Descriptor with Apache

xiaoxiao2021-03-06  183

Warning: This document is not fully included in the Apache HTTP server 2.0 that has been updated in the Apache HTTP server 2.0, some content may still be valid, please note in use. Descriptors, usually also become a file handle, is a program for reading and writing, or opens a network socket and other various devices, the expression is an integer, and everyone is well known to STDIN, STDOUT and STDERR descriptor descriptor 0, 1 and 2, respectively. In Apache, each log file takes up a descriptor, and each listening network outlet requires a descriptor, and there are some other. The library file used by Apache also needs a descriptor. The standard program does not open a number of descriptors, so if you use a lot of descriptors (ie, there are many virtual hosts), there may be some potential issues.

The number of descriptors that the operating system can open at the same time can be opened. Typically, limitations include three aspects. One is the kernel limit, depending on the operating system, maybe you can raise the number of this descriptor (often referred to as fd_setsize), otherwise it can only be limited to one (relative) small amount. The second is the so-called hard resource restriction, some are set by root in a hypothy, but is often the same as the kernel limit. The third is the so-called soft resource limit, which is always less than or equal to hard limit, such as hard limit is 1024, and soft restriction is only 64. Any user can improve soft restrictions, up to hard limit. Root can improve hard limit and reach the maximum system. Soft restriction is a process that can open the maximum number of actual limitations.

to sum up:

#open files <= SOFT LIMIT <= HARD LIMIT <= KERNEL LIMIT

Use the LIMIT (CSH) or ULIMIT (SH) command to control the soft and hard limit. See the corresponding Manbook for more information. For example, you can use ulimit -n unlimited to increase the flexible limit to a hard limit.

This command should be included in the shell script of the startup website server.

Unfortunately, things are not always so simple. As mentioned above, you may encounter some system restrictions, but must take some measures. From 1.2.1, the situation has improved. The following is a part of the system and its corresponding measures (assuming that you are using 1.2.1 or updated).

BSDI 2.0 FreeBSD 2.2, BSDI 2.1 Linux Solaris 2.5.1 and its earlier version AIX SCO OPENSERVER COMPAQ TRU64 Unix / Digital Unix / OSF Other

BSDI 2.0 In BSDI 2.0, it can increase -DFD_setsize = nnn in extra_cflags (where NNN is the number of descriptors that require support, it must be less than hard limit) and compile Apache to support more descriptors.

However, this will have some trouble when using the Listen instructions in use than about 240, and the higher FD_SETSIZE is set and recompiled the kernel may solve this problem.

FreeBSD 2.2, BSDI 2.0 is similar to BSDI 2.0, which should define FD_SETSIZE and recompile, but Listen's use is not limited.

Linuxlinux has a kernel restriction of the maximum value of 256 for a descriptor that can open for each process. For the 2.0.x series, in the "Unofficial Patches" of the Linux Information HQ, there are several patches to improve this limit to 1024 or more.

But these patches are not perfect, and the ideas have been taken from the 2.1.x. Using these patches will increase fd_setsize when compiling all programs unless you recompile all libraries. The soft limit of the descriptor should be avoided when performing other programs, so don't over-relying over these improvement of the patch to increase the descriptor, so as not to bring trouble to the full-time website server. Solaris 2.5.1 and its earlier versions of Solaris are 1024 (lower versions may be lower). However, the files using the STDIO library have a descriptor that cannot be more than 255. Apache's ErrorLog instructions uses the stdio library, when the number of virtual hosts reaches approximately 110 times (each with an error log and an access log), must add -Dhigh_slack_line = 256 in extra_cflags and recompile Apache, and should Control the number of error logs within approximately 240.

The hard limit of the AixAix 3.2 ?? seems to be 128, and the hard limit in version 4.1.5 is 2000.

SCO OpenServer modify the /etc/conf/cf.d/stune file or use /etc/conf.d/configure option 7 (user and group configuration), and modify the kernel parameter Nofiles to a reasonable value . The SCO recommendation value is between 60 and 11000, and the default value is 110. Reconnect and restart, make the number of new descriptors valid.

Compaq Tru64 Unix / Digital UNIX / OSF In the process subsystem, improve Open_MAX_SOFT and OPEN_MAX_HARD to 4096. See sysconfig, sysconfigdb, and sysconfigtab. Improve max-vNodes to a value greater than the number of Apache process * 4096 (set to 250,000 for most people). See sysconfig, sysconfigdb, and sysconfigtab. If you are using TRU64 5.0, 5.0A, or 5.1, define no_slack can avoid an error in the OS. Cflags = "- DNO_SLACK" ./configure

For information on other operating systems, you can submit to our bug Report page.

In addition to the above mentioned, many libraries used by Apache also have some problems. The most common problem is that the binding (bind) in the DNS resolution library used almost all UNIX is performed in the descriptor than 256. We suspect that other libraries have similar restrictions. Therefore, the code of 1.2.1 takes a self-defense attitude that attempts to save less than 16 descriptors for use when processing each request, which is called Low Slack Line.

Note that this should not be ware, when approaching the limit, the Apache needs to be more than 16 descriptors, which will use a descriptor of less than 16.

In extreme cases, you may want to lower Low Slack Line, but it shouldn't do this. For example, in Solaris and BSDI 2.0, it can improve the limitations of the above 240, but this can only be found in a fragile balance between the descriptors required by the processing request. If you really want to do this, the parameters of compile are low_slack_line, there is also an extremely simple description in the httpd.h header file.

Finally, if you doubt that your problem is caused by Slack, you can disable it, recompile after extra_cflags increase -Dno_slack, and submit your situation to bug Report Page so that we should study.

转载请注明原文地址:https://www.9cbs.com/read-128261.html

New Post(0)