BUG/MINOR: limits: compute_ideal_maxconn: don't cap remain if fd_hard_limit=0

'global.fd_hard_limit' stays uninitialized, if haproxy is started with -m
(global.rlimit_memmax). 'remain' is the MAX between soft and hard process fd
limits. It will be always bigger than 'global.fd_hard_limit' (0) in this case.

So, if we reassign 'remain' to the 'global.fd_hard_limit' unconditionally,
calculated then 'maxconn' will be even negative and the DEFAULT_MAXCONN (100)
will be set as the 'ideal_maxconn'.

During the 'global.maxconn' calculations in set_global_maxconn(), if the
provided 'global.rlimit_memmax' is quite big, system will refuse to calculate
based on its 'global.maxconn' and we will do a fallback to the 'ideal_maxconn',
which is 100.

Same problem for the configs with SSL frontends and backends.

This fixes the issue #2899.

This should be backported to v3.1.0.

diff --git a/src/limits.c b/src/limits.c
index 83ddb37e4440b547623b76f040ed52fda090a724..e9ce8b8d736ea124b1689aaf15cab88d147edbd1 100644 (file)
--- a/src/limits.c
+++ b/src/limits.c
@@ -152,8 +152,14 @@ static int compute_ideal_maxconn()
        if (!is_any_limit_configured())
                global.fd_hard_limit = DEFAULT_MAXFD;
 
-       if (remain > global.fd_hard_limit)
+       if (global.fd_hard_limit && (remain > global.fd_hard_limit)) {
+               /* cap remain only when global.fd_hard_limit > 0, i.e.: either
+                * there were no any other limits set and it's defined by lines
+                * above as DEFAULT_MAXFD (100), or fd_hard_limit is explicitly
+                * provided in config.
+                */
                remain = global.fd_hard_limit;
+       }
 
        /* subtract listeners and checks */
        remain -= global.maxsock;