Currently Browsing: Linux

Sysctl optimization updates for Redis, MongoDB, etc.

Sysctl Performance tips for Redis, MongoDB, etc.

# backup:
$ sysctl -a > /home/sysctl_$(date +%Y%m%d).bak
$ sysctl -a
# make changes to sysctl.conf:
$ vi/nano /etc/sysctl.conf
# web - nginx, redis, mongo, etc:
vm.swappiness = 10
vm.dirty_ratio = 40
vm.dirty_background_ratio = 10
# for larger servers:
net.ipv4.tcp_rmem = 4096 12582912 33554432
net.ipv4.tcp_wmem = 4096 12582912 33554432
net.core.rmem_max = 33554432
net.core.wmem_max = 33554432
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_max_syn_backlog = 65536
kernel.keys.root_maxkeys = 1000000
#Raise somaxconn (above 511)
net.core.somaxconn = 4096
# vm.overcommit_memory (optional):
# vm.overcommit_memory = 1
# set in /etc/rc.local (test reboot stickiness)
# ensure changes to sysctl configuration persist across reboots:
$ sysctl -p
# disable transparent hugepages (manually):
echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled
echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag
# to persist restart (on systemd), create service:
nano /etc/systemd/system/disable-thp.service
    Description=Disable Transparent Huge Pages (THP)
    ExecStart=/bin/sh -c "echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag"
# save the file and reload SystemD daemon:
systemctl daemon-reload
# start the script and enable it on boot level:
sudo systemctl start disable-thp
sudo systemctl enable disable-thp

more info:

  • Increase nginx open-files limit on systemd

    $ cat /proc/$(cat /run/
    $ nano /lib/systemd/system/nginx.service
    # --> [Service]
    $ systemctl daemon-reload
    $ systemctl restart nginx && systemctl status nginx

    Setting up Uncomplicated FireWall (UFW)

    Primarily used on Ubuntu and Debian:

    apt-get install ufw
    ufw enable
    ufw default deny incoming
    ufw default allow outgoing
    # checkit:
    ufw status verbose
    # add ssh
    ufw allow ssh
    # add other rules by servicename or custom, e.g. for Redis:
    # ufw allow in on eth1 to any port 6379 proto tcp

    see more here

    Cheatsheet: dynamic date value in shell scripts

    using a variable – easier to read in scripts:
    NOW=$(date +"%Y%m%d%H%M%S")
    echo "bar" > "$NOW"foobar.txt

    one-line, equivalent to above:
    echo "bar" > $(date +"%Y%m%d%H%M%S")foobar.txt

    alternate single-line format:
    echo "bar" >> $(date "+myfile%Y%m%d.txt")

    man strftime to see formatting values

    install VirtualBox Guest Additions & mount shared folders

    To use Guest Additions on a VirtualBox VM you need to install Guest Additions from the VBoxGuestAdditions.iso.

    On Ubuntu/Debian, you should install additional system tools first if you don’t already have then:

    apt-get update
    apt-get install dkms build-essential linux-headers-$(uname -r)

    First use the VB app to set up the share and then “insert” the virtual CD via the VB storage settings menu drop-down, then:

    mount /dev/cdrom /mnt
    cd /mnt
    ./ --nox11


    mount | grep vbox

    to verify the share path, etc.

    « Previous Entries