Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Haproxy : kern.maxfiles limit exceeded by uid 80

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      th3penguinwhisperer
      last edited by

      Hi all,

      This is my first post here. Not sure if this is the right place to put it.

      We have haproxy running for loadbalancing and for some use its SSL offloading capabilities too.
      We already seen a few times that haproxy doesn't seem to function anymore while all backend nodes do.
      I noticed in the logs the message "kern.maxfiles limit exceeded by uid 80".
      I restarted haproxy to resolve the issue. And haproxy is also running as uid 80 so I'm pretty sure this is an issue with HAproxy.

      Anyone an idea what might be causing this or a direction in which I should look?

      I changed the value of kern.maxfiles to 32000. However that probably wont handle the root cause. Or maybe there were just too many open connections?

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        On the settings tab of haproxy-devel you can read that these 2 sysctl settings need to be 2*maxconn 'kern.maxfiles', 'kern.maxfilesperproc' and then some more.. If thats not the case you could indeed see strange issues.

        Check on the stats page (if its still working when you have that issue) what kind of connection counts are used.

        1 Reply Last reply Reply Quote 0
        • T
          th3penguinwhisperer
          last edited by

          Thanks for the response.

          I got 500 connections per backend configured.
          1 process running.

          I see this listed:
          Current memory usage: 19772 19772 19772 27964 kB.
          Current 'System Tunables' settings.
            'kern.maxfiles': 12328
            'kern.maxfilesperproc': 11095

          First line looks like a bug. I'm pretty sure I highered maxfiles and maxfilesperproc. But it should still be plenty enough as 500*2 + 31 = 1031

          1 Reply Last reply Reply Quote 0
          • P
            PiBa
            last edited by

            The first line shows that 4 haproxy processes are running, if you have long living sessions, and a few applied config changes that could be fine.. It could also mean a few did not shutdown properly.. You might want to check the pfsense systemlog it should show what pid was running and what gets started..(if package was recently re- installed)

            Either way it seems indeed maxproc is high enough for haproxy…

            What you could try is to install lsof, and check for open handles. Not sure if that will work..

            lsof | awk '{print $2}' | sort | uniq -c | sort -n

            then check if the pid of haproxy indeed has a high number of handles.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.