[squid-users] The right way how to increase max_filedescriptors on Linux

kAja Ziegler ziegleka at gmail.com
Mon May 21 12:08:56 UTC 2018 

Hi,

  I want to ask, if it is really needed to use ulimit or
/etc/security/limits.conf to increase max_filedescriptors value? From my
testing, it seems not.


*= my environment:*

CentOS 6.9
Squid 3.1.23 / 3.4.14

*- default ulimits for root and other users:*

[root at ...]# ulimit -Sa | grep -- '-n'
open files                      (-n) 1024
[root at ...]# ulimit -Ha | grep -- '-n'
open files                      (-n) 4096

*- default ulimits for squid user:*

[root at ...]# sudo -u squid /bin/bash
bash-4.1$ id
uid=23(squid) gid=23(squid) groups=23(squid),...
bash-4.1$ ulimit -Sa | grep -- '-n'
open files                      (-n) 1024
bash-4.1$ ulimit -Ha | grep -- '-n'
open files                      (-n) 4096

*- processes:*

[root at ...]# ps aux | grep squid
root      7194  0.0  0.1  73524  3492 ?        Ss   May17   0:00 squid -f
/etc/squid/squid.conf
squid     7197  0.2 10.9 276080 210156 ?       S    May17   4:53 (squid) -f
/etc/squid/squid.conf
squid     7198  0.0  0.0  20080  1084 ?        S    May17   0:00 (unlinkd)

*- error and warning messages from cache.log:*

client_side.cc(3070) okToAccept: WARNING! Your cache is running out of
filedescriptors

comm_open: socket failure: (24) Too many open files

IpIntercept.cc(137) NetfilterInterception:  NF getsockopt(SO_ORIGINAL_DST)
failed on FD 68: (2) No such file or directory ... (many with different FD)



I found many How-tos like these - https://access.redhat.com/solutions/63027
and
https://www.cyberciti.biz/faq/squid-proxy-server-running-out-filedescriptors/.
Both how-tos mention editing the file /etc/security/limits.conf and adding
the line "* - nofile 4096" to increase the nofile limit for all users
except root - I don't like this. According to my test, see below,  this is
not necessary, but I want to be sure, so I'm writing here.


*a) Squid default configuration (max_filedesc 0) and default nofile limit
(1024/4096):*

[root at ...]# ps aux | grep squid
root     17837  0.0  0.1  73524  3496 ?        Ss   13:45   0:00 squid -f
/etc/squid/squid.conf
squid    17840  0.3  0.5  76552 10860 ?        S    13:45   0:00 (squid) -f
/etc/squid/squid.conf
squid    17841  0.0  0.0  20080  1084 ?        S    13:45   0:00 (unlinkd)

[root at ...]# grep -E "Limit|Max open files" /proc/17837/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            1024                 4096                 files

[root at ...]# grep -E "Limit|Max open files" /proc/17840/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            1024                 4096                 files

[root at ...]# grep -E "Limit|Max open files" /proc/17841/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            1024                 4096                 files


*b) Squid configuration with max_filedesc 2048 and default nofile limit
(1024/4096):*

[root at ...]# ps aux | grep squid
root      7194  0.0  0.1  73524  3492 ?        Ss   May17   0:00 squid -f
/etc/squid/squid.conf
squid     7197  0.2 10.9 276080 210156 ?       S    May17   4:53 (squid) -f
/etc/squid/squid.conf
squid     7198  0.0  0.0  20080  1084 ?        S    May17   0:00 (unlinkd)

[root at ...]# grep -E "Limit|Max open files" /proc/7194/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            1024                 4096                 files

[root at ...]# grep -E "Limit|Max open files" /proc/7197/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            *2048*                 4096                 files

[root at ...]# grep -E "Limit|Max open files" /proc/7198/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            *2048*                 4096                 files

- soft nofile limit was increased for processes running under squid user


*c) Squid configuration with max_filedesc 8192 and default nofile limit
(1024/4096):*

[root at ...]# ps aux | grep squid
root     18734  0.0  0.1  73524  3492 ?        Ss   14:00   0:00 squid -f
/etc/squid/squid.conf
squid    18737  0.3  0.6  80244 11860 ?        S    14:00   0:00 (squid) -f
/etc/squid/squid.conf
squid    18740  0.0  0.0  20080  1088 ?        S    14:00   0:00 (unlinkd)

[root at ...]# grep -E "Limit|Max open files" /proc/18734/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            1024                 4096                 files

[root at ...]# grep -E "Limit|Max open files" /proc/18737/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            *8192*                 *8192*
files

[root at ...]# grep -E "Limit|Max open files" /proc/18740/limits
Limit                     Soft Limit           Hard Limit           Units
Max open files            *8192*                 *8192*
files

- both soft and hard nofile limits were increased for processes running
under squid user


I think, that the limits could be increased in tests b) and c) because the
master process runs under the root user. Am I right or not?
Or need I to increase the limits for the master proccess too?

Thank you and with best regards,
-- 
Karel Ziegler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180521/66f06df5/attachment.html>

More information about the squid-users mailing list