Troubleshooting Techniques

[ 208 ]

File descriptor limits

NGINX uses file descriptors in several different ways. The major use is to respond

to client connections, each one using a file descriptor. Each outgoing connection
(especially prevalent in proxy configurations) requires a unique IP:TCP port pair,

which NGINX refers to using a file descriptor. If NGINX is serving any static file or a
response from its cache, a file descriptor is used as well. As you can see, the number

of file descriptors can climb quickly with the number of concurrent users. The total

number of file descriptors that NGINX may use is limited by the operating system.

The typical UNIX-like operating system has a different set of limits for the superuser
(root) than for a regular user, so make sure to execute the following command as

the non-privileged user under which you're running NGINX (specified either by

the --user compile-time option or the user configuration directive).

ulimit -n

This command will show you the number of open file descriptors allowed for that

user. Usually, this number is set conservatively to 1024 or even lower. Since we know
that NGINX will be the major user of file descriptors on the machine, we can set this

number much higher. How to do this depends on the specific operating system. This

can be done as follows:

• Linux
  vi /etc/security/limits.conf

www-run hard nofile 65535

$ ulimit -n 65535

• FreeBSD
  vi /etc/sysctl.conf

kern.maxfiles=65535

kern.maxfilesperproc=65535

kern.maxvnodes=65535

# /etc/rc.d/sysctl reload

• Solaris

  projadd -c "increased file descriptors" -K "process.max-file-

  
  

  descriptor=(basic,65535,deny)" resource.file

  
  

# usermod -K project=resource.file www