Skip to content

Server Optimization

The following guide can help you optimize your Ubuntu server in order to be able to support a high number of requests, without reaching any of the defaults limits. It is not meant for security, only performance.

After configurations are done, please reboot your server.

Tune global limits

add to /etc/sysctl.d/999-perf.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
fs.file-max=1048576
fs.inotify.max_user_instances=1048576
fs.inotify.max_user_watches=1048576
fs.nr_open=1048576
net.core.default_qdisc=fq
net.core.netdev_max_backlog=1048576
net.core.rmem_max=16777216
net.core.somaxconn=65535
net.core.wmem_max=16777216
net.ipv4.ip_local_port_range=1024 65535
net.ipv4.netfilter.ip_conntrack_max=1048576
net.ipv4.tcp_fin_timeout=5
net.ipv4.tcp_max_orphans=1048576
net.ipv4.tcp_max_syn_backlog=20480
net.ipv4.tcp_max_tw_buckets=400000
net.ipv4.tcp_no_metrics_save=1
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_slow_start_after_idle=0
net.ipv4.tcp_synack_retries=2
net.ipv4.tcp_syn_retries=2
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_wmem=4096 65535 16777216
net.nf_conntrack_max=1048576
vm.max_map_count=1048576
vm.min_free_kbytes=65535
vm.overcommit_memory=1
vm.swappiness=0
vm.vfs_cache_pressure=50

Tune user limits

add to /etc/security/limits.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
*               soft    nofile          1048576
*               hard    nofile          1048576
root            soft    nofile          1048576
root            hard    nofile          1048576
*               soft    nproc           1048576
*               hard    nproc           1048576
root            soft    nproc           1048576
root            hard    nproc           1048576
*               soft    memlock         unlimited
*               hard    memlock         unlimited
root            soft    memlock         unlimited
root            hard    memlock         unlimited
*               soft    core            0
*               hard    core            0
root            soft    core            0
root            hard    core            0

Tune systemd limits

add to /etc/systemd/system.conf

1
2
3
4
[Manager]
DefaultLimitNOFILE=1048576
DefaultLimitNPROC=1048576
DefaultLimitMEMLOCK=infinity