从PostgreSQL支持100万个连接聊起
背景
100万个数据库连接,绝逼疯了,常人怎么会干这种事情。
没错,数据库支持100万个连接意味着什么呢?不能用连接池吗?
除了抱着玩一玩的心态,也能了解到操作系统层的一些知识,何乐不为?
碰壁
根据我前几天写的《如何度量Kernel Resources for PostgreSQL》,我们可以评估得出,如果要支持100万个数据库客户端连接,操作系统应该如何配置。
https://yq.aliyun.com/articles/58690
但是实际上能如愿吗?
以PostgreSQL 9.5为例,100万个连接,需要多少信号量?
1. 需要多少组信号量?
SEMMNI >= (max_connections + max_worker_processes + autovacuum_max_workers + 5) / 16
100万连接,SEMMNI >= 62500
2. 需要多少信号量?
SEMMNS >= ((max_connections + max_worker_processes + autovacuum_max_workers + 5) / 16) * 17 + 其他程序的需求
100万连接,SEMMNS >= 1062500
3. 每组需要多少信号量?
SEMMSL >= 17
测试环境如下
CentOS 6.x x64, 512GB内存。
kernel.sem = 18 2147483647 2147483646 512000000
max number of arrays = 512000000
max semaphores per array = 18
max semaphores system wide = 2147483647
max ops per semop call = 2147483646
以上内核配置,信号量完全满足100万连接需求。
那么数据库能启动吗?
vi postgresql.conf
max_connections = 1000000
pg_ctl start
启动失败。
原因分析
报错来自如下代码:
使用semget创建sem失败。
src/backend/port/sysv_sema.c
/*
76 * InternalIpcSemaphoreCreate
77 *
78 * Attempt to create a new semaphore set with the specified key.
79 * Will fail (return -1) if such a set already exists.
80 *
81 * If we fail with a failure code other than collision-with-existing-set,
82 * print out an error and abort. Other types of errors suggest nonrecoverable
83 * problems.
84 */
85 static IpcSemaphoreId
86 InternalIpcSemaphoreCreate(IpcSemaphoreKey semKey, int numSems)
87 {
88 int semId;
89
90 semId = semget(semKey, numSems, IPC_CREAT | IPC_EXCL | IPCProtection);
91
92 if (semId < 0)
93 {
94 int saved_errno = errno;
95
96 /*
97 * Fail quietly if error indicates a collision with existing set. One
98 * would expect EEXIST, given that we said IPC_EXCL, but perhaps we
99 * could get a permission violation instead? Also, EIDRM might occur
100 * if an old set is slated for destruction but not gone yet.
101 */
102 if (saved_errno == EEXIST || saved_errno == EACCES
103 #ifdef EIDRM
104 || saved_errno == EIDRM
105 #endif
106 )
107 return -1;
108
109 /*
110 * Else complain and abort
111 */
112 ereport(FATAL,
113 (errmsg("could not create semaphores: %m"),
114 errdetail("Failed system call was semget(%lu, %d, 0%o).",
115 (unsigned long) semKey, numSems,
116 IPC_CREAT | IPC_EXCL | IPCProtection),
117 (saved_errno == ENOSPC) ?
118 errhint("This error does *not* mean that you have run out of disk space. "
119 "It occurs when either the system limit for the maximum number of "
120 "semaphore sets (SEMMNI), or the system wide maximum number of "
121 "semaphores (SEMMNS), would be exceeded. You need to raise the "
122 "respective kernel parameter. Alternatively, reduce PostgreSQL's "
123 "consumption of semaphores by reducing its max_connections parameter.\n"
124 "The PostgreSQL documentation contains more information about "
125 "configuring your system for PostgreSQL.") : 0));
126 }
127
128 return semId;
129 }
semget之所以失败,并不是kernel.sem的配置问题,而是操作系统内核的宏限制。
sem的分组数量不能大于semvmx,也就是说,最多能开50多万个连接。
操作系统内核代码如下
kernels/xxx.x86_64/include/uapi/linux/sem.h
#define SEMMNI 128 /* <= IPCMNI max # of semaphore identifiers */
#define SEMMSL 250 /* <= 8 000 max num of semaphores per id */
#define SEMMNS (SEMMNI*SEMMSL) /* <= INT_MAX max # of semaphores in system */
#define SEMOPM 32 /* <= 1 000 max num of ops per semop call */
#define SEMVMX 32767 /* <= 32767 semaphore maximum value */
#define SEMAEM SEMVMX /* adjust on exit max value */
/* unused */
#define SEMUME SEMOPM /* max num of undo entries per process */
#define SEMMNU SEMMNS /* num of undo structures system wide */
#define SEMMAP SEMMNS /* # of entries in semaphore map */
#define SEMUSZ 20 /* sizeof struct sem_undo */
超过32767个array后会报错
$ ipcs -u
------ Semaphore Status --------
used arrays = 32768
allocated semaphores = 557056
$ pg_ctl start
FATAL: could not create semaphores: No space left on device
DETAIL: Failed system call was semget(1953769, 17, 03600).
HINT: This error does *not* mean that you have run out of disk space.
It occurs when either the system limit for the maximum number of semaphore sets (SEMMNI),
or the system wide maximum number of semaphores (SEMMNS), would be exceeded.
You need to raise the respective kernel parameter.
Alternatively, reduce PostgreSQL's consumption of semaphores by reducing its max_connections parameter.
The PostgreSQL documentation contains more information about configuring your system for PostgreSQL.
使用ipcs -l也能查看到当前值
semaphore max value = 32767
这个值只能重新编译内核来修改。
在semctl和semop的手册中也能看到,有此说法。
man semctl
SEMVMX Maximum value for semval: implementation dependent (32767).
man semop
SEMVMX Maximum allowable value for semval: implementation dependent (32767).
The implementation has no intrinsic limits for the adjust on exit maximum value (SEMAEM), the system wide maximum number of undo structures (SEMMNU) and the per-process maximum number of undo entries system
parameters.
100万连接没戏了吗?
当然可以办到。
例如修改SEMVMX,并重新编译内核显然是一条路,但是还有其他路子吗?
柳暗花明又一春, PostgreSQL 支持POSIX sem
我们前面看到,报错的代码是
InternalIpcSemaphoreCreate@src/backend/port/sysv_sema.c
查看对应头文件,发现PG支持几种创建信号量的方式,真的是柳暗花明又一春 :
sysv, posix(named , unamed), win32
对应的头文件源码如下
src/include/storage/pg_sema.h
/*
* PGSemaphoreData and pointer type PGSemaphore are the data structure
* representing an individual semaphore. The contents of PGSemaphoreData
* vary across implementations and must never be touched by platform-
* independent code. PGSemaphoreData structures are always allocated
* in shared memory (to support implementations where the data changes during
* lock/unlock).
*
* pg_config.h must define exactly one of the USE_xxx_SEMAPHORES symbols.
*/
#ifdef USE_NAMED_POSIX_SEMAPHORES
#include <semaphore.h>
typedef sem_t *PGSemaphoreData;
#endif
#ifdef USE_UNNAMED_POSIX_SEMAPHORES
#include <semaphore.h>
typedef sem_t PGSemaphoreData;
#endif
#ifdef USE_SYSV_SEMAPHORES
typedef struct PGSemaphoreData
{
int semId; /* semaphore set identifier */
int semNum; /* semaphore number within set */
} PGSemaphoreData;
#endif
#ifdef USE_WIN32_SEMAPHORES
typedef HANDLE PGSemaphoreData;
#endif
其中posix的named和unamed分别使用如下系统调用
posix named 方式创建信号 :
mySem = sem_open(semname, O_CREAT | O_EXCL,
(mode_t) IPCProtection, (unsigned) 1);
posix unamed 方式创建信号 :
sem_init(sem, 1, 1)
posix源码如下,注意用到的宏
src/backend/port/posix_sema.c
#ifdef USE_NAMED_POSIX_SEMAPHORES
/*
* PosixSemaphoreCreate
*
* Attempt to create a new named semaphore.
*
* If we fail with a failure code other than collision-with-existing-sema,
* print out an error and abort. Other types of errors suggest nonrecoverable
* problems.
*/
static sem_t *
PosixSemaphoreCreate(void)
{
int semKey;
char semname[64];
sem_t *mySem;
for (;;)
{
semKey = nextSemKey++;
snprintf(semname, sizeof(semname), "/pgsql-%d", semKey);
mySem = sem_open(semname, O_CREAT | O_EXCL,
(mode_t) IPCProtection, (unsigned) 1);
#ifdef SEM_FAILED
if (mySem != (sem_t *) SEM_FAILED)
break;
#else
if (mySem != (sem_t *) (-1))
break;
#endif
/* Loop if error indicates a collision */
if (errno == EEXIST || errno == EACCES || errno == EINTR)
continue;
/*
* Else complain and abort
*/
elog(FATAL, "sem_open(\"%s\") failed: %m", semname);
}
/*
* Unlink the semaphore immediately, so it can't be accessed externally.
* This also ensures that it will go away if we crash.
*/
sem_unlink(semname);
return mySem;
}
#else /* !USE_NAMED_POSIX_SEMAPHORES */
/*
* PosixSemaphoreCreate
*
* Attempt to create a new unnamed semaphore.
*/
static void
PosixSemaphoreCreate(sem_t * sem)
{
if (sem_init(sem, 1, 1) < 0)
elog(FATAL, "sem_init failed: %m");
}
#endif /* USE_NAMED_POSIX_SEMAPHORES */
从src/include/storage/pg_sema.h 可以看到,在pg_config.h中必须有一个指定的USE_xxx_SEMAPHORES symbols。
这个symbol不是直接设置pg_config.h来的,是在configure时设置的,会自动加到pg_config.h 。
Select semaphore implementation type.
if test "$PORTNAME" != "win32"; then
if test x"$USE_NAMED_POSIX_SEMAPHORES" = x"1" ; then
$as_echo "#define USE_NAMED_POSIX_SEMAPHORES 1" >>confdefs.h
SEMA_IMPLEMENTATION="src/backend/port/posix_sema.c"
else
if test x"$USE_UNNAMED_POSIX_SEMAPHORES" = x"1" ; then
$as_echo "#define USE_UNNAMED_POSIX_SEMAPHORES 1" >>confdefs.h
SEMA_IMPLEMENTATION="src/backend/port/posix_sema.c"
else
$as_echo "#define USE_SYSV_SEMAPHORES 1" >>confdefs.h
SEMA_IMPLEMENTATION="src/backend/port/sysv_sema.c"
fi
fi
else
$as_echo "#define USE_WIN32_SEMAPHORES 1" >>confdefs.h
SEMA_IMPLEMENTATION="src/backend/port/win32_sema.c"
fi
默认使用SYSV,如果要使用其他的sem方法。
可以这么做
export USE_UNNAMED_POSIX_SEMAPHORES=1
LIBS=-lpthread ./configure --prefix=/home/digoal/pgsql9.5
记得加-lpthread ,否则报错
/bin/ld: port/pg_sema.o: undefined reference to symbol 'sem_close@@GLIBC_2.2.5'
/bin/ld: note: 'sem_close@@GLIBC_2.2.5' is defined in DSO /lib64/libpthread.so.0 so try adding it to the linker command line
/lib64/libpthread.so.0: could not read symbols: Invalid operation
collect2: error: ld returned 1 exit status
make[2]: *** [postgres] Error 1
make[2]: Leaving directory `/home/digoal/postgresql-9.5.3/src/backend'
make[1]: *** [all-backend-recurse] Error 2
make[1]: Leaving directory `/home/digoal/postgresql-9.5.3/src'
make: *** [world-src-recurse] Error 2
通过这些系统调用的Linux编程帮助文档,了解一下posix的信号量管理
man sem_overview
man sem_init , unnamed sem
man sem_open , named sem
EINVAL value was greater than SEM_VALUE_MAX.
可以得知sem_open 也受到semvmx的限制
因此为了在不修改内核的情况下,实现PostgreSQL支持100万个连接,甚至更多。
必须使用USE_UNNAMED_POSIX_SEMAPHORES
开工,让PostgreSQL支持100万个连接
使用USE_UNNAMED_POSIX_SEMAPHORES编译
export USE_UNNAMED_POSIX_SEMAPHORES=1
LIBS=-lpthread ./configure --prefix=/home/digoal/pgsql9.5
make world -j 32
make install-world -j 32
修改参数,允许100万个连接
vi postgresql.conf
max_connections = 1000000
重启数据库
pg_ctl restart -m fast
测试100万个数据库并发连接
pgbench是很好的测试工具,只不过限制了1024个连接,为了支持100万个连接测试,需要修改一下。
代码
vi src/bin/pgbench/pgbench.c
#ifdef WIN32
#define FD_SETSIZE 1024 /* set before winsock2.h is included */
#endif /* ! WIN32 */
/* max number of clients allowed */
#ifdef FD_SETSIZE
#define MAXCLIENTS (FD_SETSIZE - 10)
#else
#define MAXCLIENTS 1024
#endif
case 'c':
benchmarking_option_set = true;
nclients = atoi(optarg);
if (nclients <= 0) // 改一下这里 || nclients > MAXCLIENTS)
{
fprintf(stderr, "invalid number of clients: \"%s\"\n",
optarg);
exit(1);
}
测试表
postgres=# create unlogged table test(id int, info text);
CREATE TABLE
测试脚本
vi test.sql
\setrandom s 1 100
select pg_sleep(:s);
insert into test values (1,'test');
继续碰壁
1. 开始压测,遇到第一个问题
pgbench -M prepared -n -r -f ./test.sql -c 999900 -j 1 -T 10000
need at least 999903 open files, but system limit is 655360
Reduce number of clients, or use limit/ulimit to increase the system limit.
这个问题还好,是打开文件数受限,改一些限制就可以解决
修改ulimit
vi /etc/security/limits.conf
* soft nofile 1048576
* hard nofile 1048576
* soft noproc 10000000
* hard noproc 10000000
* soft memlock unlimited
* hard memlock unlimited
修改内核参数
sysctl -w fs.file-max=419430400000
2. 重测,再次遇到问题,原因是pgbench使用了ip地址连接PG,导致pgbench的动态端口耗尽。
pgbench -M prepared -n -r -f ./test.sql -c 999900 -j 1 -T 10000
connection to database "postgres" failed:
could not connect to server: Cannot assign requested address
Is the server running on host "127.0.0.1" and accepting
TCP/IP connections on port 1921?
transaction type: Custom query
scaling factor: 1
query mode: prepared
number of clients: 999900
number of threads: 1
duration: 10000 s
number of transactions actually processed: 0
换成unix socket连接即可解决。
pgbench -M prepared -n -r -f ./test.sql -c 999900 -j 1 -T 10000 -h $PGDATA
connection to database "postgres" failed:
could not fork new process for connection: Cannot allocate memory
could not fork new process for connection: Cannot allocate memory
transaction type: Custom query
scaling factor: 1
query mode: prepared
number of clients: 999900
number of threads: 1
duration: 10000 s
number of transactions actually processed: 0
3. 不能fork new process,后面跟了个Cannot allocate memory这样的提示,我看了当前的配置
vm.swappiness = 0
vm.overcommit_memory = 0
于是我加了交换分区,同时改了几个参数
dd if=/dev/zero of=./swap1 bs=1024k count=102400 oflag=direct
mkswap ./swap1
swapon ./swap1
sysctl -w vm.overcommit_memory=1 (always over commit)
sysctl -w vm.swappiness=1
重新测试,发现还是有问题
pgbench -M prepared -n -f ./test.sql -c 999900 -j 1 -T 10000 -h $PGDATA
could not fork new process for connection: Cannot allocate memory
使用以下手段观测,发现在约连接到 65535 时报错。
sar -r 1 10000
psql
select count(*) from pg_stat_activity;
\watch 1
找到了根源,是内核限制了
kernel.pid_max=65535
修改一下这个内核参数
sysctl -w kernel.pid_max=4096000
支持百万连接目标达成
重新测试
pgbench -M prepared -n -f ./test.sql -c 999900 -j 1 -T 10000 -h $PGDATA
继续观测
psql
select count(*) from pg_stat_activity;
\watch 1
sar -r 1 10000
连接到26万时,内存用了约330GB,每个连接1MB左右。
看起来应该没有问题了,只要内存足够是可以搞定100万连接的。
小结
为了让PostgreSQL支持100万个并发连接,除了资源(主要是内存)要给足。
数据库本身编译也需要注意,还需要操作系统内核也需要一些调整。
1. 编译PostgreSQL 时使用 posix unname sem 。
export USE_UNNAMED_POSIX_SEMAPHORES=1
LIBS=-lpthread ./configure --prefix=/home/digoal/pgsql9.5
make world -j 32
make install-world -j 32
如果你不打算使用unnamed posix sem,那么务必重新编译操作系统内核,增加SEMVMX.
2. 打开文件数限制
ulimit
vi /etc/security/limits.conf
* soft nofile 1048576
* hard nofile 1048576
* soft noproc 10000000
* hard noproc 10000000
修改内核参数
sysctl -w fs.file-max=419430400000
3. 使用unix socket
突破pgbench测试时,动态端口数量限制。
4. 每个连接约1MB,100万个连接,需要约1TB内存,需要给足内存。
启用swap
dd if=/dev/zero of=./swap1 bs=1024k count=102400 oflag=direct
mkswap ./swap1
swapon ./swap1
.
.
sysctl -w vm.overcommit_memory=0
sysctl -w vm.swappiness=1
实际上还是发生了OOM,而且hang了很久。
[67504.841109] Memory cgroup out of memory: Kill process 385438 (pidof) score 721 or sacrifice child
[67504.850566] Killed process 385438, UID 0, (pidof) total-vm:982240kB, anon-rss:978356kB, file-rss:544kB
[67517.496404] pidof invoked oom-killer: gfp_mask=0xd0, order=0, oom_adj=0, oom_score_adj=0
[67517.496407] pidof cpuset=/ mems_allowed=0
[67517.496410] Pid: 385469, comm: pidof Tainted: G --------------- H
5. 最大PID值的限制
加大
sysctl -w kernel.pid_max=4096000
6. pgbench客户端的限制
修改源码,支持无限连接。
7. ipcs不统计posix sem的信息,所以使用posix sem后ipcs看不到用了多少sem.
8\ System V 与 POSIX sem
NOTES
System V semaphores (semget(2), semop(2), etc.) are an older semaphore API.
POSIX semaphores provide a simpler, and better designed interface than System V semaphores;
on the other hand POSIX semaphores are less widely available (especially on older systems) than System V semaphores.
参考
《DBA不可不知的操作系统内核参数》
https://yq.aliyun.com/articles/58751
《如何度量Kernel Resources for PostgreSQL》
https://yq.aliyun.com/articles/58690
有名信号量sem_open和内存信号量sem_init创建信号量的区别
http://blog.chinaunix.net/uid-16813896-id-4711204.html
sem_t sem sem_open(const char *name, int oflag, …/mode_t mode,unsinged int value) ;
int sem_init(sem_t *sem,int shared, unsigned int value);
区别:
1.创建有名信号量必须指定一个与信号量相关链的文件名称,这个name通常是文件系统中的某个文件。
基于内存的信号量不需要指定名称
2.有名信号量sem 是由sem_open分配内存并初始化成value值
基于内存的信号量是由应用程序分配内存,有sem_init初始化成为value值。如果shared为1,则分配的信号量应该在共享内存中。
3.sem_open不需要类似shared的参数,因为有名信号量总是可以在不同进程间共享的
而基于内存的信号量通过shared参数来决定是进程内还是进程间共享,并且必须指定相应的内存
4.基于内存的信号量不使用任何类似于O_CREAT标志的东西,也就是说,sem_init总是初始化信号量的值,因此,对于一个给定的信号量,我们必须小心保证只调用sem_init一次,对于一个已经初始化过的信号量调用sem_init,结果是未定义的。
5.内存信号量通过sem_destroy删除信号量,有名信号量通过sem_unlink删除