对于一般的应用来说(像Apache、系统进程)1024完全足够使用。但是像squid、mysql、java等单进程处理大量请求的应用来说就有点捉襟见肘了。如果单个进程打开的文件句柄数量超过了系统定义的值,就会提到“too many files open”的错误提示。怎么查看当前进程打开了多少个文件句柄呢?
lsof -n |awk '{print $2}'|sort|uniq -c |sort -nr|more
在系统访问高峰时间以root用户执行上面的脚本,可能出现的结果如下:
# lsof -n|awk '{print $2}'|sort|uniq -c |sort -nr|more
131 24204
57 24244
57 24231
56 24264
其中第一行是打开的文件句柄数量,第二行是进程号;得到进程号后,通过ps命令得到进程的详细内容。
ps -aef|grep 24204
mysql 24204 24162 99 16:15 ? 00:24:25 /usr/sbin/mysqld
原来是mysql进程打开最多文件句柄数量。但是他目前只打开了131个文件句柄数量,远远底于系统默认值1024;
//使用ulimit查看系统当前参数设置
[root@localdomain ~]# ulimit -a
core file size (blocks, -c) 0 core文件的最大值为100 blocks
data seg size (kbytes, -d) unlimited 进程的数据段可以任意大
scheduling priority (-e) 0
file size (blocks, -f) unlimited 文件可以任意大
pending signals (-i) 7424
max locked memory (kbytes, -l) 64 个任务锁住的物理内存的最大值为32kB
max memory size (kbytes, -m) unlimited 一个任务的常驻物理内存的最大值
open files (-n) 1024 一个任务最多可以同时打开1024的文件
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 1024 当前用户同时打开的进程(包括线程)的最大个数
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
1.修改用户句柄数:
vi /etc/security/limits.conf在文件末尾增加
# add open files
* soft core unlimited
* hard core unlimited
* soft fsize unlimited
* hard fsize unlimited
* soft data unlimited
* hard data unlimited
* soft nproc 65535
* hard nproc 63535
* soft stack unlimited
* hard stack unlimited
* soft nofile 65535
* hard nofile 65535
2.修改用户进程数:
vim /etc/security/limits.d/90-nproc.conf
把1024修改成65535,默认情况下普通用户是1024,root没有限制;
* soft nproc 65536
root soft nproc unlimited
3.通常/etc/sysctl.conf 不需要修改,配置内存在使用到95%时启用swap具体如下:
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
vm.swappiness=5
最是执行文件生效命令:sysctl -p