Apache Increase FD limit
On CentOS 7 sevrer running apache, when try to install plugin in WordPress admin area, i get error
1 |
Installazione fallita: Il download non è andato a buon fine. cURL error 35: Process open FD table is full |
This is due to Apache File Descriptor Limits.
To see current Limits, use following PHP script
1 2 3 4 5 |
<?php echo "User: " . exec('whoami'); echo "<br>FD Soft Limit: " . exec('ulimit -Sn'); echo "<br>FD Hard Limit: " . exec('ulimit -Hn'); |
To see system wide limits, use following commands
1 2 |
sysctl fs.file-nr sysctl fs.file-max |
Normally this will be high value. You need to increse limit for user running Apache. On CentOS 7, the username is “apache”. To increase limit for this user, edit
1 |
vi /etc/security/limits.conf |
Add following lines
1 2 |
apache soft nofile 10240 apache hard nofile 900000 |
To verify, we need to login as user Apache, and verify limits, for this, lets enable SSH or bash terminal for user apache. By default no SSH login allowed for this user.
1 |
chsh --shell /bin/bash apache |
Now change to user, verify the limits
1 2 3 |
su - apache ulimit -Hn ulimit -Sn |
Exit back to root, disable shell for user apache with command.
1 |
chsh --shell /sbin/nologin apache |
We need to edit service file for Apache. Default service file look like following.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
[root@centos-s-1vcpu-1gb-blr1-01 ~]# cat /usr/lib/systemd/system/httpd.service [Unit] Description=The Apache HTTP Server After=network.target remote-fs.target nss-lookup.target Documentation=man:httpd(8) Documentation=man:apachectl(8) [Service] Type=notify EnvironmentFile=/etc/sysconfig/httpd ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND ExecReload=/usr/sbin/httpd $OPTIONS -k graceful ExecStop=/bin/kill -WINCH ${MAINPID} # We want systemd to give httpd some time to finish gracefully, but still want # it to kill httpd after TimeoutStopSec if something went wrong during the # graceful stop. Normally, Systemd sends SIGTERM signal right after the # ExecStop, which would kill httpd. We are sending useless SIGCONT here to give # httpd time to finish. KillSignal=SIGCONT PrivateTmp=true [Install] WantedBy=multi-user.target [root@centos-s-1vcpu-1gb-blr1-01 ~]# |
Find
1 |
[Service] |
Add below
1 2 |
LimitNOFILE=65535 LimitNPROC=65535 |
Method 2
create file
1 2 |
mkdir -p /etc/systemd/system/httpd.service.d/ vi /etc/systemd/system/httpd.service.d/limits.conf |
Add
1 2 3 |
[Service] LimitNOFILE=65535 LimitNPROC=65535 |
Reload service file with
1 |
systemctl daemon-reload |
Restart Apache
1 |
systemctl restart httpd |
See Apache