Fuel for OpenStack

Ulimits are not applied to services, and for root user on ubuntu

Bug #1526992 reported by Alexander Bozhenko
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Incomplete
High
Fuel Library (Deprecated)
Fuel for OpenStack 8.0

Bug Description

We have this file:
cat /etc/security/limits.conf
# Raising open file limit for OpenStack services
* soft nofile 102400
* hard nofile 112640

In centos 6 an 7 those limits are applied for users, including root.

[root@centos-1gb-nyc3-01 ~]# ulimit -Ha | grep open
open files (-n) 112640
[root@centos-1gb-nyc3-01 ~]# ulimit -Sa | grep open
open files (-n) 102400

On ubuntu manpage says this:
           NOTE: group and wildcard limits are not applied to the root user. To set a limit for the root user, this field
           must contain the literal username root.
And ulimits are not applied to root:
root@:~# ulimit -Ha | grep open
open files (-n) 4096
root@:~# ulimit -Sa | grep open
open files (-n) 1024

So limits.conf require this as well for ubuntu, if we need limits set for root:
root soft nofile 102400
root hard nofile 112640

Also, options from limits.conf are not applied to upstart jobs in Ubuntu, and to sysvinit scripts in centos6 and systemd in centos7.
They are only applied for process started from shell under particluar user.
You can check it by doing
cat /proc/PID/limits
Some services have default ulimit values.

So, if we really need that ulimit set for openstack services we need to add ulimits to upstart jobs for ubuntu:
http://stackoverflow.com/a/19996195
http://upstart.ubuntu.com/wiki/Stanzas#limit
E.g. Mongodb is doing that. Check
cat /etc/init/mongodb.conf | grep limit
limit nofile 64000 64000

For cenots 6 it is similar syntax, see http://serverfault.com/a/624107

And for centos7 it is in systemd:
[root@localhost ~]# cat /usr/lib/systemd/system/mongod.service | grep -i limit
LimitNOFILE=64000

Note that mongodb used just as example.
See also about limits:
https://www.rdoproject.org/documentation/tunings-and-tweaks/

See original description
Tags: area-library
Alexander Bozhenko (alexbozhenko)
description: updated
description: updated
Alexander Bozhenko (alexbozhenko)
description: updated
Ilya Kutukov (ikutukov)
Changed in fuel:
milestone: none → 8.0
assignee: nobody → Fuel Library Team (fuel-library)
importance: Undecided → High
status: New → Confirmed
tags: added: area-library low-hanging-fruit
Ilya Kutukov (ikutukov)
Changed in fuel:
importance: High → Medium
milestone: 8.0 → 8.0-updates
Revision history for this message
Kyrylo Galanov (kgalanov) wrote :

Hello,

What services are affected by this issue in particular?

--
Kyrylo

Changed in fuel:
status: Confirmed → Incomplete
Ilya Kutukov (ikutukov)
Changed in fuel:
milestone: 8.0-updates → 8.0
Revision history for this message
Bogdan Dobrelya (bogdando) wrote :

If ulimits doesn't rise as we expecting, we have a major issue then

Changed in fuel:
importance: Medium → High
Revision history for this message
Bogdan Dobrelya (bogdando) wrote :

Not a low hanging fruit because of this "Also, options from limits.conf are not applied to upstart jobs in Ubuntu"

tags: removed: low-hanging-fruit
Revision history for this message
Kyrylo Galanov (kgalanov) wrote :

Yes, it may cause an unexpected issue.
We need a list of services that can be affected at least.
If we stick to editing .conf/.service files, what files should be altered, or all of them?

--
Kyrylo

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.