The system resource limits
set forth:
Linux system using the various resources are limited, if you want to change the default threshold, can be effected through temporary command (ulimit) or configuration file (/etc/security/limits.conf and /etc/security/limits.d/ directory under file) permanently take effect in two ways.
limits.conf configuration instructions (restart to take effect)
note
Limit resource usage profile is /etc/security/limits.conf, and /etc/security/limits.d/ directory, / etc / security / limits.d / configuration which will cover the /etc/security/limits.conf configuration
Constraining resource type:
The size of the kernel file created, the size of the process data blocks, Shell process to create the file size, the size of the memory locked, set the size of permanent memory, the number of open file descriptors assigned maximum stack size, CPU time,
the maximum number of threads a single user, maximum virtual memory Shell process that can be used. At the same time, it supports the restriction of hard and soft resources resources.
Configuration File Format
# <Domain> <of the type> <Item> <value> # * Soft Core 0 #root Hard Core 100000 # * Hard rss 10000 # @ Student Hard nproc 20 # @ Faculty Soft nproc 20 # @ Faculty Hard nproc 50 # the FTP Hard nproc 0 # the FTP - chroot / the FTP # @ Student - maxlogins 4 ----------- dividing line, above the template configuration file, the following is added ----------- own ------------- * Soft nofile 655350 # represents any user can open a maximum number of file descriptors * Hard nofile 655350 * Soft nproc 655350# Indicates the maximum number of processes a user can open any * Hard nproc 655350 @student Hard nofile 65535 anyone #student group of up to 65,535 the number of open file descriptors, and will issue a warning 65000 open when @student soft nofile 65000 @student Hard nproc 50 anyone #student group can not have more than 50 process, and will warn you when the process has 30 @student Soft nproc 30
Description:
The first column indicates the user groups and (the beginning @). The second column shows the soft limit or hard limit, and the third column indicates the type of resource constraints, the fourth column represents the maximum limit of
the difference between hard and soft are: soft warning is a value, but it is a real sense of hard threshold, more than the error will, under normal circumstances are set to the same value.
core kernel files, nofile is the file descriptor, noproc is the process, under normal circumstances only limit the number of file descriptors and the number of processes enough
Tips:
limit for a user can also configure bashrc file types in the user's home directory ulimit command
ulimit use
Common command ulimit - A View all resource limits ulimit -n - the n-default viewing a soft limit ulimit - Hn limit View Hard ulimit -Sn 160000 set most soft limit, attention must be smaller than soft limit limit Hard ulimit -Hn 160000 by ulimit -Hn most Hard limit settings
Tuning System
1 ) arranged to unlimited use of some resources (unlimited): Data length: the ulimit - D Unlimited maximum memory size: the ulimit - m Unlimited stack size: the ulimit - S Unlimited the CPU time: the ulimit - T Unlimited virtual memory: the ulimit - V Unlimited These are just temporarily for login shell during a session with the ulimit command. Permanently, by a corresponding ulimit statement added to the file read by the login shell, the shell that is specific to the user resource files, such as: 2 ) Linux system to lift the maximum number of processes and the maximum number of open file limit: vi / etc / Security / the limits.conf # add the following lines * Soft noproc 11000 * Hard noproc 11000 * Soft nofile 4100 * Hard nofile 4100 Description:* Behalf for all users noproc represent the largest number of processes nofile is representing the maximum number of open files 3 ) allow SSH to accept login Login program is to facilitate the ssh View ulimit client - A resource limitations: A, vi / etc / ssh / sshd_config to UserLogin value changed to yes, and remove the comment # b, restart sshd service: /etc/init.d/ sshd restart 4 ) modify environment variables for all users linux file: vi / etc / Profile ulimit -u 10000 ulimit -n 4096 the ulimit - D Unlimited the ulimit - m Unlimited the ulimit - S Unlimited the ulimit-t unlimited ulimit -v unlimited
File descriptor resource limit
File descriptor fd:
Linux kernel file descriptor is an index for efficient management has been open file created, all of the IO operating system calls are using file descriptors. Each open file descriptor is created, the file pointer and the file descriptor, the descriptor indicates non-negative integers, the default file descriptors 3 is 0, i.e., standard input, standard output, , the standard error output. 3 opens a file that is started from, written to the file descriptor table. Each process in the PCB (Process Control Block) are process control block that is stored with a file descriptor table. How much can open file descriptor? Theory for how much memory you can open file descriptors, but the kernel memory management is generally 10% of the (system limit). File descriptor limit is part of the system resource constraints, but also by commissioning Ulimit or limits.conf two ways.
View
Check system limits:
Method 1.
[Weba the root-136 @ ~] # sysctl -a | grep fs.file-max
fs.file-max = 98622
Method 2.
[Weba the root-136 @ ~] # CAT / proc / SYS / FS / File-max
98 622
View user level restrictions:
ulimit -n
modify
The system constraint modification
temporary modification
[the root Weba-136 @ ~] # sysctl -w-max = 400000 fs.file
fs.file-max = 400000
by You have have new new mail in / var / spool / mail / the root
[@ Weba the root-136 ~] # echo 350000> / proc / SYS / FS / File-max
[136-Weba the root @ ~] # sysctl -a | grep fs.file-max
fs.file-max = 350000
[Weba the root-136 @ ~] #
permanently modify
the fs.file-max = 400000 /etc/sysctl.conf added to the configuration file.
User-level modification (maximum number of open files for individual processes)
temporarily modify, failure to restart the
file descriptor limit to the number ulimit -SHn 10240 # modifications can be opened
Permanent changes, all users take effect. (The hard, soft write to a file, the file format is # <domain> @ user or group name, or * <type> type of restriction hard soft <item> resource name <value> limit value)
vim / etc / Security / limits.conf
permanent changes, all users take effect. In /etc/security/limits.d/*.conf, the system will first read such files, this file will override /etc/security/limits.conf project in the project, suggested that the contents of the comment.
Permanent changes, modify a single user, write user environment variable ulimit -SHn 10240. written .bash_profile
echo "ulimit -SHn 10240" >> / root / .bash_profile, or in the startup script written application ulimit -n 10240