I recently checked one of our redis processes to what ulimits where applied using:
cat /proc/<redis-pid>/limits
And was suprised to learn that is was at the low default value:
Limit Soft Limit Hard Limit
Max open files 4016 4016
I was suprised, because we have the following configured:
# /etc/sysctl.conf
fs.file-max = 100000
.
# /etc/security/limits.conf
* soft nofile 100000
* hard nofile 100000
.
# /etc/ssh/sshd_config
UsePAM yes
.
# /etc/pam.d/sshd
session required pam_limits.so
Can anyone tell me why the increased ulimit is not being applied to the running redis process?
The redis process is running as the user 'redis', the server has been rebooted since the limits were increased. We are on Debian Squeeze.
In Linux resource limits can be set in various locations based on the type of requirement.
/etc/security/limits.conf
file./etc/sysctl.conf
file.ulimit
command/etc/security/limits.conf
is part of pam_limits and so the limits that are set in this file is read by pam_limits module during login sessions. The login session can be byssh
or throughterminal
. And pam_limits will not affect the daemon processes as mentioned here./etc/sysctl.conf
is a system wide global configuration, we cannot set user specific configuration here. It sets the maximum amount of resource that can be used by all users/processes put to gether.ulimit
command is used to set the limits of the shell. And so when a limit is set withulimit
on a shell, the process which gets spawned from the shell gets that value too because of the rule that thechild process
inherits theparent processes
properties.And so for your case, as the
redis
is started as part ofinit
none of the above will help you directly. The proper way of doing this is that, you have to use theulimit
command to set the new value in the init script itself. Like below in the script,There is already a bug filed in wishlist to add
ulimit
feature tostart-stop-daemon
.Also check in
redis
configuration if there is any way of providing limits there.The sysctl fs.file-max parameter is wide global system limit, i don't think is a good idea setting in ulimit the same value.
If you set in ulimit 100000 and in sysctl.conf 100000 too, one user can block the system
Any way, talking about your problem, you neet to be sure, your system use pam_limits
You've enabled pam_limits for sshd, but is this command being executed from an SSH session? You may need to add the same line to
/etc/pam.d/login
and/or/etc/pam.d/su
and/or/etc/pam.d/sudo
.