Optimizing Server Performance

D

DevynCJohnson

Guest
Servers provide services to clients on a network. Popular servers may serve thousands or millions of clients in a day. Also, with network speeds being limited, it seems apparent that servers should be optimized for maximum performance. In addition, to ensure that the server continues to offer its services, it is important that the server be secured. Learning some of these optimization and security tips for Linux servers may help many admins.

NOTE: This article will primarily focus on optimizations rather than security.

The first set of optimizations and security improvements begin with the hardware of the server. Ensure that all of the hardware is in working order and that the server is physically secure. Software security is useless if undesired people can physically access the server. Once someone has physical access, then hardware and data can easily be destroyed or stolen. As for hardware optimizations, the most important hardware includes the CPU, storage devices (i.e. hard-drives), RAM/memory, and network devices (such as network cards). Be sure to install plenty of memory chips, powerful CPUs, fast and stable storage devices (preferably with RAID), and fast network cards.

NOTE: There are many tips that can be given for the hardware and networking portion of server security and optimization. However, this article focuses on the software.

When installing a Linux distro for the server, select the distro that best satisfies the needs ( http://www.linux.org/threads/which-server-distro-is-right-for-me.7783/ ). If possible, place the swap partition on its own storage device or on the least-used storage device. When setting up the partitioning scheme, try to use the GPT partitioning table and ext4 filesystems. When formatting the filesystems, try to use a large block-size (such as 8192). In addition, place the core operating system, home directory, server data and files, and the boot directory each on their own partition or storage device. These tips make backups, restorations, file-writing, and data access easier and more efficient.

On the server, uninstall any applications that are not needed. Also, most servers should not have a GUI installed. The server should be a command-line interface. Also, disable unneeded daemons and services. The less software running and installed on the server usually results in a faster server and easier maintenance. As an added bonus, having less daemons and no GUI makes it harder for malicious hackers to cause damage.

Every time a file is read, the access-time meta-data is written to the hard-drive. Obviously, disabling access-time recording will increase the speed for file reads. To disable access-time, open /etc/fstab and add "noatime" to the parameters column for the desired filesystem. Be sure to use proper syntax and spelling in /etc/fstab. To make the change take effect without rebooting, execute "mount -oremount /MOUNT/POINT/" in a terminal with Root privileges. However, some applications need the access-time. If this issue is encountered or suspected, use "relatime" instead of "noatime" which is a faster alternative to storing access-time. Another parameter to use is "nodiratime" which disables the access time recording for directories.

Increasing the shared memory enhances the speed of the system and website. Shared memory is the memory space that any program can access. There are some options that can be set in /etc/sysctl.conf. First, it helps to have some understanding of the options used.
  • shmmax - max bytes per single shared memory segment; this should not exceed total memory
  • shmmin - min bytes per shared memory segment; this is usually "1"
  • shmall - sum of all shared segments (measured in pages)
  • shmmni - max number of segments
To figure out the proper value of shmmax, know the amount of system memory. This can be found be running "free" or "cat /proc/meminfo | grep MemTotal". Once the total memory is known, convert it to bytes using one of the below formulas. Next, choose a value less than the total amount of memory (in bytes). This is needed since the video card and Linux kernel will reserve some of the memory for themselves. Usually, half a gigabyte (536870912 bytes) is more than enough for the reserved memory. To get the shmmax value, subtract the reserved memory from the total.
  • KILOBYTES*1024=BYTES
  • MEGABYTES*1024*1024=BYTES
  • GIGABYTES*1024*1024*1024=BYTES
To get shmall, divide shmmax by the page-size. To get the page-size, execute "getconf PAGE_SIZE". Therefore, shmall is shmax divided by "getconf PAGE_SIZE".

To view the current values, execute "ipcs -lm" in a terminal, view /etc/sysctl.conf, or view various Proc file (cat /proc/sys/kernel/shmmax).

The desired values can be set permanently by editing /etc/sysctl.conf. Then, execute "sysctl -p" with Root privileges to make the changes take effect without rebooting. Alternatively, the values can be set temporarily until the next reboot by running commands like "echo 3758096384 > /proc/sys/kernel/shmmax" with Root privileges.

On my desktop system, I have the following values
  • kernel.shmmax=3758096384
  • kernel.shmmin=1
  • kernel.shmall=917504
  • kernel.shmmni=4096
TIP: Execute "ipcs -a" to view message queues, shared memory segments, and semaphore arrays.

If IPv6 will not be used, then disable it. To do so, open /etc/sysctl.conf and ensure that the below listed lines are in the file. Next, run "sysctl -p" in a terminal with Root privileges to refresh the settings without rebooting.
Code:
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

TIP: When making changes to /etc/sysctl.conf, remember to run "sysctl -p" and restart the daemons needed for the server.

Some other values that server admins may need to change in /etc/sysctl.conf include
  • fs.file-max - (int) max open files
  • net.ipv4.ip_local_port_range - (int int) range of usable ports; state start and end (1024 65535)
  • net.ipv4.tcp_tw_recycle - (bool) fast recycling of TIME_WAIT sockets
  • net.ipv4.tcp_tw_reuse - (bool) reuse of sockets in TIME_WAIT state
  • net.ipv4.tcp_syncookies - (bool) use syncookies
  • kernel.sched_migration_cost_ns - (int) migrate processes after X nanoseconds; useful on forking servers like Apache and PostgreSQL
  • net.core.rmem_max - (int) receiving socket buffer size in bytes

NOTE: In /etc/sysctl.conf, boolean values are represented as "1" for true and "0" for false.

Reducing or disabling logging and debugging improves IO performance, saves storage space, and reduces process activity. However, less logging and debugging will make diagnosing problems more difficult. Read about logrotate (http://www.linux.org/threads/logrotate.7100/) to learn how to modify logging.

Increase the cache sizes of some of the SQL databases (like MySQL). Also, keep the databases as small and organized as possible.

To find processes that are causing performance issues or bottlenecks, try the below listed commands.
  • iostat - display the network, device, and CPU usage of processes (in "sysstat" package)
  • top - lists processes and process info such as PID, memory usage, CPU usage, etc.
  • vmstat - list CPU, IO, and memory usage for processes

Optimize, simplify, and minify the website's code. Examples of code that should be enhanced includes Javascript, CSS, HTML, and PHP. Smaller files lead to reduced upload times for the server and faster download speeds for the client. Optimized code results in faster and more efficient code execution and processing in addition to easier maintenance. Here are some tips for CSS coding - http://dcjtech.info/topic/css-coding-tips/

HTTP servers (such as Apache) can be set to compress data. This results in better connection speeds. In addition to compression, enabling caching provides a way for the client to store cache on the local system. Thus, revisiting the website will result in better loading time since some or all of the web-content is saved on the client's system. On servers using Apache, the compression and cache settings are configured in the “.htaccess” file.

Servers with databases benefit from using hugepages. Hugepages are memory pages that can be larger than the usual pages. Run "grep -i hugetlbfs /proc/filesystems" or "grep Huge /proc/meminfo" to see if the system supports Hugepages. "hugetlbfs" is the module that offers hugepage support.
Hugepage sizes
  • x86 - 4K and 4M (2M in PAE mode)
  • x86-64 - 4K, 8K, 64K, 256K, 1M, 4M, 16M, 256M
  • ppc64 - 4K and 16M

Further Reading
 

Attachments

  • slide.jpg
    slide.jpg
    28.5 KB · Views: 142,719
Last edited:

Members online


Top