《OneinStack》安装 JAVA环境,跑一段时间,却换一般用户(www)部署代码时候,提示报错信息:-sh: fork failed – too many processes或者su: cannot set user id: Resource temporarily unavailable,明显是系统资源受限制。 排查问题过程如下: 1. 关闭www下所有应用为了安全JAVA应用跑在一般用户(www),由于报错,切换www用户,提示系统资源限制,于是关闭www用户下所有应用,使能切换到www用户下,方便排除问题。 2. 查看www用户配置文件ulimit参数[root@OneinStack ~]# su - www [www@OneinStack ~]$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 256345 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 65535 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 1024 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited 从上面可以看出,系统默认max user processes为1024,显然就是这个问题。 3. 查看系统ulimit全局参数[root@OneinStack ~]# grep -v ^# /etc/security/limits.conf * soft nproc 65535 * hard nproc 65535 * soft nofile 65535 * hard nofile 65535
奇怪,通过系统ulimit全局参数看,*代表所有用户,www用户竟然还有限制,于是Google获知,REHL6下引入配置文件/etc/security/limits.d/90-nproc.conf(可参考:https://bugzilla.redhat.com/show_bug.cgi?id=919793) 4. 修改/etc/security/limits.d/90-nproc.conf[root@OneinStack ~]# grep -v ^# /etc/security/limits.d/90-nproc.conf * soft nproc 1024 root soft nproc unlimited
问题就在这里,这里限制为1024 [root@OneinStack ~]# grep -v ^# /etc/security/limits.d/90-nproc.conf * soft nproc 65535 root soft nproc unlimited 退出当前用户,重新登录即可让之前修改的limits生效,执行如下命令发现修改成功 [root@OneinStack ~]# su - www [www@OneinStack ~]$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 256345 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 65535 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 65535 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited 启动java应用,问题解决 注:
如果使用*号让全局用户生效是受文件/etc/security/limits.d/90-nproc.conf中nproc值大小制约的,而如果仅仅是针对某个用户,那么就不受该文件nproc值大小的影响。
原文:https://blog.linuxeye.com/427.html
转载请保留固定链接: https://linuxeye.com/Linux/2801.html |