A: modify the number of ulimit
Vi / Etc / Security / Limits.Conf
addition如下line:
* Soft Noproc 65535
* Hard Noproc 65535
* Soft Nofile 65535
* Hard Nofile 65535
II: Core Optimization
/etc/sysctl.conf vim net.ipv4.tcp_syncookies = 1 # indicate on SYNCookies. When the SYN queue overflow occurs, enable cookies to deal with, can prevent a small amount of SYN attack, the default is 0, indicating closed; net.ipv4.tcp_tw_reuse = 1 # indicate on reuse. TIME-WAITsockets allows re-used for new TCP connection, the default is zero disables; net.ipv4.tcp_tw_recycle = #. 1 represents the open TCP connections TIME-WAITsockets rapid recovery of default is zero disables; net.ipv4 .tcp_fin_timeout = 30 # modify the system default TIMEOUT time. # Enter the following command to tell the kernel parameters to take effect: sysctl-the p-
After this adjustment, in addition to further enhance the server's load capacity, but also capable of defending against a small flow level DoS, CC and SYN attacks.
In addition, if your connections themselves a lot, then we can look to optimize TCP port range may be used to further enhance concurrency server. Still to the above parameters file, add the following configuration:
net.ipv4.tcp_keepalive_time = 1200 # indicates when the only use of keepalive, TCP transmission frequency of keepalive messages. The default is 2 hours, changed to 20 minutes. net.ipv4.ip_local_port_range = 1024 65535 # indicates a port range outgoing connections. The default is small, instead 1024-65535. net.ipv4.tcp_max_syn_backlog = 8192 # SYN indicates the length of the queue, the default is 1024, increasing the queue length is 8192, the number of network connections may accommodate more wait for a connection. net.ipv4.tcp_max_tw_buckets = 5000 # indicates the system while maintaining maximum number of TIME_WAIT, if more than this number, TIME_WAIT will be cleared immediately and print a warning message. The default is 180,000, changed 5000. This parameter controls the maximum number of TIME_WAIT, just beyond.
These parameters, it is recommended only open on a very large server traffic, have a significant effect. The general flow of small servers, there is no need to set these parameters
Three: Tomcat optimization
Catalina.sh modify the bin directory under the file in cygwin = false above , add the following statement JAVA_OPTS = "- Xms1024m -Xmx4096m -Xss1024K -XX : PermSize = 512m -XX: MaxPermSize = 2048m" which -xms is initialized jvm heap size - xmx maximum value jvm heap -server: be sure to as the first parameter, good performance when a plurality of the CPU -Xms: Java heap initial size. The default is the physical memory of 1/64. -Xmx: java heap maximum. Recommendations are set to half of physical memory. Not exceed the physical memory. -XX: PermSize: The initial size of permanent preservation area set memory. The default value is 64M. -XX: MaxPermSize: set the maximum size of the memory of the permanent preservation area. The default value is 64M. -Xmn: young generation (the young generation) of the heap size. Usually set to one of 3,4 points Xmx (Sun official recommended configuration for the entire heap 3/8.)