diff --git a/src/shrpx.cc b/src/shrpx.cc index 9f14c91e..25c164f5 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -37,6 +37,8 @@ #include #include #include +#include +#include #include #include @@ -879,6 +881,11 @@ Performance: --backend-http1-connections-per-host. Default: )" << get_config()->downstream_connections_per_frontend << R"( + --rlimit-nofile= + Set maximum number of open files (RLIMIT_NOFILE) + to . If 0 is given, nghttpx does not set the + limit. + Default: )" << get_config()->rlimit_nofile << R"( Timeout: --frontend-http2-read-timeout= @@ -1272,6 +1279,7 @@ int main(int argc, char **argv) { {"backend-http1-connections-per-frontend", required_argument, &flag, 67}, {"tls-ticket-key-file", required_argument, &flag, 68}, + {"rlimit-nofile", required_argument, &flag, 69}, {nullptr, 0, nullptr, 0}}; int option_index = 0; @@ -1585,6 +1593,10 @@ int main(int argc, char **argv) { // --tls-ticket-key-file cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_FILE, optarg); break; + case 69: + // --rlimit-nofile + cmdcfgs.emplace_back(SHRPX_OPT_RLIMIT_NOFILE, optarg); + break; default: break; } @@ -1838,6 +1850,15 @@ int main(int argc, char **argv) { } } + if (get_config()->rlimit_nofile) { + struct rlimit lim = {get_config()->rlimit_nofile, + get_config()->rlimit_nofile}; + if (setrlimit(RLIMIT_NOFILE, &lim) != 0) { + auto error = errno; + LOG(WARN) << "Setting rlimit-nofile failed: " << strerror(error); + } + } + if (get_config()->upstream_frame_debug) { // To make it sync to logging set_output(stderr); diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 1a3362a5..c0b728cb 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -139,6 +139,7 @@ const char SHRPX_OPT_BACKEND_HTTP1_CONNECTIONS_PER_FRONTEND[] = "backend-http1-connections-per-frontend"; const char SHRPX_OPT_LISTENER_DISABLE_TIMEOUT[] = "listener-disable-timeout"; const char SHRPX_OPT_TLS_TICKET_KEY_FILE[] = "tls-ticket-key-file"; +const char SHRPX_OPT_RLIMIT_NOFILE[] = "rlimit-nofile"; namespace { Config *config = nullptr; @@ -1109,6 +1110,24 @@ int parse_config(const char *opt, const char *optarg) { return 0; } + if (util::strieq(opt, SHRPX_OPT_RLIMIT_NOFILE)) { + int n; + + if (parse_uint(&n, opt, optarg) != 0) { + return -1; + } + + if (n < 0) { + LOG(ERROR) << opt << ": specify the integer more than or equal to 0"; + + return -1; + } + + mod_config()->rlimit_nofile = n; + + return 0; + } + if (util::strieq(opt, "conf")) { LOG(WARN) << "conf: ignored"; diff --git a/src/shrpx_config.h b/src/shrpx_config.h index d739398d..4c51b62a 100644 --- a/src/shrpx_config.h +++ b/src/shrpx_config.h @@ -127,6 +127,7 @@ extern const char SHRPX_OPT_BACKEND_HTTP1_CONNECTIONS_PER_HOST[]; extern const char SHRPX_OPT_BACKEND_HTTP1_CONNECTIONS_PER_FRONTEND[]; extern const char SHRPX_OPT_LISTENER_DISABLE_TIMEOUT[]; extern const char SHRPX_OPT_TLS_TICKET_KEY_FILE[]; +extern const char SHRPX_OPT_RLIMIT_NOFILE[]; union sockaddr_union { sockaddr sa; @@ -255,6 +256,7 @@ struct Config { size_t worker_write_burst; size_t padding; size_t worker_frontend_connections; + size_t rlimit_nofile; // Bit mask to disable SSL/TLS protocol versions. This will be // passed to SSL_CTX_set_options(). long int tls_proto_mask;