乐闻世界logo
2月17日 23:35

What are the purpose, configuration methods, and common application scenarios of Linux system resource limits ulimit?

Linux system resource limits (ulimit) is an important mechanism for controlling process resource usage, preventing processes from consuming excessive system resources.

ulimit basic concepts:

  • ulimit is a shell built-in command used to control resource limits of the shell process and its child processes
  • Limits are divided into soft limits and hard limits
  • Soft limits can be adjusted by users but cannot exceed hard limits
  • Hard limits can only be increased by root users
  • Configuration files: /etc/security/limits.conf, /etc/security/limits.d/

Common ulimit commands:

  • ulimit -a: display all current resource limits
  • ulimit -n: view/set maximum number of open files
  • ulimit -u: view/set maximum number of user processes
  • ulimit -s: view/set stack size
  • ulimit -v: view/set maximum virtual memory
  • ulimit -m: view/set maximum resident memory
  • ulimit -c: view/set core file size
  • ulimit -t: view/set maximum CPU time
  • ulimit -f: view/set maximum file size
  • ulimit -l: view/set maximum locked memory
  • ulimit -p: view/set pipe buffer size
  • ulimit -e: view/set maximum scheduling priority
  • ulimit -r: view/set maximum realtime priority

Resource limit types:

  • File descriptor limits:
    • open files: maximum number of open files (-n)
    • max locked memory: maximum locked memory (-l)
  • Process limits:
    • max user processes: maximum number of user processes (-u)
    • max pending signals: maximum pending signals
  • Memory limits:
    • max memory size: maximum resident memory (-m)
    • virtual memory: maximum virtual memory (-v)
    • stack size: stack size (-s)
  • CPU limits:
    • cpu time: maximum CPU time (-t)
    • max nice priority: maximum nice priority (-e)
    • max realtime priority: maximum realtime priority (-r)
  • Other limits:
    • file size: maximum file size (-f)
    • pipe size: pipe buffer size (-p)
    • core file size: core file size (-c)

limits.conf configuration format:

  • Format:
  • domain: can be user, group, * (all users), %groupname
  • type: soft (soft limit), hard (hard limit), - (set both soft and hard limits)
  • item: resource type, such as nofile, nproc, memlock, etc.
  • value: limit value, unlimited means no limit

Configuration examples:

shell
# Limit maximum open files for all users
* soft nofile 65535
* hard nofile 65535

# Limit maximum processes for specific user
username soft nproc 4096
username hard nproc 8192

# Limit maximum memory for specific group
@groupname soft memlock 1048576
@groupname hard memlock 2097152

# Enable core files
* soft core unlimited
* hard core unlimited

Temporary modification of limits:

  • Modify in current shell: ulimit -n 65535
  • Only valid for current shell and its child processes
  • Invalid after exiting shell

Permanent modification of limits:

  • Edit /etc/security/limits.conf file
  • Edit configuration files in /etc/security/limits.d/ directory
  • Requires re-login to take effect after modification
  • For service processes, need to restart the service

systemd service limits:

  • Set limits in service configuration file
  • Configuration items:
    • LimitNOFILE=65535: maximum number of open files
    • LimitNPROC=4096: maximum number of processes
    • LimitMEMLOCK=infinity: maximum locked memory
    • LimitCORE=infinity: core file size
  • Example: 
    shell
    [Service]
LimitNOFILE=65535
LimitNPROC=4096

Common application scenarios:

  • Web servers (Nginx, Apache):
    • Increase maximum open files: ulimit -n 65535
    • Increase maximum processes: ulimit -u 4096
  • Database servers (MySQL, PostgreSQL):
    • Increase maximum open files: ulimit -n 65535
    • Increase core file size: ulimit -c unlimited
  • High concurrency applications:
    • Increase maximum open files: ulimit -n 65535
    • Increase maximum processes: ulimit -u 8192
  • Development environment:
    • Enable core files: ulimit -c unlimited
    • Increase core file size: ulimit -c unlimited

View process limits:

  • View limits for PID: cat /proc/PID/limits
  • View number of open files for process: ls /proc/PID/fd | wc -l
  • View number of process threads: ps -eLf | grep PID | wc -l

Troubleshooting:

  • "Too many open files" error: increase ulimit -n
  • "Cannot allocate memory" error: check memory limits
  • Process cannot start: check process limit
  • Core file not generated: check core file limit

Best practices:

  • Set reasonable limit values based on application requirements
  • Do not set excessively high limit values to avoid resource exhaustion
  • Monitor resource usage and adjust limits in time
  • Verify in test environment before applying in production
  • Regularly check and update limit configurations
标签:Linux