Search code examples
nginxnginx-configfile-descriptorulimit

Are additional changes necessary for worker_rlimit_nofile to take effect?

We have an Ubuntu server with Nginx. ulimit -n returns 1024 and in /etc/nginx/nginx.conf there are the following settings:

user www-data;
worker_processes auto;

events {
    worker_connections 1024;
}

We've been reading a bit of documentation and various blogs about "optimizing Nginx", about File Descriptors, worker_connections, etc. For example: https://docs.nginx.com/nginx-management-suite/admin-guides/configuration/configure-gateway/

You may also want to adjust the maximum number of file descriptors (worker_rlimit_nofile) that a process can open to align with the number of worker connections. Note that rlimit_nofile is a system setting, so make sure to check the user limits for your Linux distribution, as these may be more restrictive.

Let's say we need to double the number of worker connections, from 1024 to 2048. If we were to modify the config (and restart nginx):

user www-data;
worker_processes auto;
worker_rlimit_nofile 2048; // <<< added

events {
    worker_connections 2048; // <<< changed
}

Is that enough considering that ulimit -n returns 1024? Or those changes are not enough and will not have an effect, and it is necessary to increase the system's soft limit for file descriptors by running:

ulimit -n 2048

or by adding the following line to shell configuration file (e.g., /etc/security/limits.conf):

www-data soft nofile 2048
www-data hard nofile 2048

(not sure if that's all or if there are some more configuration files to modify)

Solution

  • In my case [Ubuntu server (22.04) with Nginx (1.18)] no additional changes are required. So I just need to update /etc/nginx/nginx.conf:

    user www-data;
worker_processes auto;
worker_rlimit_nofile 4096; // <<< added

events {
    worker_connections 2048; // <<< changed
}

    and reload nginx, and that's it.

    To make sure this is indeed the case:

    Find the PID of the nginx worker process (there can be more than one worker process, it doesn't matter whose PID you take):

    ps aux | fgrep nginx

    Then:

    cat /proc/<PID>/limits

    And look at the value for Max open files: if it is the same as the value of worker_rlimit_nofile from nginx config - that's it.

    However, in some cases it is possible that simply setting worker_rlimit_nofile and reloading nginx is not enough, that is, it will have no effect. As stated in the Nginx documentation:

    Note that rlimit_nofile is a system setting, so make sure to check the user limits for your Linux distribution, as these may be more restrictive.