如何在 systemd 服务单元上设置 ulimit?
这stackoverflow 问题解释了 systemd 忽略系统 ulimits
设置以下 ulimit 的语法是什么样的?
ulimit -c
ulimit -v
ulimit -m
[Unit]
Description=Apache Solr
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
SOLR_INSTALL_DIR=/opt/solr
SOLR_ENV=/etc/default/solr.in.sh
RUNAS=solr
SOLR_PID_DIR="/var/solr"
SOLR_HOME="/opt/solr/server/solr"
LOG4J_PROPS="/var/solr/log4j.properties"
SOLR_LOGS_DIR="/opt/solr/server/logs"
SOLR_PORT="8389"
PIDFile=/var/solr/solr-8389.pid
ExecStart=/opt/solr/bin/solr start
ExecStatus=/opt/solr/bin/solr status
ExecStop=/opt/solr/bin/solr stop
Restart=on-failure
User=solr
SuccessExitStatus=143 0
[Install]
WantedBy=multi-user.target
答案1
systemd 限制到 ulimit 的映射
Directive ulimit equivalent Unit
LimitCPU= ulimit -t Seconds
LimitFSIZE= ulimit -f Bytes
LimitDATA= ulimit -d Bytes
LimitSTACK= ulimit -s Bytes
LimitCORE= ulimit -c Bytes
LimitRSS= ulimit -m Bytes
LimitNOFILE= ulimit -n Number of File Descriptors
LimitAS= ulimit -v Bytes
LimitNPROC= ulimit -u Number of Processes
LimitMEMLOCK= ulimit -l Bytes
LimitLOCKS= ulimit -x Number of Locks
LimitSIGPENDING= ulimit -i Number of Queued Signals
LimitMSGQUEUE= ulimit -q Bytes
LimitNICE= ulimit -e Nice Level
LimitRTPRIO= ulimit -r Realtime Priority
LimitRTTIME= ulimit -R Microseconds
如果 ulimit 设置为“无限制”,请在 systemd 配置中将其设置为“无穷大”
ulimit -c unlimited一样一样 一样LimitCORE=infinity
ulimit -v unlimited一样LimitAS=infinity
ulimit -m unlimited一样一样LimitRSS=infinity
所以最终的配置看起来像
[Unit]
Description=Apache Solr
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
WorkingDirectory=/opt/solr/server
User=solr
Group=solr
LimitAS=infinity
LimitRSS=infinity
LimitCORE=infinity
LimitNOFILE=65536
ExecStart=/opt/solr/bin/solr-foo
Restart=on-failure
SuccessExitStatus=143 0
SyslogIdentifier=solr
[Install]
WantedBy=multi-user.target
在这种特殊情况下,我不知道完整的 java 路径(因为它根据服务器类型而变化),并且 systemd 对相对路径不满意,我将 java 命令包装在位于以下位置的简单 bash 脚本中:/opt/solr/bin/solr-foo
#!/bin/bash
. /opt/solr/bin/solr.in.sh
# Load $JAVA_HOME from 1 of 2 places where it could be defined
# Last one wins
if [[ -f "/etc/profile.d/jdk.sh" ]]; then
. /etc/profile.d/jdk.sh
fi
if [[ -f "/etc/profile.d/zing.sh" ]]; then
. /etc/profile.d/zing.sh
fi
exec ${JAVA_HOME}/bin/java -server \
-Djetty.port=${SOLR_PORT} \
${SOLR_JAVA_MEM} \
${GC_TUNE} \
${GC_LOG_OPTS} \
-DzkClientTimeout=${ZK_CLIENT_TIMEOUT} \
-DzkHost=${ZK_HOST} \
-DSTOP.PORT=7900 \
-DSTOP.KEY=foobar \
-Dhost=${SOLR_HOST} \
-Duser.timezone=${SOLR_TIMEZONE} \
-Djetty.home=/opt/solr/server \
-Dsolr.solr.home=${SOLR_HOME} \
-Dsolr.install.dir=/opt/solr \
-Dlog4j.configuration=file:/var/solr/log4j.properties \
-Xss256k \
-Dbootstrap_conf=true \
-Dbootstrap_confdir=/opt/solr/server/solr/configsets/foobar/conf \
-Dcollection.configName=foobar \
-jar start.jar --module=http