nginx core module: worker_rlimit_nofile
| Configuration file: | nginx.conf |
| Block: | main |
| Value type: | number |
| Default: | none - system determined (see notes section below) |
| What it does: | sets the value for the maximum file descriptors that can be opened by a single worker process |
| Example: | worker_rlimit_nofile 1024; |
NOTES:
When any program opens a file, the operating system (OS) returns a file descriptor (FD) that corresponds to that file. The program will refer to that FD in order to process the file. The limit for the maximum FDs on the server is usually set by the OS. To determine what the FD limits are on your server use the commands ‘ulimit -Hn’ and ‘ulimit -Sn’ which will give you the per user hard and soft file limits. To determine the maximum number of FDs available, use the command ‘sysctl fs.file-max’ or ‘cat /proc/sys/fs/file-max’.
If you don’t set the worker_rlimit_nofile directive, then the settings of your OS will determine how many FDs can be used by NGINX. One method of changing the FD limit for NGINX is to change the values in the OS. To change the values in the OS, see the explanations at:
- http://www.cyberciti.biz/faq/linux-unix-nginx-too-many-open-files/
- http://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/
- http://www.cyberciti.biz/tips/linux-procfs-file-descriptors.html
However, it’s not really necessary to change your OS settings. NGINX allows you to override the OS specific setting by setting this value. According to the mailing list here and here and this forum post:
- If the worker_rlimit_nofile directive is not specified, then the ulimit -n number of the OS will take effect.
- If the worker_rlimit_nofile directive is specified, then NGINX asks the OS to change the settings to the value specified in worker_rlimit_nofile.
- The directive worker_rlimit_nofile should be greater than or equal to the value of the directive worker_connections.
- The fs.file-max OS value still takes effect. In other words, you can’t exceed fs.file-max.
What value should you set? Well, that seems to be up for debate. At a minimum, there are at least two files per connection, the socket and the file being served. Add another for a proxy. The limit is per process so with 4 processes and worker_rlimit_nofile set at 1024, the maximum FDs used in this example are: 4096 = (worker_rlimit_nofile 1024 * 4 worker_processes). In some configurations I’ve seen, the value is set at 2 times worker_connections to account for the two files per connection. So if worker_connections is set to 512, then a value of 1024 for worker_rlimit_nofile is used. These numbers are just examples and are by no means how you should configure your server. I’m still working on answering this question myself.
GOTCHAS:
- Changing file descriptor settings can be OS-specific. In other words, the method to change the settings may be different between Debian and CentOS.
- DO NOT set the FD limits for NGINX as high as the maximum FDs allowed by the OS. If NGINX used up all the FDs, the server would come to a grinding halt.
- Other software you use in conjunction with NGINX may also need to have the FD limits changed. In particular, php-fpm5 has the value rlimit_files. Check your php5-fpm pool configuration. On a default Debian install of php5-fpm, it’s at /etc/php5/fpm/pool.d/www.conf.
- Changing parameters on the server, like sysctl settings, can often be done in two ways - one which survives a reboot and one which does not. Make sure your changes can survive a reboot if that’s what you want to happen.
