0

The operating system is Centos 7, I am using Test Kitchen 1.13.2 and centos-7.2 default vagrant box.

I need nproc to be above a certain limit for one user, for this I modified /etc/security/limits.d/20-nproc.conf (Which overrides /etc/security/limits.conf) and added

myuser    soft    nproc    99999

However, after rebooting the VM created by kitchen and I log via kitchen login and run ulimit -a I see this:

core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1878
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1878
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

I am afraid there is something in the way Kitchen connects to the VMs it generates that does not load limits.conf configuration. Any idea how to be able to test this locally on Kitchen?

Navarro
  • 1,284
  • 2
  • 17
  • 40

1 Answers1

1

When you login using kitchen login default user is vagrant, if you want to check limits for user myuser, run:

  1. sudo su -
  2. su -l myuser
  3. ulimit -a

It works for me ;-)

Szymon
  • 1,525
  • 1
  • 11
  • 12
  • 1
    `sudo su -l myuser` should do also and save a bash process and a context switch – Tensibai Dec 15 '16 at 09:04
  • The main problem is that if the user needs to have a certain ulimit set to a process start (Like Elasticsearch with nproc), the process fails on every kitchen run and I can't build tests around it running as it should. It seems to be more an issue about how Chef impersonates the users that start a service. :( – Navarro Dec 15 '16 at 09:49
  • Chef doesn't impersonate user, init script does. Maybe you don't create limit file early enough? However this is 'an issue' for another question. – Szymon Dec 15 '16 at 10:43
  • Maybe you're right. Or maybe is more a question related with Vagrant as a Kitchen driver. The strange thing here is that I don't face this issue when loading my policyfiles in real machines instead of the Kitchen-Vagrant's VMs. – Navarro Dec 15 '16 at 14:40