⚙️ Setting Process Resource Limits: Simple Guide

Let’s learn how to set process resource limits in Alpine Linux! This helps control how much CPU, memory, and other resources programs can use. Pretty important for keeping your system stable.

🤔 What are Resource Limits?

Resource limits control how much system stuff a process can use. Think of it like setting rules for programs - “you can only use this much memory” or “you can only run for this long.”

Here’s what you can limit:

• Memory usage (RAM)
• CPU time
• Number of files opened
• Process count
• File sizes

🎯 What You Need

Before starting, make sure you have:

• Alpine Linux running
• Root or sudo access
• A terminal open
• About 10 minutes

📋 Step 1: Check Current Limits

First, let’s see your current limits:

ulimit -a

You’ll see something like:

core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited

📋 Step 2: Set Temporary Limits

Let’s set some basic limits for your current session:

# Limit memory to 512MB
ulimit -m 524288

# Limit CPU time to 60 seconds
ulimit -t 60

# Limit file size to 100MB
ulimit -f 102400

These only last until you log out!

📋 Step 3: Test Resource Limits

Let’s test if limits work:

# Create a test script
cat > test-limits.sh << 'EOF'
#!/bin/sh
echo "Starting resource test..."
# This tries to use lots of memory
dd if=/dev/zero of=/dev/null bs=1M count=1000
EOF

chmod +x test-limits.sh
./test-limits.sh

📋 Step 4: Set Permanent Limits

To make limits permanent, edit /etc/security/limits.conf:

# First, install pam if needed
apk add linux-pam

# Edit limits file
vi /etc/security/limits.conf

Add these lines:

# Limit all users
* soft nproc 1024
* hard nproc 2048
* soft nofile 1024
* hard nofile 4096

# Limit specific user
myuser soft nproc 512
myuser hard nproc 1024

📋 Step 5: Set Limits for Services

For services, create a limits file:

# For a specific service
mkdir -p /etc/systemd/system/myservice.service.d/
cat > /etc/systemd/system/myservice.service.d/limits.conf << EOF
[Service]
LimitNOFILE=4096
LimitNPROC=512
LimitAS=1G
EOF

For OpenRC (Alpine’s default):

# Edit service file
vi /etc/init.d/myservice

# Add limits
ulimit -n 4096  # File descriptors
ulimit -u 512   # Processes
ulimit -m 1048576  # Memory in KB

🎮 Practice Exercise

Try this hands-on exercise:

1. Set a low memory limit
2. Run a memory-hungry program
3. Watch it get limited
4. Adjust the limit

Here’s how:

# Set 50MB memory limit
ulimit -m 51200

# Try to use 100MB
dd if=/dev/zero of=/dev/null bs=1M count=100

# Check if it worked
echo $?

🚨 Troubleshooting Common Issues

Limits Not Working

If limits don’t apply:

# Check PAM configuration
grep pam_limits /etc/pam.d/*

# Add if missing
echo "session required pam_limits.so" >> /etc/pam.d/system-auth

Can’t Set Higher Limits

Getting “permission denied”?

# Check hard limits
ulimit -Ha

# Only root can raise hard limits
sudo sh -c 'ulimit -n 8192'

Service Ignoring Limits

For stubborn services:

# Check service limits
cat /proc/$(pidof myservice)/limits

# Force reload
rc-service myservice restart

💡 Pro Tips

Tip 1: Different Limit Types

Understand soft vs hard limits:

# Soft limit (warning)
ulimit -S -n 1024

# Hard limit (absolute max)
ulimit -H -n 4096

Tip 2: Monitor Resource Usage

Keep an eye on usage:

# Watch process resources
top -p $(pidof myprocess)

# Check memory usage
ps aux | grep myprocess

Tip 3: Cgroup Limits

For better control, use cgroups:

# Create cgroup
mkdir -p /sys/fs/cgroup/memory/myapp

# Set 500MB limit
echo 524288000 > /sys/fs/cgroup/memory/myapp/memory.limit_in_bytes

# Add process to cgroup
echo $$ > /sys/fs/cgroup/memory/myapp/cgroup.procs

✅ Verification Steps

Let’s verify limits are working:

# Check current limits
ulimit -a

# Test file limit
ulimit -f 1024
dd if=/dev/zero of=testfile bs=1M count=2

# Should fail after 1MB!

🏆 What You Learned

Nice work! You can now:

• ✅ Check resource limits
• ✅ Set temporary limits
• ✅ Configure permanent limits
• ✅ Limit specific users
• ✅ Control service resources

Your system is now protected from runaway processes!

🎯 What’s Next?

Now that you understand resource limits, explore:

• Cgroup management
• Process priorities (nice values)
• System resource monitoring
• Performance tuning

Remember, good limits prevent one bad program from crashing everything. I’ve saved many systems this way! Start with generous limits and tighten as needed.

Keep your system healthy! 🚀