AlmaLinux作为CentOS的替代品,已成为企业级Linux发行版的重要选择。本文将深入探讨AlmaLinux的性能优化策略,涵盖内核调优、资源管理、服务优化等多个方面,帮助您提升系统效率与稳定性。
一、系统基础优化
1.1 内核参数调优
内核参数调整是性能优化的基础。通过修改/etc/sysctl.conf文件,可以优化网络、内存和文件系统性能。
# 编辑sysctl配置文件
sudo nano /etc/sysctl.conf
# 添加以下优化参数
# 网络性能优化
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_max_tw_buckets = 1440000
# 内存管理优化
vm.swappiness = 10
vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
vm.vfs_cache_pressure = 50
# 文件系统优化
fs.file-max = 2097152
fs.nr_open = 2097152
应用配置:
sudo sysctl -p
示例说明:
net.core.somaxconn:增加TCP连接队列长度,应对高并发场景vm.swappiness:降低交换倾向,优先使用物理内存fs.file-max:增加系统可打开文件数限制
1.2 资源限制调整
通过/etc/security/limits.conf调整用户资源限制:
# 编辑limits.conf
sudo nano /etc/security/limits.conf
# 添加以下内容
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft memlock unlimited
* hard memlock unlimited
二、存储系统优化
2.1 I/O调度器选择
根据存储设备类型选择合适的I/O调度器:
# 查看当前I/O调度器
cat /sys/block/sda/queue/scheduler
# 临时修改(重启失效)
echo deadline > /sys/block/sda/queue/scheduler
# 永久修改(创建udev规则)
sudo nano /etc/udev/rules.d/60-ioscheduler.rules
# 添加以下内容
ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="deadline"
ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="1", ATTR{queue/scheduler}="mq-deadline"
调度器选择指南:
- SSD/NVMe:使用
none或mq-deadline - HDD:使用
mq-deadline或bfq - 虚拟机:根据虚拟化平台选择
2.2 文件系统优化
XFS文件系统优化
# 创建优化的XFS文件系统
mkfs.xfs -f -i size=512 -l size=128m,lazy-count=1 /dev/sdb1
# 挂载参数优化
mount -o noatime,nodiratime,logbufs=8,logbsize=256k /dev/sdb1 /data
# 永久挂载配置
echo "/dev/sdb1 /data xfs noatime,nodiratime,logbufs=8,logbsize=256k 0 0" >> /etc/fstab
EXT4文件系统优化
# 创建优化的EXT4文件系统
mkfs.ext4 -E lazy_itable_init=0,lazy_journal_init=0 -O ^has_journal /dev/sdc1
# 挂载参数优化
mount -o noatime,nodiratime,data=writeback,barrier=0 /dev/sdc1 /data
# 永久挂载配置
echo "/dev/sdc1 /data ext4 noatime,nodiratime,data=writeback,barrier=0 0 0" >> /etc/fstab
2.3 LVM优化
# 创建优化的LVM卷组
vgcreate -s 64M vg_data /dev/sdb /dev/sdc
# 创建优化的逻辑卷
lvcreate -L 100G -n lv_data vg_data
# 创建优化的文件系统
mkfs.xfs -i size=512 /dev/vg_data/lv_data
# 挂载优化
mount -o noatime,nodiratime /dev/vg_data/lv_data /data
三、内存管理优化
3.1 Transparent Huge Pages (THP)
THP在某些场景下可能影响性能,建议根据应用需求调整:
# 查看当前THP状态
cat /sys/kernel/mm/transparent_hugepage/enabled
# 临时禁用THP
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo never > /sys/kernel/mm/transparent_hugepage/defrag
# 永久禁用(创建systemd服务)
sudo nano /etc/systemd/system/disable-thp.service
# 添加以下内容
[Unit]
Description=Disable Transparent Huge Pages
After=network.target
[Service]
Type=oneshot
ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/enabled'
ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/defrag'
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
# 启用服务
sudo systemctl daemon-reload
sudo systemctl enable disable-thp.service
sudo systemctl start disable-thp.service
3.2 内存回收策略
# 调整内存回收参数
sudo nano /etc/sysctl.conf
# 添加以下内容
vm.swappiness = 10
vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
vm.vfs_cache_pressure = 50
vm.min_free_kbytes = 65536
vm.zone_reclaim_mode = 0
# 应用配置
sudo sysctl -p
3.3 NUMA优化
对于多处理器系统,NUMA优化至关重要:
# 查看NUMA拓扑
numactl --hardware
# 绑定进程到特定NUMA节点
numactl --cpunodebind=0 --membind=0 your_application
# 创建NUMA优化的systemd服务
sudo nano /etc/systemd/system/numa-optimized.service
# 添加以下内容
[Unit]
Description=NUMA Optimized Application
After=network.target
[Service]
Type=simple
ExecStart=/usr/bin/numactl --cpunodebind=0 --membind=0 /usr/local/bin/your_app
Restart=always
[Install]
WantedBy=multi-user.target
四、网络性能优化
4.1 网络接口优化
# 查看网卡信息
ethtool eth0
# 优化网卡参数
sudo ethtool -G eth0 rx 4096 tx 4096
sudo ethtool -C eth0 rx-usecs 100 tx-usecs 100
sudo ethtool -K eth0 gro on gso on tso on
# 永久配置(创建udev规则)
sudo nano /etc/udev/rules.d/99-network-optimization.rules
# 添加以下内容
ACTION=="add", SUBSYSTEM=="net", KERNEL=="eth*", RUN+="/usr/bin/ethtool -G %k rx 4096 tx 4096"
ACTION=="add", SUBSYSTEM=="net", KERNEL=="eth*", RUN+="/usr/bin/ethtool -C %k rx-usecs 100 tx-usecs 100"
ACTION=="add", SUBSYSTEM=="net", KERNEL=="eth*", RUN+="/usr/bin/ethtool -K %k gro on gso on tso on"
4.2 TCP/IP栈优化
# 编辑sysctl.conf
sudo nano /etc/sysctl.conf
# 添加以下内容
# 网络性能优化
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 5000
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.ipv4.tcp_rmem = 4096 87380 134217728
net.ipv4.tcp_wmem = 4096 65536 134217728
net.ipv4.tcp_mem = 134217728 134217728 134217728
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.ip_local_port_range = 1024 65535
# 应用配置
sudo sysctl -p
4.3 高性能网络服务配置
Nginx优化示例
# 编辑Nginx配置
sudo nano /etc/nginx/nginx.conf
# 添加以下优化配置
worker_processes auto;
worker_rlimit_nofile 65536;
events {
worker_connections 65536;
use epoll;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
keepalive_requests 1000;
client_body_buffer_size 128k;
client_max_body_size 10m;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
# Gzip压缩
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_proxied any;
gzip_comp_level 6;
gzip_types
text/plain
text/css
text/xml
text/javascript
application/javascript
application/xml+rss
application/json;
# 缓存配置
open_file_cache max=10000 inactive=30s;
open_file_cache_valid 60s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
Apache优化示例
# 编辑Apache配置
sudo nano /etc/httpd/conf/httpd.conf
# 添加以下优化配置
ServerLimit 100
MaxRequestWorkers 100
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxConnectionsPerChild 1000
# 模块优化
LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule expires_module modules/mod_expires.so
# 性能优化
Timeout 60
KeepAlive On
KeepAliveTimeout 5
MaxKeepAliveRequests 100
# Gzip压缩
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
</IfModule>
# 缓存控制
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
</IfModule>
五、数据库性能优化
5.1 MySQL/MariaDB优化
# 编辑MySQL配置文件
sudo nano /etc/my.cnf.d/server.cnf
# 添加以下优化配置
[mysqld]
# 基础配置
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/run/mariadb/mariadb.pid
# 内存优化
innodb_buffer_pool_size = 4G
innodb_log_file_size = 512M
innodb_log_buffer_size = 64M
innodb_flush_log_at_trx_commit = 2
innodb_flush_method = O_DIRECT
innodb_file_per_table = 1
innodb_read_io_threads = 8
innodb_write_io_threads = 8
innodb_io_capacity = 2000
innodb_io_capacity_max = 4000
# 连接优化
max_connections = 500
max_connect_errors = 100000
thread_cache_size = 100
table_open_cache = 2000
# 查询缓存(MySQL 8.0+已移除)
# query_cache_type = 1
# query_cache_size = 64M
# 日志优化
slow_query_log = 1
slow_query_log_file = /var/log/mariadb/slow.log
long_query_time = 2
log_queries_not_using_indexes = 1
# 其他优化
tmp_table_size = 256M
max_heap_table_size = 256M
join_buffer_size = 8M
sort_buffer_size = 8M
read_buffer_size = 4M
read_rnd_buffer_size = 8M
5.2 PostgreSQL优化
# 编辑PostgreSQL配置文件
sudo nano /var/lib/pgsql/data/postgresql.conf
# 添加以下优化配置
# 内存优化
shared_buffers = 4GB
effective_cache_size = 12GB
work_mem = 64MB
maintenance_work_mem = 512MB
# 并发优化
max_connections = 200
max_worker_processes = 8
max_parallel_workers_per_gather = 4
max_parallel_workers = 8
# WAL优化
wal_buffers = 16MB
checkpoint_completion_target = 0.9
max_wal_size = 4GB
min_wal_size = 1GB
# 查询优化
random_page_cost = 1.1
effective_io_concurrency = 200
default_statistics_target = 500
# 日志优化
log_min_duration_statement = 1000
log_checkpoints = on
log_connections = on
log_disconnections = on
log_lock_waits = on
log_temp_files = 0
六、容器与虚拟化优化
6.1 Docker优化
# 编辑Docker守护进程配置
sudo nano /etc/docker/daemon.json
# 添加以下优化配置
{
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"default-ulimits": {
"nofile": {
"Name": "nofile",
"Hard": 65536,
"Soft": 65536
}
},
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true,
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 5,
"registry-mirrors": ["https://mirror.gcr.io"]
}
# 重启Docker服务
sudo systemctl daemon-reload
sudo systemctl restart docker
6.2 Kubernetes优化
# 编辑Kubelet配置
sudo nano /etc/kubernetes/kubelet.conf
# 添加以下优化配置
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
address: "0.0.0.0"
port: 10250
readOnlyPort: 0
cgroupDriver: systemd
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
resolvConf: /etc/resolv.conf
maxPods: 110
kubeReserved:
cpu: "200m"
memory: "256Mi"
systemReserved:
cpu: "100m"
memory: "128Mi"
evictionHard:
memory.available: "100Mi"
nodefs.available: "10%"
imagefs.available: "15%"
evictionSoft:
memory.available: "200Mi"
nodefs.available: "15%"
imagefs.available: "20%"
evictionSoftGracePeriod:
memory.available: "1m"
nodefs.available: "1m"
imagefs.available: "1m"
evictionMaxPodGracePeriod: 30
evictionPressureTransitionPeriod: 5m
七、监控与调优工具
7.1 性能监控工具
# 安装监控工具
sudo dnf install -y sysstat htop iotop iftop nmon
# 启用sysstat收集
sudo nano /etc/sysconfig/sysstat
# 修改以下内容
ENABLED="true"
HISTORY=7
COMPRESSAFTER=31
# 启动服务
sudo systemctl enable sysstat
sudo systemctl start sysstat
# 查看实时性能
htop # 进程监控
iotop # I/O监控
iftop # 网络流量监控
nmon # 综合性能监控
7.2 自动化调优脚本
#!/bin/bash
# AlmaLinux性能优化脚本
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# 日志函数
log_info() {
echo -e "${GREEN}[INFO]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# 检查root权限
check_root() {
if [[ $EUID -ne 0 ]]; then
log_error "This script must be run as root"
exit 1
fi
}
# 备份原始配置
backup_config() {
log_info "Backing up original configuration..."
BACKUP_DIR="/root/alma_backup_$(date +%Y%m%d_%H%M%S)"
mkdir -p $BACKUP_DIR
cp /etc/sysctl.conf $BACKUP_DIR/
cp /etc/security/limits.conf $BACKUP_DIR/
cp /etc/fstab $BACKUP_DIR/
log_info "Backup completed: $BACKUP_DIR"
}
# 优化sysctl
optimize_sysctl() {
log_info "Optimizing sysctl parameters..."
# 备份原始文件
cp /etc/sysctl.conf /etc/sysctl.conf.backup
# 添加优化参数
cat >> /etc/sysctl.conf << 'EOF'
# AlmaLinux Performance Optimization
# Network
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.ip_local_port_range = 1024 65535
# Memory
vm.swappiness = 10
vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
vm.vfs_cache_pressure = 50
vm.min_free_kbytes = 65536
# File System
fs.file-max = 2097152
fs.nr_open = 2097152
EOF
# 应用配置
sysctl -p
log_info "Sysctl optimization completed"
}
# 优化limits
optimize_limits() {
log_info "Optimizing resource limits..."
# 备份原始文件
cp /etc/security/limits.conf /etc/security/limits.conf.backup
# 添加优化参数
cat >> /etc/security/limits.conf << 'EOF'
# AlmaLinux Performance Optimization
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft memlock unlimited
* hard memlock unlimited
EOF
log_info "Limits optimization completed"
}
# 优化THP
optimize_thp() {
log_info "Optimizing Transparent Huge Pages..."
# 创建systemd服务
cat > /etc/systemd/system/disable-thp.service << 'EOF'
[Unit]
Description=Disable Transparent Huge Pages
After=network.target
[Service]
Type=oneshot
ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/enabled'
ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/defrag'
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
# 启用服务
systemctl daemon-reload
systemctl enable disable-thp.service
systemctl start disable-thp.service
log_info "THP optimization completed"
}
# 主函数
main() {
log_info "Starting AlmaLinux Performance Optimization..."
check_root
backup_config
optimize_sysctl
optimize_limits
optimize_thp
log_info "Optimization completed successfully!"
log_info "Please reboot the system to apply all changes."
}
# 执行主函数
main "$@"
八、最佳实践与注意事项
8.1 优化原则
- 渐进式优化:每次只调整一个参数,观察效果
- 监控先行:优化前建立性能基线
- 测试验证:在测试环境验证优化效果
- 文档记录:记录所有优化配置和原因
8.2 常见问题排查
# 系统性能问题排查脚本
#!/bin/bash
echo "=== 系统性能诊断报告 ==="
echo "生成时间: $(date)"
echo ""
echo "1. CPU使用情况:"
mpstat -P ALL 1 5 | tail -n 10
echo ""
echo "2. 内存使用情况:"
free -h
echo ""
echo "3. I/O使用情况:"
iostat -x 1 5 | tail -n 10
echo ""
echo "4. 网络连接情况:"
ss -s
echo ""
echo "5. 进程资源使用:"
top -b -n 1 | head -20
echo ""
echo "6. 系统日志检查:"
journalctl -p err -b | tail -20
echo ""
echo "7. 磁盘空间:"
df -h
echo ""
echo "8. 系统负载:"
uptime
echo ""
echo "=== 诊断完成 ==="
8.3 性能优化检查清单
- [ ] 内核参数已优化
- [ ] 资源限制已调整
- [ ] I/O调度器已选择合适类型
- [ ] 文件系统挂载参数已优化
- [ ] THP已根据应用需求调整
- [ ] 网络参数已优化
- [ ] 数据库配置已调优
- [ ] 监控工具已安装
- [ ] 优化配置已备份
- [ ] 测试环境已验证
九、总结
AlmaLinux性能优化是一个持续的过程,需要根据具体应用场景和硬件配置进行调整。本文提供的优化策略涵盖了系统各个层面,从内核参数到应用配置,从存储优化到网络调优。
关键要点:
- 内核调优是基础,直接影响系统整体性能
- 存储优化对I/O密集型应用至关重要
- 内存管理需要平衡性能与稳定性
- 网络优化对高并发服务影响显著
- 监控与调优是持续改进的保障
建议在生产环境实施优化前,先在测试环境充分验证。同时,建立完善的监控体系,持续跟踪优化效果,根据实际负载情况动态调整优化策略。
通过系统性的性能优化,AlmaLinux可以充分发挥硬件潜力,为企业应用提供高效、稳定的运行环境。