Hello everybody,
on one of our boxes, I'm encountering strange problem from
time to time.. in.tftpd processes are forking up to thousand of
processes, getting server to almost unresponsive state.
I've tried various approaches to limiting tftp daemon but to no
avail..
what puzzles me most is, that it seems to breach even ulimit -u setting.
I'm starting in.tftpd from initscript (so no xinetd), prior to starting it, ulimit -n 50
is run.
I can see limit set up correctly for master process:
grep processes /proc/XXX/limits:
Max processes 50 50 processes
but again, few days ago, problem occured again, according to atop records, thousands
of in.tftpd processes got forked..
Any idea on what could I be doing wrong?
I also tried limiting memory using cgroups, but even with limit of 2MB, it can spawn
much more processes than I'd like, and 1MB is too low... Is it possible to limit
number of processes using cgroups? but I still think ulimit should be enough, but
what am I doing wrong here?
thanks a lot for any clues in advance, I'm really becoming desperate...
BR
nik
--
-------------------------------------
Ing. Nikola CIPRICH
LinuxBox.cz, s.r.o.
28.rijna 168, 709 00 Ostrava
tel.: +420 591 166 214
fax: +420 596 621 273
mobil: +420 777 093 799
http://www.linuxbox.cz
mobil servis: +420 737 238 656
email servis: [email protected]
-------------------------------------
On Mon 11-03-13 15:47:37, Nikola Ciprich wrote:
[...]
> I also tried limiting memory using cgroups, but even with limit of
> 2MB, it can spawn much more processes than I'd like, and 1MB is too
> low...
If you were using memory cgroup then be aware that the controller covers
only user space allocations by default which doesn't prevent forks from
creating new processes.
> Is it possible to limit number of processes using cgroups?
You might be interested in KMEM (CONFIG_MEMCG_KMEM) extension for memory
cgroup (see Documentation/cgroups/memory.txt "2.7 Kernel Memory Extension
(CONFIG_MEMCG_KMEM)" for more information)
--
Michal Hocko
SUSE Labs