Ubuntu Docker Images

Bug #1978272
Comment #4

Comment 4 for bug 1978272

Revision history for this message

Athos Ribeiro (athos-ribeiro) wrote on 2022-06-12:

I did dive a bit further into the issue and decided to check the history of that value in Fedora's systemd configuration.

It turns out that it was a request to __increase__ the limit of open files [1].

Checking the documentation of LimitNOFILE [2] led me to learning that systemd is compiled with default values that are applied to all units [3].

DefaultLimitNOFILE= defaults to 1024:524288.

Squid uses use the soft limit for this value, as described in the configuration file:

# cat /etc/squid/squid.conf | grep max_filedescrip -A11
# TAG: max_filedescriptors
# Set the maximum number of filedescriptors, either below the
# operating system default or up to the hard limit.
#
# Remove from squid.conf to inherit the current ulimit soft
# limit setting.
#
# Note: Changing this requires a restart of Squid. Also
# not all I/O types supports large values (eg on Windows).
#Default:
# Use operating system soft limit set by ulimit.

Neither Ubuntu nor Fedora change these limits:

$ systemctl show -P DefaultLimitNOFILE
524288
$ systemctl show -P DefaultLimitNOFILESoft
1024

And this is what [1] was about. Bumping the limits from 1024 to 16384 to support (possibly very) larger cache directories (note that Ubuntu's squid does not carry this patch).

This also means that my earlier assessment saying that

> If that [systemd unit file patch] is not present, squid will most likely crash on startup if max_filedescriptors is not set in the configuration file.

was incorrect. squid will not crash without max_filedescriptors being set due to the default systemd limits.

Finally, re-assessing this issue with this information, it seems that, if we want to mimic the behavior of a default Ubuntu squid process (as run from systemd), we do want to set the max_filedescriptors configuration to 1024 in our configuration file.

Moreover, it would be nice to document the need for setting max_filedescriptors for users injecting their configuration files into the image.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=772481
[2] https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Process%20Properties
[3] https://www.freedesktop.org/software/systemd/man/systemd-system.conf.html#DefaultLimitCPU=

I did dive a bit further into the issue and decided to check the history of that value in Fedora's  systemd configuration.

It turns out that it was a request to __increase__ the limit of open files [1].

Checking the documentation of LimitNOFILE [2] led me to learning that systemd is compiled with default values that are applied to all units [3].

DefaultLimitNOFILE= defaults to 1024:524288.

Squid uses use the soft limit for this value, as described in the configuration file:

# cat /etc/squid/squid.conf | grep max_filedescrip -A11
#  TAG: max_filedescriptors
#	Set the maximum number of filedescriptors, either below the
#	operating system default or up to the hard limit.
#
#	Remove from squid.conf to inherit the current ulimit soft
#	limit setting.
#
#	Note: Changing this requires a restart of Squid. Also
#	not all I/O types supports large values (eg on Windows).
#Default:
# Use operating system soft limit set by ulimit.

Neither Ubuntu nor Fedora change these limits:

$ systemctl show -P DefaultLimitNOFILE
524288
$ systemctl show -P DefaultLimitNOFILESoft
1024

And this is what [1] was about. Bumping the limits from 1024 to 16384 to support (possibly very) larger cache directories (note that Ubuntu's squid does not carry this patch).

This also means that my earlier assessment saying that

> If that [systemd unit file patch] is not present, squid will most likely crash on startup if max_filedescriptors is not set in the configuration file.

was incorrect. squid will not crash without max_filedescriptors being set due to the default systemd limits.

Finally, re-assessing this issue with this information, it seems that, if we want to mimic the behavior of a default Ubuntu squid process (as run from systemd), we do want to set the  max_filedescriptors configuration to 1024 in our configuration file.

Moreover, it would be nice to document the need for setting max_filedescriptors for users injecting their configuration files into the image.