Performance
Ubuntu Kernel Performance Tuning for High-Load Servers
- Author :Liam K.
- Date :March 08, 2026
- Time :24 minutes
Kernel tuning should start from workload telemetry, not internet preset files. The right values for a TLS-heavy API server differ from a queue consumer host, so baseline first and tune with evidence.
1. Measure before changing sysctl
bash
vmstat 1 30
mpstat -P ALL 1 30
pidstat -dru 1 30
ss -s2. Network and socket baseline
conf
# /etc/sysctl.d/99-net-tuning.conf
net.core.somaxconn = 4096
net.core.netdev_max_backlog = 8192
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_fin_timeout = 153. Memory and VM pressure controls
conf
# /etc/sysctl.d/99-vm-tuning.conf
vm.swappiness = 10
vm.dirty_background_ratio = 5
vm.dirty_ratio = 20
vm.max_map_count = 262144Pair kernel tuning with process memory limits and OOM strategy. Kernel changes alone cannot protect a host from unbounded application memory growth.
4. Apply and validate safely
bash
sudo sysctl --system
sudo systemd-analyze verify
sudo journalctl -p err -b | tail -n 505. Day-2 checklist
- Version-control every sysctl change with workload notes.
- Re-test after kernel upgrades and cloud image refreshes.
- Alert on sustained steal time, major page faults, and run queue spikes.
- Keep rollback profiles for each server class.
"Effective kernel tuning is iterative engineering: measure, change one variable, validate, and document."
Technical Author
Liam K.
System administrator and technical writer specializing in server infrastructure, security and deployment. Creating comprehensive guides to help you master server administration.
Related Guides
Ansible Dynamic Inventory for AWS at Scale
March 08, 2026
Ansible Role Testing with Molecule and CI Pipelines
March 08, 2026