diff --git a/roles/prepare/tasks/common.yml b/roles/prepare/tasks/common.yml
index 4ee9cff..d891f20 100644
--- a/roles/prepare/tasks/common.yml
+++ b/roles/prepare/tasks/common.yml
@@ -49,8 +49,12 @@
   shell: "sysctl -p /etc/sysctl.d/95-k8s-sysctl.conf"
   ignore_errors: true
 
+# 设置系统 ulimits
+- name: 创建 systemd 配置目录
+  file: name=/etc/systemd/system.conf.d state=directory
+
 - name: 设置系统 ulimits
-  template: src=30-k8s-ulimits.conf.j2 dest=/etc/security/limits.d/30-k8s-ulimits.conf
+  template: src=30-k8s-ulimits.conf.j2 dest=/etc/systemd/system.conf.d/30-k8s-ulimits.conf
 
 - name: 把SCTP列入内核模块黑名单
   copy: src=sctp.conf dest=/etc/modprobe.d/sctp.conf
diff --git a/roles/prepare/tasks/debian.yml b/roles/prepare/tasks/debian.yml
index 3c8885a..052cb9a 100644
--- a/roles/prepare/tasks/debian.yml
+++ b/roles/prepare/tasks/debian.yml
@@ -23,12 +23,6 @@
       - ipvsadm
     state: present
 
-- name: 设置 ulimits
-  lineinfile:
-    dest: /etc/profile
-    regexp: "ulimit -SHn"
-    line: "ulimit -SHn 65535"
-
 # 优化设置 journal 日志相关，避免日志重复搜集，浪费系统资源
 - name: 准备 journal 日志相关目录
   file: name={{ item }} state=directory
diff --git a/roles/prepare/templates/30-k8s-ulimits.conf.j2 b/roles/prepare/templates/30-k8s-ulimits.conf.j2
index e9abdd2..3af5242 100644
--- a/roles/prepare/templates/30-k8s-ulimits.conf.j2
+++ b/roles/prepare/templates/30-k8s-ulimits.conf.j2
@@ -1,4 +1,4 @@
-* soft nofile 65536
-* hard nofile 65536
-* soft nproc 65536
-* hard nproc 65536
+[Manager]
+DefaultLimitCORE=infinity
+DefaultLimitNOFILE=100000
+DefaultLimitNPROC=100000