Hello,
We've got a pretty substantial dovecot installation (versions 2.1.7 and 2.2.13 on the backends, but tested with 2.2.24 as well) and this is the relevant config snippet from 10-master.conf:
default_process_limit = 1024 default_client_limit = 16384
[...]
service imap { # Most of the memory goes to mmap()ing files. You may need to increase this # limit if you have huge mailboxes. #vsz_limit = $default_vsz_limit vsz_limit = 512M
# Max. number of IMAP processes (connections) #process_limit = 1024 process_limit = 524288 }
service pop3 { # Max. number of POP3 processes (connections) process_limit = 2048 # Reduce spawns from hell service_count = 100 }
The above works fine, no warnings.
Since 2 of our mailbox servers get a high number (2million/day) of IMAP logins and resulting mail process spawns, I pondered doing the service count bit for IMAP as well.
But adding a "service_count = 100" line (any value larger than 1 really) to the imap section we get the dreaded:
Nov 28 17:05:40 mbx09 dovecot: config: Warning: service auth { client_limit=16384} is lower than required under max. load (528384)
And that's quite true, once reaching that limit auth will pile up and fail eventually.
Clearly the pop3 part with a max of 2048 processes (we see about 300 at peak times) neatly fits into the client limit of 16384.
Now setting the client limit in the auth section to the required value of course will do no real good in this scenario, as the fd limit becomes the next bottleneck and I'm not going to raise that to 500k, thank you very much. ^o^
So basically my questions here are:
Where's the difference in Dovecot's logic between a mail service that has a service count of 1 versus one with >1?
Any way to get the process recycling for IMAP going w/o setting the fd limit to a ridiculous amount?
Thanks,
Christian
Christian Balzer Network/Systems Engineer
chibi@gol.com Global OnLine Japan/Rakuten Communications
http://www.gol.com/