brief introduction
Through ulimit -n command, you can check the maximum value of open file descriptor in linux system. The general default value is 1024. For a busy server, this value is too small, so it is necessary to reset the maximum value of open file descriptor in linux system. So where should I set it?
The most correct way is in / etc / security / limits Settings in conf:
[root@localhost security]# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 30518 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 1024 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [root@localhost security]# ulimit -n 10240 [root@localhost security]# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 30518 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 10240 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 1024 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [root@localhost security]#
1. Command usage
Command: ulimit
Function: control the resources of shell program
Syntax: ulimit [- ahs] [- C < core file upper limit >] [- d < data section size >] [- f < file size >] [- M < memory size >] [- N < number of files >] [- P < buffer size >] [- s < stack size >] [- T < CPU time >] [- U < number of programs >] [- V < virtual memory size >]
Supplementary notes: ulimit by shell Built in instructions that can be used to control shell Resources to execute the program. ginseng Number: -a Displays the current resource limit settings. -c <core File limit> set up core The maximum value of the file, in blocks. -d <Data section size> The maximum value of the program data section, in KB. -f <file size> shell The maximum file that can be created, in blocks. -H Set the hard limit of resources, that is, the limit set by the administrator. -m <Memory size> Specifies the upper limit of available memory in KB. -n <Number of documents> Specifies the maximum number of files that can be opened at one time. -p <Buffer size> Specifies the size of the pipeline buffer in 512 bytes. -s <Stack size > Specifies the upper limit of the stack in KB. -S Set elastic limits for resources. -t <CPU time> appoint CPU Upper limit of usage time, in seconds. -u <Number of processes> The maximum number of processes that a user can start. -v <Virtual memory size> Specifies the maximum amount of virtual memory that can be used, in KB.
2. System tuning
As mentioned earlier, ulimit -a Used to display various current user process restrictions. Linux For each user, the system limits the maximum number of processes. In order to improve the performance, according to the equipment resources, Set each linux The maximum number of processes of the user. Below, I will linux The maximum number of processes for users is set to 10000: ulimit -u 10000 A lot needs to be done about socket Connect and leave them open Java For applications, Preferably by using ulimit -n xx Modify the number of files that can be opened by each process. The default value is 1024. ulimit -n 4096 Increase the number of files that can be opened by each process to 4096, and the default is 1024 Other suggestions are set to unlimited( unlimited)Some important settings are: Data segment length: ulimit -d unlimited Maximum memory size: ulimit -m unlimited Stack size: ulimit -s unlimited CPU Time: ulimit -t unlimited Virtual memory: ulimit -v unlimited
Temporarily, it applies during a shell session logged in with the ulimit command.
Permanently, add a corresponding ulimit statement to the file read by the login shell, that is, the shell specific user resource file, such as:
- Remove the maximum number of processes and maximum number of file openings on Linux system:
vi /etc/security/limits.conf
#Add the following line
* soft noproc 11000
* hard noproc 11000
* soft nofile 4100
* hard nofile 4100
Note: * for all users
noproc represents the maximum number of processes
nofile is the maximum number of file openings - Allow SSH to accept the Login of Login program, so as to check ulimit -a resource limit on SSH client:
a,vi /etc/ssh/sshd_config
Change the value of UserLogin to yes and remove the # comment
b. Restart sshd service:
/etc/init.d/sshd restart - Modify the environment variable files of all linux users:
vi /etc/profile
ulimit -u 10000
ulimit -n 4096
ulimit -d unlimited
ulimit -m unlimited
ulimit -s unlimited
ulimit -t unlimited
ulimit -v unlimited
/**************************************
Sometimes multiple files need to be opened in the program for analysis. The system generally defaults to 1024 (you can see with ulimit -a). It is enough for normal use, but it is too few for the program.
Modify 2 files.
- /etc/security/limits.conf
vi /etc/security/limits.conf
add:
- soft nofile 8192
- hard nofile 20480
- /etc/pam.d/login
session required /lib/security/pam_limits.so
Also make sure / etc / PAM The D / system auth file has the following contents
session required /lib/security/$ISA/pam_limits.so
This line ensures that the system will enforce this restriction.
- For ordinary users bash_profile
#ulimit -n 1024
Log in again ok
- /proc Directory:
1) The / proc directory contains many parameters of the current state of the system, such as references
/proc/sys/fs/file-max
/proc/sys/fs/inode-max
It is a restriction on the whole system, not for users;
2) The value in the proc directory can be set dynamically. If you want it to take effect permanently, you can modify / etc / sysctl Conf file and confirm with the following command:
sysctl -p
For example, add:
quote
fs.file-max=xxx
fs.inode-max=xxx