How to increase ulimit on Amazon EC2 instance?

Question

After SSH'ing into an EC2 instance running the Amazon Linux AMI, I tried:

ulimit -n 20000

...and got the following error:

-bash: ulimit: open files: cannot modify limit: Operation not permitted

However, the shell allows me to decrease this number, for the current session only.

Is there anyway to increase the ulimit on an EC2 instance (permanently)?

Answer 1

In fact, changing values through the ulimit command only applies to the current shell session. If you want to permanently set a new limit, you must edit the /etc/security/limits.conf file and set your hard and soft limits. Here's an example:

# <domain> <type> <item>  <value>
    *       soft  nofile  20000
    *       hard  nofile  20000

Save the file, log-out, log-in again and test the configuration through the ulimit -n command. Hope it helps.

P.S. 1: Keep the following in mind:

• Soft limit: value that the kernel enforces for the corresponding resource.
• Hard limit: works as a ceiling for the soft limit.

P.S. 2: Additional files in /etc/security/limits.d/ might affect what is configured in limits.conf.

Answer 2

Thank you for the answer. For me just updating /etc/security/limits.conf wasn't enough. Only the 'open files' ulimit -n was getting updated and nproc was not getting updated. After updating /etc/security/limits.d/whateverfile, nproc "ulimit -u" also got updated.

Steps:

• sudo vi /etc/security/limits.d/whateverfile
• Update limits set for nproc/ nofile
• sudo vi /etc/security/limits.conf

*  soft  nproc  65535
*  hard  nproc  65535
*  soft  nofile 65535
*  hard  nofile 65535

• Reboot the machine sudo reboot

P.S. I was not able to add it as a comment, so had to post as an answer.

Answer 3

I don't have enough rep points to comment...sorry for the fresh reply, but maybe this will keep someone from wasting an hour.

Viccari's answer finally solved this headache for me. Every other source tells you to edit the limits.conf file, and if that doesn't work, to add

session   required    pam_limits.so

to the /etc/pam.d/common-session file

DO NOT DO THIS!

I'm running an Ubuntu 18.04.5 EC2 instance, and this locked me out of SSH entirely. I could log in, but as soon as it was about to drop me into a prompt, it dropped my connection (I even saw all the welcome messages and stuff). Verbose showed this as the last error:

fd 1 is not O_NONBLOCK

and I couldn't find an answer to what that meant. So, after shutting down the instance, waiting about an hour to snapshot the volume, and then mounting it to another running instance, I removed the edit to the common-session file and bam, SSH login worked again.

The fix that worked for me was looking for files in the /etc/security/limits.d/ folder, and editing those.

(and no, I did not need to reboot to get the new limits, just log out and back in)