Most UNIX-like operating systems, including Linux and macOS, provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis. These “ulimits” prevent single users from using too many system resources. Sometimes, these limits have low default values that can cause a number of issues.
Understanding soft hard ulimit
There are both “hard” and the “soft” ulimit s that affect performance. The “hard” ulimit refers to the maximum number of processes that a user can have active at any time. This is the ceiling: no non-root process can increase the “hard” ulimit. In contrast, the “soft” ulimit is the limit that is actually enforced for a session or process, but any process can increase it up to “hard” ulimit maximum.
A low “soft” ulimit can cause can’t create new thread, closing connection errors if the number of connections grows too high. For this reason, it is extremely important to set both ulimit values to the recommended values.
How to find ulimit for a user in Linux
run it as root either using the su command or sudo command:
su – user -c “ulimit -a”
su – user –shell /bin/sh -c “ulimit -a”
## we can use the sudo command ##
sudo -u user bash -c “ulimit -a”
sudo -u user sh -c “ulimit -a”
How to check ulimit for a process
The /proc file-system stores the per-process limits in the file system object located at /proc/<pid>/limits, where <pid> is the process’s PID or process identifier.
The syntax is:
cat /proc/PID/limits
First find PID (process ID) for nginx, run ps command along with the grep command:
ps aux | grep nginx
Now run the following cat command:
cat /proc/8868/limits
How to change ulimit in Linux
The limits module that handles the setting of these values first reads /etc/security/limits.conf and then reads each file matching /etc/security/limits.d/*.conf. This means that any changes we make in /etc/security/limits.conf may be overridden by a subsequent file. These files should be reviewed as a set to ensure they meet our requirements.
After changing the ulimit settings, we must restart the process to take advantage of the modified settings. On Linux, we can use the /proc file system to see the current limitations on a running process.
Depending on our system’s configuration, and default settings, any change to system limits made using ulimit may revert following a system restart.
Ulimit with systemd
If we start a instance as a systemd service, we can specify limits within the [Service] section of its service file. The service file has a location like /etc/systemd/system/<process-name>.service.
we can set limits by using resource limit directives.
Specify the Recommended ulimit Settings, as in the following example:
[Service]
# Other directives omitted
# (file size)
LimitFSIZE=infinity
# (cpu time)
LimitCPU=infinity
# (virtual memory size)
LimitAS=infinity
# (locked-in-memory size)
LimitMEMLOCK=infinity
# (open files)
LimitNOFILE=64000
# (processes/threads)
LimitNPROC=64000