Skip to main content
  1. Blog
  2. Article

Jorge O. Castro
on 11 August 2015

How Netflix tunes Ubuntu on EC2

ec2 Ubuntu

One of the nice things about having Netflix running Ubuntu is that the community can take advantage of the lessons they learn about running services at scale.

I had the pleasure of attending Brendan Gregg’s Linux Profiling at Netflix talk at SCALE13x and afterwards he gave me a list of things that Netflix did to Ubuntu to meet their needs. A bunch of it was bug reports, things like this Xen issue, and other fixes that have since been incorporated into 14.04 and our cloud images. Afterwards, Brendan did a follow up talk on how Netflix tunes their instances.

WARNING: These tunables were developed in late 2014, for Ubuntu 14.04 on EC2. They are meant to be shared as a baseline for you to experiment with, don’t consider these production-ready without proper testing, etc.

CPU

schedtool –B PID

Virtual Memory

vm.swappiness = 0 # from 60

Huge Pages

# echo never > /sys/kernel/mm/transparent_hugepage/enabled # from madvise

File System

vm.dirty_ratio = 80 # from 40
vm.dirty_background_ratio = 5 # from 10
vm.dirty_expire_centisecs = 12000 # from 3000
mount -o defaults,noatime,discard,nobarrier …

Storage I/O

/sys/block/*/queue/rq_affinity 2
/sys/block/*/queue/scheduler noop
/sys/block/*/queue/nr_requests 256
/sys/block/*/queue/read_ahead_kb 256
mdadm –chunk=64 ...

Networking

net.core.somaxconn = 1000
net.core.netdev_max_backlog = 5000
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_wmem = 4096 12582912 16777216
net.ipv4.tcp_rmem = 4096 12582912 16777216
net.ipv4.tcp_max_syn_backlog = 8096
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 10240 65535
net.ipv4.tcp_abort_on_overflow = 1 # maybe

Hypervisor (Xen)

echo tsc > /sys/devices/system/clocksource/clocksource0/current_clocksource

Here are the accompanying slides to the talk.

Where to test?

As Greg mentions, it would be silly for everyone to just take these settings and blindly run them. Just because setting X works for Netflix doesn’t necessarily mean it will work for you. This is why we’ve set up cloud-benchmarks.org, where the community can submit benchmarks of complex deployed systems, and then compare them across clouds.

Take a service you care about, run it with stock Ubuntu, and then run it with these settings, then start iterating and tweaking, share your results, and then, most importantly, start the discussion about performance with your peers.

Many thanks to Brendan and Netflix for sharing their Devops expertise with us!

Related posts

Massimiliano Gori
31 March 2026

How to manage Ubuntu fleets using on-premises Active Directory and ADSys

Cloud and server Article

The “hybrid fleet” is today’s reality: organizations diversify operating systems while Microsoft Active Directory (AD) remains the dominant identity “source of truth.” IT administrators must ensure Linux machines, like Ubuntu desktops and servers, behave as first-class citizens in this environment. Efficient Linux management demands unifi ...

Massimiliano Gori
30 March 2026

How to Harden Ubuntu SSH: From static keys to cloud identity

Cloud and server Article

30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, ...

Massimiliano Gori
27 March 2026

Modern Linux identity management: from local auth to the cloud with Ubuntu

Cloud and server Article

The modern enterprise operates in a hybrid world where on-premises infrastructure coexists with cloud services, and security threats evolve daily. IT administrators are tasked with a difficult balancing act: maintaining traditional local workflows while managing the inevitable shift toward cloud-native architectures. Identity has emerged ...