Optimizable Node System Parameters
CCE provides default node system parameters, which may cause performance bottlenecks in some scenarios. Therefore, you can customize and optimize some node system parameters. Optimizable Node System Parameters describes the node system parameters.
- The modification has certain risks. Be familiar with Linux commands and Linux OS.
- The parameters listed in Table 1 have been tested and verified. Do not modify other parameters. Otherwise, node faults may occur.
- The commands for modifying node system parameters are valid only when public images are used. The commands provided in this document are for reference only when private images are used.
- After the node is restarted, run the sysctl -p command to update the parameter value.
Parameter |
Parameter Location |
Description |
Reference |
---|---|---|---|
kernel.pid_max |
/etc/sysctl.conf |
Maximum number of process IDs on a node Obtaining the parameter: sysctl kernel.pid_max |
|
RuntimeMaxUse |
/etc/systemd/journald.conf |
Upper limit of the memory occupied by the node log cache. If this parameter is not set, a large amount of memory will be occupied after the system runs for a long time. Obtaining the parameter: cat /etc/systemd/journald.conf | grep RuntimeMaxUse |
Changing the RuntimeMaxUse of the Memory Used by the Log Cache on a Node |
Openfiles |
/etc/security/limits.conf |
Maximum number of file handles for a single process on a node, which can be adjusted as required. Obtaining the parameter: ulimit -n |
Changing the Maximum Number of File Handles for a Single Process on a Node |
(inside the Openfiles container) LimitNOFILE LimitNPROC |
|
Maximum number of file handles for a single process in a container, which can be adjusted as required. Obtaining the parameter:
Docker nodes:
cat /proc/`pidof dockerd`/limits | grep files
containerd nodes:
cat /proc/`pidof containerd`/limits | grep files |
Changing the Maximum Number of File Handles for a Single Container Process |
file-max |
/etc/sysctl.conf |
Maximum number of file handles in the system, which can be adjusted as required. Obtaining the parameter: sysctl fs.file-max |
Changing the Maximum Number of System-Level File Handles on a Node |
nf_conntrack_buckets nf_conntrack_max |
/etc/sysctl.conf |
Capacity of the connection tracing table, which can be adjusted as required. Bucket usage = [nf_conntrack_count]/[nf_conntrack_buckets] Adjust the buckets value to ensure that the bucket usage is lower than 0.7. Obtaining the parameter: sysctl net.netfilter.nf_conntrack_count sysctl net.netfilter.nf_conntrack_buckets sysctl net.netfilter.nf_conntrack_max |
|
net.netfilter.nf_conntrack_tcp_timeout_close |
/etc/sysctl.conf |
Expiration time of the entry of the connection in the close state in the connection tracking table. Shortening the expiration time can speed up the recycling. Obtaining the parameter: sysctl net.netfilter.nf_conntrack_tcp_timeout_close |
|
net.netfilter.nf_conntrack_tcp_be_liberal |
/etc/sysctl.conf |
The parameter value is 0 or 1.
Obtaining the parameter: sysctl net.netfilter.nf_conntrack_tcp_be_liberal |
|
tcp_keepalive_time |
/etc/sysctl.conf |
Interval at which a TCP keepalive message is sent. If this parameter is set to a large value, TCP connections may be suspended in the Close_wait phase for a long time, exhausting system resources. Obtaining the parameter: sysctl net.ipv4.tcp_keepalive_time |
|
tcp_max_syn_backlog |
/etc/sysctl.conf |
Maximum number of TCP half-connections, that is, the maximum number of connections in the SYN_RECV queue. Obtaining the parameter: sysctl net.ipv4.tcp_max_syn_backlog |
|
tcp_max_tw_buckets |
/etc/sysctl.conf |
Specifies the maximum number of sockets in the time-wait state that can exist at any time. If the parameter value is too large, node resources may be exhausted. Obtaining the parameter: sysctl net.ipv4.tcp_max_tw_buckets |
|
net.core.somaxconn |
/etc/sysctl.conf |
Maximum number of TCP connections. This parameter controls the number of TCP connections in a queue. If this parameter is set to a small value, the number of TCP connections is prone to insufficiency. If this parameter is set to a large value, system resources may be wasted because each client waiting for connection in the connection queue occupies certain memory resources. Obtaining the parameter: sysctl net.core.somaxconn |
|
max_user_instances |
/etc/sysctl.conf |
Maximum number of inotify instances allowed for each user. If the parameter value is too small, the number of inotify instances may be insufficient in containers. Obtaining the parameter: sysctl fs.inotify.max_user_instances |
|
max_user_watches |
/etc/sysctl.conf |
Maximum number of directories of all monitoring instances. If the parameter value is too small, the number of directories may be insufficient in containers. Obtaining the parameter: sysctl fs.inotify.max_user_watches |
|
netdev_max_backlog |
/etc/sysctl.conf |
Size of the packet receiving queue of the network protocol stack. If the parameter value is too small, the queue size may be insufficient. Obtaining the parameter: sysctl net.core.netdev_max_backlog |
|
net.core.wmem_max net.core.rmem_max |
/etc/sysctl.conf |
Memory size (bytes) of the sending and receiving buffer. If this parameter is set to a small value, the memory size may be insufficient in large file scenarios. Obtaining the parameter: sysctl net.core.wmem_max sysctl net.core.rmem_max |
|
net.ipv4.neigh.default.gc_thresh1 net.ipv4.neigh.default.gc_thresh2 net.ipv4.neigh.default.gc_thresh3 |
/etc/sysctl.conf |
Optimization of the garbage collection of ARP entries.
Obtaining the parameter: sysctl net.ipv4.neigh.default.gc_thresh1 sysctl net.ipv4.neigh.default.gc_thresh2 sysctl net.ipv4.neigh.default.gc_thresh3 |
|
vm.max_map_count |
/etc/sysctl.conf |
If this parameter is set to a small value, a message is displayed indicating that the space is insufficient during ELK installation. Obtaining the parameter: sysctl vm.max_map_count |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot