src: set max open file limit to match systemd >= 240 defaults

Since systemd 240, all services get an open file hard limit of 500k, and a soft limit of 1024. This limit means apps are safe to use select() by default which is limited to 1024 FDs. Apps which don't use select() are expected to simply set their soft limit to match the hard limit during startup. With our current unit file settings we've been effectively reducing the max open files we have on most modern systems. https://gitlab.com/libvirt/libvirt/-/issues/489 Reviewed-by: Peter Krempa <pkrempa@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-07-08 02:45:45 +00:00 · 2023-06-21 13:22:40 +01:00 · 2023-06-21 13:22:40 +01:00 · 38abf9c34d
commit 38abf9c34d
parent 04b82f961b
6 changed files with 24 additions and 31 deletions
--- a/src/ch/virtchd.service.in
+++ b/src/ch/virtchd.service.in
@ -22,11 +22,10 @@ ExecStart=@sbindir@/virtchd $VIRTCHD_ARGS
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure
-# At least 2 FD per guest (eg ch monitor + ch socket).
+# Raise hard limits to match behaviour of systemd >= 240.
-# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# During startup, daemon will set soft limit to match hard limit
-# If changing this, also consider virtlogd.service & virtlockd.service
+# per systemd recommendations
-# limits which are also related to number of guests
+LimitNOFile=512000:1024
 LimitNOFILE=8192
 # The cgroups pids controller can limit the number of tasks started by
 # the daemon, which can limit the number of domains for some hypervisors.
 # A conservative default of 8 tasks per guest results in a TasksMax of
--- a/src/locking/virtlockd.service.in
+++ b/src/locking/virtlockd.service.in
@ -15,10 +15,10 @@ ExecReload=/bin/kill -USR1 $MAINPID
 # cause the machine to be fenced (rebooted), so make
 # sure we discourage OOM killer
 OOMScoreAdjust=-900
-# Needs to allow for max guests * average disks per guest
+# Raise hard limits to match behaviour of systemd >= 240.
-# libvirtd.service written to expect 4096 guests, so if we
+# During startup, daemon will set soft limit to match hard limit
-# allow for 10 disks per guest, we get:
+# per systemd recommendations
-LimitNOFILE=40960
+LimitNOFile=512000:1024
 [Install]
 Also=virtlockd.socket
--- a/src/logging/virtlogd.service.in
+++ b/src/logging/virtlogd.service.in
@ -15,13 +15,10 @@ ExecReload=/bin/kill -USR1 $MAINPID
 # cause the machine to be fenced (rebooted), so make
 # sure we discourage OOM killer
 OOMScoreAdjust=-900
-# Need to have at least one file open per guest (eg QEMU
+# Raise hard limits to match behaviour of systemd >= 240.
-# stdio log), but might be more (eg serial console logs)
+# During startup, daemon will set soft limit to match hard limit
-# A common case is OpenStack which often has up to 4 file
+# per systemd recommendations
-# handles per guest.
+LimitNOFile=512000:1024
 # libvirtd.service written to expect 4096 guests, so if we
 # guess at 4 files per guest here that is 16k:
 LimitNOFILE=16384
 [Install]
 Also=virtlogd.socket
--- a/src/lxc/virtlxcd.service.in
+++ b/src/lxc/virtlxcd.service.in
@ -22,11 +22,10 @@ ExecStart=@sbindir@/virtlxcd $VIRTLXCD_ARGS
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure
-# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent).
+# Raise hard limits to match behaviour of systemd >= 240.
-# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# During startup, daemon will set soft limit to match hard limit
-# If changing this, also consider virtlogd.service & virtlockd.service
+# per systemd recommendations
-# limits which are also related to number of guests
+LimitNOFile=512000:1024
 LimitNOFILE=8192
 # The cgroups pids controller can limit the number of tasks started by
 # the daemon, which can limit the number of domains for some hypervisors.
 # A conservative default of 8 tasks per guest results in a TasksMax of
--- a/src/qemu/virtqemud.service.in
+++ b/src/qemu/virtqemud.service.in
@ -24,11 +24,10 @@ ExecStart=@sbindir@/virtqemud $VIRTQEMUD_ARGS
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure
-# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent).
+# Raise hard limits to match behaviour of systemd >= 240.
-# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# During startup, daemon will set soft limit to match hard limit
-# If changing this, also consider virtlogd.service & virtlockd.service
+# per systemd recommendations
-# limits which are also related to number of guests
+LimitNOFile=512000:1024
 LimitNOFILE=8192
 # The cgroups pids controller can limit the number of tasks started by
 # the daemon, which can limit the number of domains for some hypervisors.
 # A conservative default of 8 tasks per guest results in a TasksMax of
--- a/src/remote/libvirtd.service.in
+++ b/src/remote/libvirtd.service.in
@ -29,11 +29,10 @@ ExecStart=@sbindir@/libvirtd $LIBVIRTD_ARGS
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure
-# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent).
+# Raise hard limits to match behaviour of systemd >= 240.
-# eg if we want to support 4096 guests, we'll typically need 8192 FDs
+# During startup, daemon will set soft limit to match hard limit
-# If changing this, also consider virtlogd.service & virtlockd.service
+# per systemd recommendations
-# limits which are also related to number of guests
+LimitNOFile=512000:1024
 LimitNOFILE=8192
 # The cgroups pids controller can limit the number of tasks started by
 # the daemon, which can limit the number of domains for some hypervisors.
 # A conservative default of 8 tasks per guest results in a TasksMax of