Tune the host OS for container workloads: kernel params, I/O, and cgroups.

On this page

Linux Performance Tuning for Containers and Kubernetes Nodes

Node-level tuning improves container density and latency. Focus on kernel, I/O, and cgroups.

Key Kernel Parameters #

bash.bash

# /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
vm.max_map_count = 262144
fs.inotify.max_user_watches = 524288

Adjust per workload; document any custom values.

I/O and Scheduler #

Use io_uring where supported for async I/O.
For disk-heavy nodes, consider none or mq-deadline scheduler for data disks.

cgroups v2 #

With cgroups v2, memory and CPU are unified; ensure kubelet and container runtime use it consistently.
Set memory.high for soft limits to avoid OOM when possible.

Best Practices #

Baseline with a tuned AMI or image; avoid one-off node tweaks.
Monitor key metrics (CPU steal, memory pressure, I/O wait) and tune iteratively.
Document every change so new nodes match.

Tuning pays off most when combined with good app design and resource requests.

Linux Performance Tuning for Containers and Kubernetes Nodes

Linux Performance Tuning for Containers and Kubernetes Nodes

Key Kernel Parameters #

I/O and Scheduler #

cgroups v2 #

Best Practices #

Stay Updated

Best Practices: Incident Response for Platform Teams

Systemd Tricks We Use to Keep Services Boring

More from Linux

systemd Timers vs Cron: When We Switched and What We Learned

Linux Performance Troubleshooting: A Real Incident Walkthrough

Systemd Drop-In Overrides for Vendor Services: The Supportable Linux Ops Pattern

systemd Timers vs Cron: When We Switched and What We Learned

Linux Performance Troubleshooting: A Real Incident Walkthrough

Systemd Drop-In Overrides for Vendor Services: The Supportable Linux Ops Pattern

Systemd Service Reliability Patterns: What We Changed After Repeated Restart Loops

EKS Auto Mode: What Worked, What Broke in Our Migration

OpenTelemetry Collector Pipelines: Real Configs That Survived Production

About Kiril urbonas

You might have missed

GitOps with Argo CD: Best Practices for 2025

AI Agents in DevOps: From Copilots to Autonomous Automation in 2025

Prompt Engineering Best Practices: Maximizing LLM Performance

Linux Performance Tuning for Containers and Kubernetes Nodes

Key Kernel Parameters#

I/O and Scheduler#

cgroups v2#

Best Practices#

Stay Updated

Best Practices: Incident Response for Platform Teams

Systemd Tricks We Use to Keep Services Boring

More from Linux

systemd Timers vs Cron: When We Switched and What We Learned

Linux Performance Troubleshooting: A Real Incident Walkthrough

Systemd Drop-In Overrides for Vendor Services: The Supportable Linux Ops Pattern

About Kiril urbonas

You might have missed

GitOps with Argo CD: Best Practices for 2025

AI Agents in DevOps: From Copilots to Autonomous Automation in 2025

Prompt Engineering Best Practices: Maximizing LLM Performance

Key Kernel Parameters #

I/O and Scheduler #

cgroups v2 #

Best Practices #