Last active
December 24, 2019 21:02
-
-
Save kirillDanshin/9bfae3ccd417b4bc172cc43ee8a79e1b to your computer and use it in GitHub Desktop.
sysctl.conf for generic servers (tested on centos7)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# DISCLAMER | |
# It's just a good point to start. It works well even under load, | |
# and tested on CentOS 7.2.1151 with 4G RAM and 8 xeon cores | |
# and disabled transparent_hugepages. | |
# Limitation of Liability. In no event and under no legal theory, | |
# whether in tort (including negligence), contract, or otherwise, | |
# unless required by applicable law (such as deliberate and grossly | |
# negligent acts) or agreed to in writing, shall any Contributor be | |
# liable to You for damages, including any direct, indirect, special, | |
# incidental, or consequential damages of any character arising as a | |
# result of this License or out of the use or inability to use the | |
# Work (including but not limited to damages for loss of goodwill, | |
# work stoppage, computer failure or malfunction, or any and all | |
# other commercial damages or losses), even if such Contributor | |
# has been advised of the possibility of such damages. | |
kernel.sysrq = 0 | |
kernel.msgmax = 65536 | |
kernel.msgmnb = 65536 | |
kernel.pid_max = 524288 | |
kernel.core_uses_pid = 1 | |
kernel.core_pattern = /var/crash/core-%e-%s-%u-%g-%p-%t | |
kernel.sem = 1000 128000 128 2048 | |
kernel.perf_event_paranoid = 2 | |
fs.file-max = 5242880 | |
fs.suid_dumpable = 2 | |
fs.aio-max-nr = 524288 | |
vm.swappiness = 3 | |
vm.percpu_pagelist_fraction = 8 | |
net.core.netdev_max_backlog = 1024000 | |
net.core.rmem_default = 10000000 | |
net.core.rmem_max = 10000000 | |
net.core.somaxconn = 131072 | |
net.core.wmem_default = 100000000 | |
net.ipv6.conf.default.disable_ipv6 = 0 | |
net.ipv6.conf.all.forwarding = 1 | |
net.ipv4.ip_forward = 1 | |
net.ipv4.tcp_congestion_control = highspeed | |
net.ipv4.tcp_ecn = 0 | |
net.ipv4.tcp_sack = 0 | |
net.ipv4.tcp_timestamps = 0 | |
net.ipv4.tcp_fastopen = 1 | |
net.ipv4.tcp_low_latency = 1 | |
net.ipv4.tcp_max_tw_buckets = 1440000 | |
net.ipv4.tcp_window_scaling = 1 | |
net.ipv4.tcp_fin_timeout = 5 | |
net.ipv4.tcp_keepalive_time = 1200 | |
net.ipv4.tcp_max_orphans = 262144 | |
net.ipv4.tcp_rmem = 4096 87380 4194304 | |
net.ipv4.tcp_wmem = 4096 16384 4194304 | |
net.ipv4.tcp_syncookies = 0 | |
net.ipv4.tcp_syn_retries = 1 | |
net.ipv4.tcp_synack_retries = 1 | |
net.ipv4.tcp_tw_reuse = 1 | |
net.ipv4.ip_local_port_range = 1024 65535 | |
net.ipv4.tcp_max_syn_backlog = 131072 | |
net.ipv4.icmp_echo_ignore_broadcasts = 1 | |
net.ipv4.icmp_ignore_bogus_error_responses = 1 | |
net.netfilter.nf_conntrack_max = 1048576 | |
net.ipv4.conf.all.rp_filter = 1 | |
net.ipv4.conf.all.route_localnet = 1 | |
net.ipv4.conf.all.accept_redirects = 0 | |
net.ipv4.conf.all.send_redirects = 0 | |
net.ipv4.conf.all.secure_redirects = 0 | |
net.ipv4.conf.all.log_martians = 1 | |
net.ipv4.conf.all.accept_source_route = 0 | |
net.ipv4.conf.default.log_martians = 1 | |
net.ipv4.conf.default.accept_redirects = 0 | |
net.ipv4.conf.default.send_redirects = 0 | |
net.ipv4.conf.default.secure_redirects = 0 | |
net.ipv4.conf.eth0.rp_filter = 1 | |
net.bridge.bridge-nf-call-ip6tables = 0 | |
net.bridge.bridge-nf-call-iptables = 0 | |
net.bridge.bridge-nf-call-arptables = 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, there could be a difference with a virtual machine in vmware or kvm with 4 Gb ram and 4 cores xeon?