Ubuntu 21.10 ulimit(開啟檔案描述子)未正確應用

tag-icon tag-icon ubuntu pam limits max-file-descriptors file-descriptors
Ubuntu 21.10 ulimit(開啟檔案描述子)未正確應用

這種情況很奇怪,因為我有 2 台相同的伺服器,具有相同的應用程序,但是

在一台伺服器上,我從自訂應用程式中收到 ulimit 錯誤,ulimit error: too many open files但在另一台伺服器上,它按預期工作。

我確實確保配置是相同的,但我無法弄清楚為什麼這樣做。

事實

/etc/systemd/system.conf DefaultLimitNOFILE=100000000:100000000

/etc/systemd/user.conf DefaultLimitNOFILE=10000000

/etc/security/limits.conf

arserver         soft     nproc          10000000
arserver         hard     nproc          10000000
arserver        soft     nofile         10000000
arserver        hard     nofile         10000000
root soft     nproc          10000000
root hard     nproc          10000000
root soft     nofile         10000000
root hard     nofile         10000000

貓 /etc/sysctl.conf

net.core.rmem_default = 65536
net.core.wmem_default = 65536
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.ipv4.tcp_max_orphans = 4096
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_fastopen = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 32768 65535
vm.nr_hugepages = 1250
fs.file-max = 10000000

貓追蹤日誌 | grep pam_limits

arserver@arserver03:/carmicli/carmi$ cat testlog1 | grep limits
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/security/pam_limits.so", O_RDONLY|O_CLOEXEC) = 7
openat(AT_FDCWD, "/proc/1/limits", O_RDONLY) = 7
openat(AT_FDCWD, "/etc/security/limits.conf", O_RDONLY) = 7
read(7, "# /etc/security/limits.conf\n#\n#E"..., 4096) = 2345
openat(AT_FDCWD, "/etc/security/limits.d", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 7
openat(AT_FDCWD, "/proc/1/limits", O_RDONLY) = 7
openat(AT_FDCWD, "/etc/security/limits.conf", O_RDONLY) = 7
read(7, "# /etc/security/limits.conf\n#\n#E"..., 4096) = 2345
openat(AT_FDCWD, "/etc/security/limits.d", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 7

ulimit -a ulimit 重新啟動後在 ulimit 中更新,但應用程式仍然無法啟動

arserver@arserver03:/carmicli/carmi$ ulimit -a
real-time non-blocking time  (microseconds, -R) unlimited
core file size              (blocks, -c) 0
data seg size               (kbytes, -d) unlimited
scheduling priority                 (-e) 0
file size                   (blocks, -f) unlimited
pending signals                     (-i) 1030919
max locked memory           (kbytes, -l) 32998380
max memory size             (kbytes, -m) unlimited
open files                          (-n) 1048576
pipe size                (512 bytes, -p) 8
POSIX message queues         (bytes, -q) 819200
real-time priority                  (-r) 0
stack size                  (kbytes, -s) 8192
cpu time                   (seconds, -t) unlimited
max user processes                  (-u) 10000000
virtual memory              (kbytes, -v) unlimited
file locks                          (-x) unlimited

還創建了 systemd 服務,看看我是否可以像這樣覆蓋全域限制

[Unit]
Description=Carmi Miner
After=network.target

[Service]
User=root
WorkingDirectory=/app/carmi/
ExecStart=/app/carmi/app.elf
Restart=on-abnormal

LimitNOFILE=1000000000
LimitNOFILESoft=1000000000

[Install]
WantedBy=multi-user.target

但還是失敗了

Apr 08 14:19:45 arserver app.elf[3553]: ulimit error:  too many open files, possibly.
Apr 08 14:19:45 arserver systemd[1]: app.service: Main process exited, code=exited, status=19/n/a
Apr 08 14:19:45 arserver systemd[1]: app.service: Failed with result 'exit-code'.
Apr 08 14:19:45 arserver systemd[1]: app.service: Consumed 21.420s CPU time.

我還將 pam_limits.so 添加到 pam.d 配置中,因為我讀到在非 LSB 版本中,某些部分可能會丟失它。新增了 common_session sudo 和 sshd 所需的內容


arserver@arserver03:/app/app$ grep -r "pam_limit" /etc/pam.d/
/etc/pam.d/cron:session    required   pam_limits.so
/etc/pam.d/login:session    required   pam_limits.so
/etc/pam.d/sshd:session    required     pam_limits.so
/etc/pam.d/sudo:session    required   pam_limits.so
/etc/pam.d/su:session    required   pam_limits.so
/etc/pam.d/common-session:session required        pam_limits.so
/etc/pam.d/common-session-noninteractive:session    required   pam_limits.so
/etc/pam.d/runuser:session      required    pam_limits.so

arserver@arserver03:/carmicli/carmi$ grep -r "pam_limit" /etc/pam.d/
/etc/pam.d/cron:session    required   pam_limits.so
/etc/pam.d/login:session    required   pam_limits.so
/etc/pam.d/sshd:session    required     pam_limits.so
/etc/pam.d/sudo:session    required   pam_limits.so
/etc/pam.d/su:session    required   pam_limits.so
/etc/pam.d/common-session:session required        pam_limits.so
/etc/pam.d/common-session-noninteractive:session    required   pam_limits.so
/etc/pam.d/runuser:session      required    pam_limits.so

過去一周我一直在為這個問題絞盡腦汁,如果有人能夠提供幫助,我將不勝感激。

轉到 ubuntu 20.04 是一種選擇,但需要很長時間才能移動數據,因此如果可能的話,我更願意找出解決方案。

更新

當我執行sudo suroot 操作時,我遇到了同樣的問題,但在身份驗證日誌中出現此錯誤

Apr  8 14:45:31 arserver05 su: pam_limits(su:session): Could not set limit for 'nofile' to soft=10000000, hard=10000000: Operation not permitted; uid=0,euid=0
Apr  8 14:45:31 arserver05 su: pam_limits(su:session): Could not set limit for 'nofile' to soft=10000000, hard=10000000: Operation not permitted; uid=0,euid=0

更新2

無法設定上面的ulimit1048576

root@arserver03:/home/arserver# ulimit -n 1048576
root@arserver03:/home/arserver# ulimit -n 10485767
bash: ulimit: open files: cannot modify limit: Operation not permitted
root@arserver03:/home/arserver# ulimit -n 1048576

相關內容