How do ulimit -n and /proc/sys/fs/file-max differ?

Question

I notice that on a new CentOS image that I just booted up off of EC2 that the ulimit default is 1024 open files, but /proc/sys/fs/file-max is set at 761,408 and I'm wondering how these two limits work together. I'm guessing that ulimit -n is a per-user limit of number of file descriptors while /proc/sys/fs/file-max is system-wide? If that's the case, say I've logged in twice as the same user -- does each logged-in user have a 1024 limit on number of open files, or is it a limit of 1024 combined open files between each of those logged-in users?

And is there much performance impact to setting your max file descriptors to a very high number, if your system isn't ever opening very many files?

Answer 1

file-max is the maximum File Descriptors (FD) enforced on a kernel level, which cannot be surpassed by all processes without increasing. The ulimit is enforced on a process level, which can be less than the file-max.

There is no performance impact risk by increasing file-max. Modern distributions have the maximum FD set pretty high, whereas in the past it required kernel recompilation and modification to increase past 1024. I wouldn't increase system-wide unless you have a technical need.

The per-process configuration often needs tuned for serving a particular daemon be it either a database or a Web server. If you remove the limit entirely, that daemon could potentially exhaust all available system resources; meaning you would be unable to fix the problem except by pressing the reset button or power cycling. Of course, either of those is likely to result in corruption of any open files.

Answer 2

The limitation of ulimit is per unique user. So user1, regardless of how many times logged in or processes running, would be limited to 1024. It's combined.

I am not sure if I completely understand the meaning of that sentence (English is not my mother tongue) If that sentence means the ulimit configuration for file descriptors is not a per-process limitation, the accepted answer (AFAIK) is wrong.

What I mean is, if some user has launched 4 processes and the ulimit configuration for FDs is 1024, each process may open 1024 FDs. The user is not going to be limited to 1024 FDs but the processes which are launched by that user.

For example:

me@superme:~$ ulimit -n
1024
me@superme:~$ lsof | grep $USER | wc -l
8145

Here a perl example where we reach the limit (it is a per-process limit):

#!/usr/bin/perl

$count = 0;
@filedescriptors;

while ($count <= 1024) {
    $FILE = ${count};
    open $FILE, ">", "/tmp/example$count" or die "\n\n FDs: $count $!";
    push(@filedescriptors, $FILE);
    $count ++;
}

Result:

FDs: 1021 Too many open files at ./test.pl line 8.

1021 because there were 3 open file descriptors before reaching the while loop (stdout, stdin and stderr)

Sorry if I am completely wrong or I misunderstood the answer.