-
Notifications
You must be signed in to change notification settings - Fork 92
/
Copy pathTASK_24-Linux_Resource_Limits.sh
280 lines (230 loc) · 11 KB
/
TASK_24-Linux_Resource_Limits.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
-----------------------------------------------------------------------------------------------------------------
Start 2020-07-27 || 12:18 PM
Finished 2020-07-27 || 01:10 PM
Number of Attempts: 2
Total Time(in hours): 1
-----------------------------------------------------------------------------------------------------------------
TASK 24 - Linux Resource Limits
REQUIREMENTS:
On our Storage server in Stratos Datacenter we are having some issues where nfsuser user is holding hundred of processes, which is degrading the performance of the server. Therefore, we have a requirement to limit its maximum processes. Please set its maximum process limits as below:
a. soft limit = 79
b. hard_limit = 100
-----------------------------------------------------------------------------------------------------------------
CONTENT:
I. REFERENCES
II. STEPS - SUMMARY
III. COMMANDS USED
IV. STEPS - BREAKDOWN
-----------------------------------------------------------------------------------------------------------------
I. REFERENCES
https://linoxide.com/linux-how-to/limit-processes-user-level-linux/ # detailed explanation
https://community.kodekloud.com/t/linux-resource-limits-task-failed/1254/6
https://community.kodekloud.com/t/linux-resource-limit-task-failed/3886
-----------------------------------------------------------------------------------------------------------------
II. STEPS - SUMMARY
1. Connect via SSH to the Storage Server.
2. Check the limits and the limits.conf file.
3. Edit the limits.conf file to add nfsuser and the hard and soft limits for the processes.
4. Verify.
-----------------------------------------------------------------------------------------------------------------
III. COMMANDS USED
# 1. Connect via SSH to the Storage Server.
sshpass -p '******' ssh -o StrictHostKeyChecking=no natasha@172.16.238.15
# 2. Check the limits and the limits.conf file.
# Now there aren't much articles in the KKC - there were only two of them.
# The two were actually helpful but they still seem to be lacking of explanations
# so I decided to look it up in the internet.
# And as always, in every lab I do, I always check first if the reported issue is really occuring.
# the 'ulimiit' and its options doesn't seem to help much - I did not bother to read more on the
# verification part and went straight to modifying the limits.conf (as suggested in the Internet article
# and the KKC article) after I checked the limits
ulimit -a
ulimit -Sn
ulimit -Hn
cat /etc/security/limits.conf
# 3. Edit the limits.conf file to add nfsuser and the hard and soft limits for the processes.
sudo vi /etc/security/limits.conf
# Now the limit.conf file doesn't have a user 'nfsuser' in it so I added the user along with
# the hard and soft limits for its processes
@nfsuser soft nproc 79
@nfsuser hard nproc 100
# 4. Verify.
# Again, I did not read more on how to verify if everything's is working as they should be and the
# KKC article doesn't seem to provide much on how to valdate the steps.
# So i just checked again the limits.conf and hit 'Finish'
cat /etc/security/limits.conf
-----------------------------------------------------------------------------------------------------------------
IV. STEPS - BREAKDOWN
# I felt this one was one of the easiest lab although it has a much higher corresponding points
# when you complete it.
# For this lab, I did two attempts in 1 hour
thor@jump_host /$ sshpass -p '******' ssh -o StrictHostKeyChecking=no natasha@172.16.238.15Warning: Permanently added '172.16.238.15' (ECDSA) to the list of known hosts.
[natasha@ststor01 ~]$
[natasha@ststor01 ~]$ ulimit -a
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 7831
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1048576
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200real-time priority (-r) 0
stack size (kbytes, -s) 8192cpu time (seconds, -t) unlimited
max user processes (-u) unlimited
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[natasha@ststor01 ~]$
[natasha@ststor01 ~]$ ulimit -Sn
1048576
[natasha@ststor01 ~]$ ulimit -Hn
1048576
[natasha@ststor01 ~]$ cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - a user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open file descriptors
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
# End of file
[natasha@ststor01 ~]$
[natasha@ststor01 ~]$ sudo vi /etc/security/limits.conf
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for natasha:
[natasha@ststor01 ~]$
[natasha@ststor01 ~]$ cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - a user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open file descriptors
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
@nfsuser soft nproc 77
@nfsuser hard nproc 100
# End of file
[natasha@ststor01 ~]$ Connection to host01 closed by remote host.
Connection to host01 closed.
The environment has expired.
Please refresh to get a new environment.
-----------------------------------------------------------------------------------------------------------------
############################################################################################################
####### ### ### ####### ####### ######### ####### ####### ### ###
#### #### ### ### #### #### #### #### ######### #### #### #### #### ### ###
### ### ### ### ### ### ### ### ### ### ### ### ### ### ###
### ### ### ### ### ### ### ### ### ###
####### ### ### ### ### ######## ####### ####### ### ###
####### ### ### ### ### ######## ####### ####### ### ###
### ### ### ### ### ### ### ### ### ###
### ### ### ### ### ### ### ### ### ### ### ### ###
######### ######### #### #### #### #### ######### ######### ######### ### ###
####### ####### ####### ####### ######### ####### ####### ### ###
############################################################################################################