很多的文件,可以用下面的命令来清理
find /var/spool/clientmqueue/ –type f | xargs rm –fr
mkdir /server/scripts –p
vim del.sh:
find /var/spool/clientmqueue/ –type f | xargs rm –fr
crontab -e
*/5 * * * * /sbin/ntpadte time.nist.gov >/dev/null 2>&1
00 00 * * 6 /bin/sh /server/scripts/del.sh >/dev/null 2>&1
补充:
/var/spool/clientmqueue 下生成太多文件处理
问题现象:
linux操作系统中的/var/spool/clientmqueue/目录下存在大量文件。
原因分析:系统中有用户开启了cron,而cron中执行的程序有输出内容,输出内容会以邮件形式发给cron的用户,而sendmail没有启动所以就产生了这些文件;
解决办法: 1、 将crontab里面的命令后面加上> /dev/null 2>&1
2、知识点:
2>:重定向错误。
2>&1:把错误重定向到输出要送到的地方。即把上述命令的执行结果重定向到/dev/null,即抛弃,同时,把产生的错误也抛弃。
3、具体代码:
(1)、# crontab -u cvsroot -l
01 01 * * * /opt/bak/backup
01 02 * * * /opt/bak/backup2
(2)、# vi /opt/bak/backup
#!/bin/sh
cd /
getfacl -R repository > /opt/bak/backup.acl
(3)、# vi /opt/bak/backup2
#!/bin/sh
week=`date +%w`
tar zcvfp /opt/bak/cvs$week/cvs.tar.gz /repository >/dev/null 2>&1
4、清除/var/spool/clientmqueue/目录下的文件:
# cd /var/spool/clientmqueue
# rm -rf *
如果文件太多,占用空间太大,用上面命令删除慢的话,就执行下面的命令:
# cd /var/spool/clientmqueue
# ls | xargs rm –f
调整内核参数文件/etc/sysctl.conf
说明:本优化针地apache等服务来实际
放在sysctl.conf的最后
生效:sysctl –p 命令来启动生效
来源:http://www.teapic.net/post-175.html
Linux内核 sysctl.conf 解释:
可以通过/etc/sysctl.conf控制和配置Linux内核及网络设置。
# 避免放大攻击
net.ipv4.icmp_echo_ignore_broadcasts = 1
# 开启恶意icmp错误消息保护
net.ipv4.icmp_ignore_bogus_error_responses = 1
# 开启SYN洪水攻击保护
net.ipv4.tcp_syncookies = 1
# 开启并记录欺骗,源路由和重定向包
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
# 处理无源路由的包
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# 开启反向路径过滤
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# 确保无人能修改路由表
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
# 不充当路由器
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
# 开启execshild
kernel.exec-shield = 1
kernel.randomize_va_space = 1
# IPv6设置
net.ipv6.conf.default.router_solicitations = 0
net.ipv6.conf.default.accept_ra_rtr_pref = 0
net.ipv6.conf.default.accept_ra_pinfo = 0
net.ipv6.conf.default.accept_ra_defrtr = 0
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.default.dad_transmits = 0
net.ipv6.conf.default.max_addresses = 1
# 优化LB使用的端口
# 增加系统文件描述符限制
fs.file-max = 65535
# 允许更多的PIDs (减少滚动翻转问题); may break some programs 32768
kernel.pid_max = 65536
# 增加系统IP端口限制
net.ipv4.ip_local_port_range = 2000 65000
# 增加TCP最大缓冲区大小
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 87380 8388608
# 增加Linux自动调整TCP缓冲区限制
# 最小,默认和最大可使用的字节数
# 最大值不低于4MB,如果你使用非常高的BDP路径可以设置得更高
# Tcp窗口等
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_window_scaling = 1
=======================================
centos下limits.conf和sysctl.conf优化脚本
# turning system
ulimit -HSn
65536
echo -ne "
* soft nofile
65536
* hard nofile
65536
" >>/etc/security/limits.conf
# /etc/sysctl.conf
cat >>/etc/sysctl.conf<<EOF
net.ipv4.netfilter.ip_conntrack_max =
131072
net.ipv4.tcp_max_tw_buckets =
5000
net.ipv4.tcp_sack =
1
net.ipv4.tcp_window_scaling =
1
net.ipv4.tcp_rmem =
4096
87380
4194304
net.ipv4.tcp_wmem =
4096
16384
4194304
net.ipv4.tcp_max_syn_backlog =
65536
net.core.netdev_max_backlog =
32768
net.core.somaxconn =
32768
net.core.wmem_default =
8388608
net.core.rmem_default =
8388608
net.core.rmem_max =
16777216
net.core.wmem_max =
16777216
net.ipv4.tcp_timestamps =
0
net.ipv4.tcp_synack_retries =
2
net.ipv4.tcp_syn_retries =
2
net.ipv4.tcp_tw_recycle =
1
#net.ipv4.tcp_tw_len =
1
net.ipv4.tcp_tw_reuse =
1
net.ipv4.tcp_mem =
94500000
915000000
927000000
net.ipv4.tcp_max_orphans =
3276800
net.ipv4.tcp_tw_recycle =
1
#net.ipv4.tcp_fin_timeout =
30
#net.ipv4.tcp_keepalive_time =
300
net.ipv4.ip_local_port_range =
1024
65000
EOF
=================================
这儿有个完整版本的优化文章:
http://www.cnblogs.com/studio313/archive/2008/07/16/1244590.html