Ulimit-n modification
Temporary modification: Ulimit-shn 65535
Permanent modification: Echo ' *-nofile 65535 ' >>/etc/security/limits.conf
Linux system open the maximum value of the file descriptor, the general default value is 1024, for a busy server, this value is small, it is necessary to reset the Linux system open file descriptor maximum value. So where should it be set up?
- [Email protected] security]# ulimit-a
- Core file size (blocks,-c) 0
- Data seg Size (Kbytes,-D) Unlimited
- Scheduling Priority (-e) 0
- File size (blocks,-f) Unlimited
- Pending signals (-i) 30518
- Max locked Memory (Kbytes, L) 64
- Max memory Size (Kbytes,-m) unlimited
- Open files (-N) 1024
- Pipe Size (bytes,-p) 8
- POSIX message queues (bytes,-Q) 819200
- Real-time priority (-R) 0
- Stack size (Kbytes,-s) 10240
- CPU time (seconds,-t) unlimited
- MAX User Processes (-u) 1024
- Virtual Memory (Kbytes,-V) Unlimited
- File locks (-X) Unlimited
- [Email protected] security]# ulimit-n 10240
- [Email protected] security]# ulimit-a
- Core file size (blocks,-c) 0
- Data seg Size (Kbytes,-D) Unlimited
- Scheduling Priority (-e) 0
- File size (blocks,-f) Unlimited
- Pending signals (-i) 30518
- Max locked Memory (Kbytes, L) 64
- Max memory Size (Kbytes,-m) unlimited
- Open files (-N) 10240
- Pipe Size (bytes,-p) 8
- POSIX message queues (bytes,-Q) 819200
- Real-time priority (-R) 0
- Stack size (Kbytes,-s) 10240
- CPU time (seconds,-t) unlimited
- MAX User Processes (-u) 1024
- Virtual Memory (Kbytes,-V) Unlimited
- File locks (-X) Unlimited
- [Email protected] security]#
- </font></font></font></font>
Copy Code1. Command usage
Command: Ulimit
Function: Control the resources of shell program
Syntax: ulimit [-ahs][-c <core file Upper >][-d < data section size >][-f < file size >][-m < memory size >][-n < number of files >][-p < Buffer size >][-s < stack size >][-t <cpu time >][-u < number of programs >][-v < virtual memory size;]
Additional Note: Ulimit is a shell built-in directive that can be used to control the resources of shell execution programs.
Parameters
-a displays the current resource limit settings.
-C <core File cap > set the maximum value of the core file, in chunks.
-D < data section size > Maximum value of the Program Data section, in kilobytes.
-F < file size > The largest file the shell can create, in chunks.
-H sets the hard limit for the resource, which is the limit set by the administrator.
-m < memory size > Specifies the maximum amount of memory that can be used, in kilobytes.
-N < number of files > specifies the maximum number of files that can be opened at the same time.
-p < buffer size > Specifies the size of the pipe buffer, in 512 bytes.
-s < stack size > specifies the upper bound of the stack in kilobytes.
-S sets the elastic limit for the resource.
-T <CPU time > Specifies the maximum CPU usage time in seconds.
-U < number of processes > number of processes the user can start.
-v < virtual memory size > Specifies the maximum amount of virtual memory that can be used, in kilobytes.
2. System Tuning
As mentioned earlier, Ulimit-a is used to display the current various user process limits.
Linux for each user, the system limits its maximum number of processes. In order to improve performance, according to the equipment resource situation,
To set the maximum number of processes for each Linux user, let me set the maximum number of processes for a Linux user to 10,000:
Ulimit-u 10000
For Java applications that need to do many socket connections and leave them open,
It is best to modify the number of files that each process can open by using Ulimit-n xx, which is the default value of 1024.
Ulimit-n 4096 increase the number of files that can be opened by each process to 4096, with a default of 1024
Some of the important settings that other recommendations are set to unrestricted (unlimited) are:
Data segment Length: ulimit-d Unlimited
Maximum memory size: Ulimit-m Unlimited
stack size: ulimit-s Unlimited
CPU Time: Ulimit-t Unlimited
virtual Memory: Ulimit-v Unlimited
Temporarily, applies to a shell session that is logged on through the Ulimit command.
Permanently, by adding a corresponding Ulimit statement to the file read by the login shell, the shell-specific user resource file, such as:
1) Unlock the maximum number of processes and maximum file opening limits for Linux systems:
vi/etc/security/limits.conf
# Add the following line
* Soft Noproc 11000
* Hard Noproc 11000
* Soft Nofile 4100
* Hard Nofile 4100
Description:
* represents for all users
Noproc represents the maximum number of processes
Nofile is the number of open files representing the maximum file
2) let SSH accept login program login, easy to view ulimit-a resource limit in SSH client:
A, Vi/etc/ssh/sshd_config
Change the value of Userlogin to Yes and remove the # comment
B. Restart the SSHD service:
/etc/init.d/sshd restart
3) Modify the environment variable files for all Linux users:
Vi/etc/profile
Ulimit-u 10000
ulimit-n 4096
Ulimit-d Unlimited
Ulimit-m Unlimited
Ulimit-s Unlimited
Ulimit-t Unlimited
Ulimit-v Unlimited
/**************************************
Sometimes in the program need to open multiple files for analysis, the system is generally the default number is 1024, (with ULIMIT-A can see) for normal use is enough, but for the program, it is too little.
Modify 2 files.
1)/etc/security/limits.conf
Vi/etc/security/limits.conf
Plus:
* Soft Nofile 8192
* Hard Nofile 20480
2)/etc/pam.d/login
Session required/lib/security/pam_limits.so
**********
Also make sure that the/etc/pam.d/system-auth file has the following content
session required/lib/security/$ISA/pam_limits.so
this line ensures that the system will enforce this restriction.
***********
3) General user's. Bash_profile
#ulimit-N 1024
Re-login OK
3./proc Directory:
1) The/proc directory contains many parameters for the current state of the system, for example: reference
/proc/sys/fs/file-max
/proc/sys/fs/inode-max
is the limit to the whole system, not for the user;
2) The values in the proc directory can be dynamically set, and if you want to be permanently active, you can modify the/etc/sysctl.conf file and confirm it with the following command:
# sysctl-p
For example Increase:
Reference
Fs.file-max=xxx
Fs.inode-max=xxx
Umilit Modifying the maximum number of files that can be opened in Linux