We use postgres and pgbouncer as kernel DB for one huge project. Some secure requirements:
/etc/security/limits.conf
soft nofile 65535
hard nofile 65535
/etc/sysctl.conf
fs.file-max = 1000000
fs.inotify.max_user_watches = 1000000
soft nofile 65535
hard nofile 65535
/etc/sysctl.conf
fs.file-max = 1000000
fs.inotify.max_user_watches = 1000000
Don`t forget to remove # at /etc/pam.d/login (remarked by default). And how to change nolimit on the fly.
# Sets up user limits according to /etc/security/limits.conf
# (Replaces the use of /etc/limits in old login)
session required pam_limits.so
# (Replaces the use of /etc/limits in old login)
session required pam_limits.so
and at next login or service restart you will get new limits. To change limits for currently running processes (I really try to avoid db restart. It`s usually very complicated and require maintenance period) use prlimit
prlimit introduced at util-linux-2.21 supported since Linux 2.6.36.
#ps aux | grep postgresql
postgres 24212 0.0 0.0 102004 4308 ? S Apr21 9:41 /usr/lib/postgresql/9.2/bin/postgres -D /var/lib/postgresql/9.2/main -c config_file=/etc/postgresql/9.2/main/postgresql.conf
#cat /proc/24212/limits
# cat /proc/24212/limits | grep "Max open files"
Max open files 1024 4096 files
#
#prlimit --pid=907 --nofile=65535:65535
root@dbase3:~/1# cat /proc/24212/limits | grep "Max open files"
Max open files 65535 65535 files
postgres 24212 0.0 0.0 102004 4308 ? S Apr21 9:41 /usr/lib/postgresql/9.2/bin/postgres -D /var/lib/postgresql/9.2/main -c config_file=/etc/postgresql/9.2/main/postgresql.conf
#cat /proc/24212/limits
# cat /proc/24212/limits | grep "Max open files"
Max open files 1024 4096 files
#
#prlimit --pid=907 --nofile=65535:65535
root@dbase3:~/1# cat /proc/24212/limits | grep "Max open files"
Max open files 65535 65535 files
In case emergency (you need build new util-linux for prlimit) compile your own tool to sel nofile limits
http://lzone.de/taxonomy/term/2
#define _GNU_SOURCE
#define _FILE_OFFSET_BITS 64
#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/resource.h>
#define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \
} while (0)
int
main(int argc, char *argv[])
{
struct rlimit old, new;
struct rlimit *newp;
pid_t pid;
if (!(argc == 2 || argc == 4)) {
fprintf(stderr, "Usage: %s <pid> [<new-soft-limit> "
"<new-hard-limit>]\n", argv[0]);
exit(EXIT_FAILURE);
}
pid = atoi(argv[1]); /* PID of target process */
newp = NULL;
if (argc == 4) {
new.rlim_cur = atoi(argv[2]);
new.rlim_max = atoi(argv[3]);
newp = &new;
}
if (prlimit(pid, RLIMIT_NOFILE, newp, &old) == -1)
errExit("prlimit-1");
printf("Previous limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur, (long long) old.rlim_max);
if (prlimit(pid, RLIMIT_NOFILE, NULL, &old) == -1)
errExit("prlimit-2");
printf("New limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur, (long long) old.rlim_max);
exit(EXIT_FAILURE);
}
#define _FILE_OFFSET_BITS 64
#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/resource.h>
#define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \
} while (0)
int
main(int argc, char *argv[])
{
struct rlimit old, new;
struct rlimit *newp;
pid_t pid;
if (!(argc == 2 || argc == 4)) {
fprintf(stderr, "Usage: %s <pid> [<new-soft-limit> "
"<new-hard-limit>]\n", argv[0]);
exit(EXIT_FAILURE);
}
pid = atoi(argv[1]); /* PID of target process */
newp = NULL;
if (argc == 4) {
new.rlim_cur = atoi(argv[2]);
new.rlim_max = atoi(argv[3]);
newp = &new;
}
if (prlimit(pid, RLIMIT_NOFILE, newp, &old) == -1)
errExit("prlimit-1");
printf("Previous limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur, (long long) old.rlim_max);
if (prlimit(pid, RLIMIT_NOFILE, NULL, &old) == -1)
errExit("prlimit-2");
printf("New limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur, (long long) old.rlim_max);
exit(EXIT_FAILURE);
}
0 Comments.