对于一般的应用来说(像Apache、系统进程)1024完全足够使用。但是像squid、mysql、java等单进程处理大量请求的应用来说就有点捉襟见肘了。如果单个进程打开的文件句柄数量超过了系统定义的值,就会提到“too many files open”的错误提示。怎么查看当前进程打开了多少个文件句柄呢?
lsof -n |awk '{print $2}'|sort|uniq -c |sort -nr|more
在系统访问高峰时间以root用户执行上面的脚本,可能出现的结果如下:
# lsof -n|awk '{print $2}'|sort|uniq -c |sort -nr|more
131 24204
57 24244
57 24231
56 24264
其中第一行是打开的文件句柄数量,第二行是进程号;得到进程号后,通过ps命令得到进程的详细内容。
ps -aef|grep 24204
mysql 24204 24162 99 16:15 ? 00:24:25 /usr/sbin/mysqld
原来是mysql进程打开最多文件句柄数量。但是他目前只打开了131个文件句柄数量,远远底于系统默认值1024;
//使用ulimit查看系统当前参数设置
[root@localdomain ~]# ulimit -a core file size (blocks, -c) 0 core文件的最大值为100 blocks data seg size (kbytes, -d) unlimited 进程的数据段可以任意大 scheduling priority (-e) 0 file size (blocks, -f) unlimited 文件可以任意大 pending signals (-i) 7424 max locked memory (kbytes, -l) 64 个任务锁住的物理内存的最大值为32kB max memory size (kbytes, -m) unlimited 一个任务的常驻物理内存的最大值 open files (-n) 1024 一个任务最多可以同时打开1024的文件 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 1024 当前用户同时打开的进程(包括线程)的最大个数 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
1.修改用户句柄数:
vi /etc/security/limits.conf在文件末尾增加 # add open files * soft core unlimited * hard core unlimited * soft fsize unlimited * hard fsize unlimited * soft data unlimited * hard data unlimited * soft nproc 65535 * hard nproc 63535 * soft stack unlimited * hard stack unlimited * soft nofile 65535 * hard nofile 65535
2.修改用户进程数:
vim /etc/security/limits.d/90-nproc.conf 把1024修改成65535,默认情况下普通用户是1024,root没有限制; * soft nproc 65536 root soft nproc unlimited
3.通常/etc/sysctl.conf 不需要修改,配置内存在使用到95%时启用swap具体如下:
# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Do not accept source routing net.ipv4.conf.default.accept_source_route = 0 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 # Controls the use of TCP syncookies net.ipv4.tcp_syncookies = 1 # Disable netfilter on bridges. net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0 # Controls the default maxmimum size of a mesage queue kernel.msgmnb = 65536 # Controls the maximum size of a message, in bytes kernel.msgmax = 65536 # Controls the maximum shared segment size, in bytes kernel.shmmax = 68719476736 # Controls the maximum number of shared memory segments, in pages kernel.shmall = 4294967296 vm.swappiness=5
最是执行文件生效命令:sysctl -p