test

Sun OpenSSO Enterprise 8.0 Performance Tuning Guide

Linux OS

To tune for maximum performance on Linux systems, make tuning adjustments to the following items:

For detailed information on tuning Linux operating system parameters, see the IBM Linux Performance and Tuning Guidelines.

File Descriptors

You might need to increase the number of file descriptors from the default. A higher number of file descriptors ensures that the server can open sockets under high load and not abort requests coming in from clients. Start by checking system limits for file descriptors with this command: 


cat /proc/sys/fs/file-max
8192

The current limit shown is 8192. To increase it to 65535, use the following command (as root):

echo "65535" > /proc/sys/fs/file-max

To make this value survive a system reboot, add it to /etc/sysctl.conf and specify the maximum number of open files permitted:

fs.file-max = 65535

The parameter is not proc.sys.fs.file-max, as you might expect.

To list the available parameters that can be modified using sysctl:

sysctl -a

To load new values from the sysctl.conf file:

sysctl -p /etc/sysctl.conf

To check and modify limits per shell, use the following command:

ulimit -a

The output will look something like this:


cputime         unlimited
filesize        unlimit
datasize        unlimited
stacksize       8192 kbytes
coredumpsize    0 kbytes
memoryuse       unlimited
descriptors     1024
memorylocked    unlimited
maxproc         8146
openfiles       1024

The open files and descriptors show a limit of 1024. To increase the limit to 65535 for all users, edit /etc/security/limits.conf as root, and modify or add the nofile setting (number of file) entries:


*         soft    nofile                     65535
*         hard    nofile                     65535

The asterisk (*) is a wildcard that identifies all users. You can also specify a user ID instead.

TCP Settings

To tune the TCP/IP settings, follow these steps:

  1. Add the following entry to /etc/rc.local: 


    echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
      echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time
      echo 75 > /proc/sys/net/ipv4/tcp_keepalive_intvl
      echo 0 > /proc/sys/net/ipv4/tcp_window_scaling

  2. Add the following to /etc/sysctl.conf: 


          net.ipv4.ip_local_port_range = 1204 65000
      net.core.rmem_max = 8388608
      net.ipv4.tcp_rmem = 4096 131072 8388608
      net.ipv4.tcp_wmem = 4096 131072 8388608
      net.ipv4.tcp_sack = 0
      net.ipv4.tcp_timestamps = 0
      net.ipv4.tcp_window_scaling = 0
      net.ipv4.tcp_keepalive_time = 60
      net.ipv4.tcp_keepalive_intvl = 75
      net.ipv4.tcp_fin_timeout = 30

  3. Add the following as the last entry in /etc/rc.local:

    sysctl -p /etc/sysctl.conf

  4. Reboot the system.