How to set ulimits for a service starting at boot?

linux mysql automation chef ulimit
41,493

Solution 1

$ echo "* hard nofile 102400" >> /etc/security/limits.conf
$ echo "* soft nofile 102400" >> /etc/security/limits.conf
$ sysctl -w fs.file-max=102400
$ sysctl -p

The 4 steps can change your system's limits immediately, and can still work after your reboot. You can change the number "102400" to the number of max open-file in your linux system as you want. and 

$ sysctl -p

to load in sysctl settings from the file specified or /etc/sysctl.conf if none given.

Solution 2

/etc/sysctl.conf should be able to set the ulimits items. I've not been able to test this well but survey says you should be able to stop after it's set in sysctl.conf.

I've found various topics that show it's still a problem though and my team and I have discussed some options around this we have found two potential workarounds.

Option 1: Most rhel initscripts source /etc/init.d/functions, you could change the ulimit settings there

Option 2: init claims that /etc/initscript is sourced everytime before init spawns whatever see: http://linux.die.net/man/5/initscript. Interestingly enough they say its where people can set ulimit =)

Solution 3

Self-contained recipe snippet based on this url:

http://pro.benjaminste.in/post/318453669/increase-the-number-of-file-descriptors-on-centos-

Recipe Snippet:

ruby_block "edit /etc/sysctl.conf" do
  _file = "/etc/sysctl.conf"
  _comment = "# TWEAK BY CHEF"
  _content = "fs.file-max = 512000"
  block do
    file = Chef::Util::FileEdit.new(_file)
    file.insert_line_if_no_match(/#{Regexp.escape(_comment)}/, "#{_comment}\n#{_content}")
    file.write_file
  end
  not_if "cat #{_file} | grep '#{_comment}'"
  notifies :run, "execute[sysctl -p]", :immediately
end

execute "sysctl -p" do
  command "sysctl -p"
  returns 255 # which would normally signify error, but doesn't on sysctl on CentOS
  action :nothing
end

ruby_block "edit /etc/security/limits.conf" do
  _file = "/etc/security/limits.conf"
  _comment = "# TWEAK BY CHEF"
  _content = "* - nofile 65535"
  block do
    file = Chef::Util::FileEdit.new(_file)
    file.insert_line_if_no_match(/#{Regexp.escape(_comment)}/, "#{_comment}\n#{_content}")
    file.write_file
  end
  not_if "cat #{_file} | grep '#{_comment}'"
end

Solution 4

My solution was simply doing this in our chef recipe:

# Ensure ulimits are properly set for the initscript
bash "Set Ulimits" do
    user "root"
    code <<-EOH
    echo -e "n#Setting ulimits. Performed by chef recipe MYSQLULIMIT\nulimit -l" >> /etc/sysconfig/init
    EOH
    not_if "grep MYSQLULIMIT /etc/sysconfig/init"
end

This causes the ulimit -l to get set for all initscripts, which may be undesirable in some environments, but is fine for mine.

In a perfect world, I'd get the RPM updated to include a /etc/sysconfig/mysqld, and put the same ulimit -l command in there.

Solution 5

The RedHat way, as described in article 253043 (subscription required) is to add appropriate ulimit statements to /etc/sysconfig/<service name>. For example:

# echo "ulimit -SHn 10240   # nfile" >> /etc/sysconfig/myServiceName

(Use the existing file for your service instead of myServiceName.)

For daemons that start without using the RedHat "sysconfig" script, you would need to add the appropriate ulimit lines to the daemon startup script.

Share:
41,493

Related videos on Youtube

jayofdoom
Author by

jayofdoom

Updated on September 18, 2022

Comments

  • jayofdoom
    jayofdoom over 1 year

    I need, for mysql to use large-pages, to set a ulimit - I've done this in limits.conf. However, limits.conf (pam_limits.so), doesn't get read in for init, only for "real" shells. I solved this before by adding a "ulimit -l" to the initscript start function. I need some sort of repeatable way to do this, now that the boxes are managed with chef, and we don't want to take over a file that's actually owned by the RPM.

  • jayofdoom
    jayofdoom about 12 years
    There are pieces of configuration required to do this that belong in sysctl.conf, and those are in place -- we just need to modify ulimits to allow those hugepages to be accessed.
  • phemmer
    phemmer about 12 years
    This wont solve the poster's issue. Pam is only invoked when a user opens a session (shell). Since the init system is started independently of user sessions, pam does not apply.
  • Matt
    Matt almost 7 years
    Note that the wildcard * does not work for root user, you'll have to specify root explicitly...
  • Alchemist
    Alchemist over 6 years
    @Xarses is right. limit.conf will not get applied for some daemon starting at boot time. I don't believe this answers the question.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Stored procedure that Automatically delete rows older than 7 days in MYSQL
MySQL open files limit
MySQL remote connection [not as usual]
How to add a line into rc.local with shell
Mysqldump couldn't excute show fields
Error:mysqld.service: Start request repeated too quickly. On manjaro
mysql.sock not found, where can i find it?
How to limit memory usage within a python process
Package Requires: libcurl.so.3
How to import sql file into a bash script