Since systemd 240, all services get an open file hard limit of 500k, and a soft limit of 1024. This limit means apps are safe to use select() by default which is limited to 1024 FDs. Apps which don't use select() are expected to simply set their soft limit to match the hard limit during startup. With our current unit file settings we've been effectively reducing the max open files we have on most modern systems. https://gitlab.com/libvirt/libvirt/-/issues/489 Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- src/ch/virtchd.service.in | 9 ++++----- src/locking/virtlockd.service.in | 8 ++++---- src/logging/virtlogd.service.in | 11 ++++------- src/lxc/virtlxcd.service.in | 9 ++++----- src/qemu/virtqemud.service.in | 9 ++++----- src/remote/libvirtd.service.in | 9 ++++----- tests/virshtest.c | 1 + tools/virsh.c | 2 +- 8 files changed, 26 insertions(+), 32 deletions(-) diff --git a/src/ch/virtchd.service.in b/src/ch/virtchd.service.in index 6e3b13446f..22314bc907 100644 --- a/src/ch/virtchd.service.in +++ b/src/ch/virtchd.service.in @@ -22,11 +22,10 @@ ExecStart=@sbindir@/virtchd $VIRTCHD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure -# At least 2 FD per guest (eg ch monitor + ch socket). -# eg if we want to support 4096 guests, we'll typically need 8192 FDs -# If changing this, also consider virtlogd.service & virtlockd.service -# limits which are also related to number of guests -LimitNOFILE=8192 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 # The cgroups pids controller can limit the number of tasks started by # the daemon, which can limit the number of domains for some hypervisors. # A conservative default of 8 tasks per guest results in a TasksMax of diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 23054369d5..f1792dcb43 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -15,10 +15,10 @@ ExecReload=/bin/kill -USR1 $MAINPID # cause the machine to be fenced (rebooted), so make # sure we discourage OOM killer OOMScoreAdjust=-900 -# Needs to allow for max guests * average disks per guest -# libvirtd.service written to expect 4096 guests, so if we -# allow for 10 disks per guest, we get: -LimitNOFILE=40960 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 [Install] Also=virtlockd.socket diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index e4aecd46a7..cef4053f59 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -15,13 +15,10 @@ ExecReload=/bin/kill -USR1 $MAINPID # cause the machine to be fenced (rebooted), so make # sure we discourage OOM killer OOMScoreAdjust=-900 -# Need to have at least one file open per guest (eg QEMU -# stdio log), but might be more (eg serial console logs) -# A common case is OpenStack which often has up to 4 file -# handles per guest. -# libvirtd.service written to expect 4096 guests, so if we -# guess at 4 files per guest here that is 16k: -LimitNOFILE=16384 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 [Install] Also=virtlogd.socket diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in index 06c70ccde2..59d7d26657 100644 --- a/src/lxc/virtlxcd.service.in +++ b/src/lxc/virtlxcd.service.in @@ -22,11 +22,10 @@ ExecStart=@sbindir@/virtlxcd $VIRTLXCD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure -# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent). -# eg if we want to support 4096 guests, we'll typically need 8192 FDs -# If changing this, also consider virtlogd.service & virtlockd.service -# limits which are also related to number of guests -LimitNOFILE=8192 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 # The cgroups pids controller can limit the number of tasks started by # the daemon, which can limit the number of domains for some hypervisors. # A conservative default of 8 tasks per guest results in a TasksMax of diff --git a/src/qemu/virtqemud.service.in b/src/qemu/virtqemud.service.in index 46917b746d..7e02f7ab51 100644 --- a/src/qemu/virtqemud.service.in +++ b/src/qemu/virtqemud.service.in @@ -24,11 +24,10 @@ ExecStart=@sbindir@/virtqemud $VIRTQEMUD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure -# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent). -# eg if we want to support 4096 guests, we'll typically need 8192 FDs -# If changing this, also consider virtlogd.service & virtlockd.service -# limits which are also related to number of guests -LimitNOFILE=8192 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 # The cgroups pids controller can limit the number of tasks started by # the daemon, which can limit the number of domains for some hypervisors. # A conservative default of 8 tasks per guest results in a TasksMax of diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index afda257228..28bcdb1220 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -29,11 +29,10 @@ ExecStart=@sbindir@/libvirtd $LIBVIRTD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure -# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent). -# eg if we want to support 4096 guests, we'll typically need 8192 FDs -# If changing this, also consider virtlogd.service & virtlockd.service -# limits which are also related to number of guests -LimitNOFILE=8192 +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFile=512000:1024 # The cgroups pids controller can limit the number of tasks started by # the daemon, which can limit the number of domains for some hypervisors. # A conservative default of 8 tasks per guest results in a TasksMax of diff --git a/tests/virshtest.c b/tests/virshtest.c index cf834bb847..022cd075f9 100644 --- a/tests/virshtest.c +++ b/tests/virshtest.c @@ -118,6 +118,7 @@ testCompareOutputLit(const char *expectData, cmd = virCommandNewArgs(argv); + virCommandAddEnvPassCommon(cmd); virCommandAddEnvString(cmd, "LANG=C"); virCommandSetInputBuffer(cmd, empty); virCommandSetOutputBuffer(cmd, &actualData); diff --git a/tools/virsh.c b/tools/virsh.c index 963e886860..55a1ffca86 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -123,7 +123,7 @@ virshConnect(vshControl *ctl, const char *uri, bool readonly) keepalive_forced = true; } - if (virPolkitAgentAvailable() && + if (0 && virPolkitAgentAvailable() && !(pkagent = virPolkitAgentCreate())) virResetLastError(); -- 2.40.1