Ulimit in the ubuntu package

Sadaf_N · June 4, 2013, 1:40pm

Hi,

I’m using the ubuntu package from nginx.org.

In the package from the official ubuntu repo, you can set file
descriptor
limit by changing /etc/default/nginx

Check if the ULIMIT is set in /etc/default/nginx

if [ -n “$ULIMIT” ]; then
# Set the ulimits
ulimit $ULIMIT
fi
Is there a reason this setting is missing from the nginx.org package?

I increased the limit but checking /proc//limits still shows the
default.
Should it be enough to set the soft and hard nofile limits in
/etc/security/limits.conf
or do I have to set ulimit $ULIMIT in the init.d script?

Are there plans to use upstart instead of init.d script?

Thanks

pablo_platt · June 4, 2013, 2:31pm

On 4 Jun2013, at 15:39 , pablo platt [email protected] wrote:

Hi,

I’m using the ubuntu package from nginx.org.

In the package from the official ubuntu repo, you can set file descriptor limit
by changing /etc/default/nginx

Check if the ULIMIT is set in /etc/default/nginx

if [ -n “$ULIMIT” ]; then
# Set the ulimits
ulimit $ULIMIT
fi

ulimit without flags sets max file size in blocks, not file descriptor
limit, so
you may fill a bug in their bug tracker.

Is there a reason this setting is missing from the nginx.org package?

I increased the limit but checking /proc//limits still shows the default.
Should it be enough to set the soft and hard nofile limits in
/etc/security/limits.conf
or do I have to set ulimit $ULIMIT in the init.d script?

You may add worker_rlimit_nofile in nginx.conf
(Core functionality).

Are there plans to use upstart instead of init.d script?

No. I will try to wait until either systemd or upstart win.

pablo_platt · June 4, 2013, 2:39pm

Hello!

On Tue, Jun 04, 2013 at 04:30:40PM +0400, Sergey B. wrote:

# Set the ulimits
ulimit $ULIMIT
fi
ulimit without flags sets max file size in blocks, not file descriptor limit, so
you may fill a bug in their bug tracker.

I think the expected use is to supply arguments within the ULIMIT
variable.

–
Maxim D.
http://nginx.org/en/donation.html

pablo_platt · June 4, 2013, 2:55pm

2013/6/4 Sergey B. [email protected]:

No. I will try to wait until either systemd or upstart win.

In case you want to support other distros than Ubuntu, you should have
an eye on SystemD …but this is Off-Topic here.

Regards, Andre

pablo_platt · June 4, 2013, 3:04pm

It’s not clear to me how worker_rlimit_nofile, /etc/security/limits.conf
and setting ulimit in the init.d script are related.

Is worker_rlimit_nofile the same as using ulimit in the init.d script?
Or does ulimit sets the maximum limit and worker_rlimit_nofile the limit
per worker?

Why does the init.d script from the ubuntu repo let me set using ulimit
while the package from nginx.org doesn’t?
https://gist.github.com/aganov/1121022#file-nginx-L43

Does /etc/security/limits.conf has any effect on the nofile limit in
nginx
when it is started using init.d script?
For upstart, I know that you have to set the limit in the upstart script
and can’t use /etc/security/limits.conf

pablo_platt · June 4, 2013, 3:05pm

On 4 Jun2013, at 16:39 , Maxim D. [email protected] wrote:

I think the expected use is to supply arguments within the ULIMIT
variable.

You are probably right.

pablo_platt · June 4, 2013, 3:25pm

On 4 Jun2013, at 17:04 , pablo platt [email protected] wrote:

It’s not clear to me how worker_rlimit_nofile, /etc/security/limits.conf and
setting ulimit in the init.d script are related.

Is worker_rlimit_nofile the same as using ulimit in the init.d script?
Or does ulimit sets the maximum limit and worker_rlimit_nofile the limit per
worker?

All of them set RLIMIT_NOFILE (man 2 setrlimit).
If there is worker_rlimit_nofile directive in nginx.conf, nginx master
process
sets RLIMIT_NOFILE for new workers processes. This works no matter how
you start nginx.
ulimit -n in init script will works if nginx is started by init script.
limits.conf is used by pam_limits, so it works for:
% grep pam_limits /etc/pam.d/*
/etc/pam.d/atd:session required pam_limits.so
/etc/pam.d/cron:session required pam_limits.so
/etc/pam.d/login:session required pam_limits.so
/etc/pam.d/sshd:session required pam_limits.so
/etc/pam.d/su:# session required pam_limits.so

atd, cron, login, sshd processes and their child processes,
for example when you login locally or via ssh.

Why does the init.d script from the ubuntu repo let me set using ulimit while
the package from nginx.org doesn’t?
https://gist.github.com/aganov/1121022#file-nginx-L43

Does /etc/security/limits.conf has any effect on the nofile limit in nginx when
it is started using init.d script?
For upstart, I know that you have to set the limit in the upstart script and
can’t use /etc/security/limits.conf

limits.conf will not work if init script is started on system boot.

pablo_platt · June 4, 2013, 3:33pm

“worker_rlimit_nofile set RLIMIT_NOFILE for workers only, so master
process
still sees previous value.”
http://mailman.nginx.org/pipermail/nginx/2008-April/004596.html

If worker_rlimit_nofile doesn’t affect the master process and
limits.conf
doesn’t affect init script, do I need to call ulimit in the init.d
script?

pablo_platt · June 4, 2013, 4:36pm

On 4 Jun2013, at 17:32 , pablo platt [email protected] wrote:

“worker_rlimit_nofile set RLIMIT_NOFILE for workers only, so master process
still sees previous value.”
How to get nginx to see higher limit for file descriptors?

You hardly need to increase number of file descriptors for master
process, because
master process do not serve connections. worker_rlimit_nofile will not
help
you only if you have a lot of log files, more then or about of ulimit -n
value.

If worker_rlimit_nofile doesn’t affect the master process and limits.conf
doesn’t affect init script, do I need to call ulimit in the init.d script?

It’s up to you. Both ulimit in init script and worker_rlimit_nofile will
work.

pablo_platt · June 4, 2013, 7:13pm

So ulimit in the init script is redundant.

I’ll use worker_rlimit_nofile.

Thanks