[jira] Commented: (TS-88) traffic_server not able to setrlimit > 1024 on FDs

[George Paul (JIRA)]

    [ 
https://issues.apache.org/jira/browse/TS-88?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12806601#action_12806601
 ] 

George Paul commented on TS-88:
-------------------------------

Looking into this the best way going forward to solve this on Linux is to use 
the capabilities (7) facility that exist in the Linux kernels >= 2.6.24. 

Minimum requirements are: (see http://www.friedhoff.org/posixfilecaps.html)
- a kernel >= 2.6.24
- a filesystem that supports extended attributes like ext3
- File POSIX Capabilities enabled
- libcap2 package >=2.08
- libcap2 utilities  (setcap, getcap, etc)

Basically after installation one needs to do the following: e.g.

 sudo setcap cap_sys_resource=ep /usr/local/bin/traffic_server

The 'trafficserver' script can then be used to bring up the process stack as 
the configured user.

Tested on Ubunt-9.04 and Fedora 11 w/ libcap2 pkgs installed and default latest 
kernels.

These procedures/steps need to be documented in the installation notes/guide.

-George 

> traffic_server not able to setrlimit > 1024 on FDs
> --------------------------------------------------
>
>                 Key: TS-88
>                 URL: https://issues.apache.org/jira/browse/TS-88
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.0.0a
>            Reporter: Leif Hedstrom
>            Assignee: George Paul
>
> When starting TS, i get a warning / error like this:
> [example_alarm_bin.sh] sent alarm: loki.ogre.com [Tue Dec 15 20:33:55 2009] 
> connection throttle too high, 10000 (throttle) + 192 (internal use) > 8192 
> (file descriptor limit), using throttle of 8000
> stracing traffic_manager, I see:
> r...@loki 332/1 # strace -f -e trace=setrlimit ./bin/traffic_manager  2>&1 | 
> grep setrlimit
> [pid 24114] setrlimit(RLIMIT_CPU, {rlim_cur=RLIM_INFINITY, 
> rlim_max=RLIM_INFINITY}) = 0
> [pid 24114] setrlimit(RLIMIT_FSIZE, {rlim_cur=RLIM_INFINITY, 
> rlim_max=RLIM_INFINITY}) = 0
> [pid 24114] setrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
> [pid 24126] setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=0}) = 0
> [pid 24126] setrlimit(RLIMIT_NOFILE, {rlim_cur=10000, rlim_max=10000}) = -1 
> EPERM (Operation not permitted)
> The last call is from traffic_server, indicating that it's not able to 
> setrlimit() to 10000. This would only happen (I think) if at this point it's 
> running as a non-root user. If I run traffic_server as root directly, I don't 
> have this problem (i.e. when it calls setrlimit() as root, it works fine).
> This is using a standard installation in /usr/local.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.