LINUX文件设置:
ulimit -n <num> ----> [/etc/profile,/.bashrc] ---->/etc/security/limits.conf [* soft|hard nofile <num> ] ------>/proc/sys/fs/nr_open-----> /proc/sys/fs/file-max ----->/etc/sysctl.conf
LINUX 连接设置:
ulimit -u <num> ------->[/etc/profile,/.bashrc]--------->/etc/security/limits.conf[* soft|hard nproc <num>]
mysql 应用程连接设置:my.cnf
[mysqld]
max_connections=4
max_connect_errors=
最大用户连接:
max_user_connections 3 //针对同一用户的链接
所有用户连接之和:
max_connections 4 //所有用户连接的和
实验:
会话1
[root@localhost ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.28-debug-log Source distribution Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
会话2
[root@localhost ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.28-debug-log Source distribution Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
会话3
[root@localhost ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.28-debug-log Source distribution Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
会话4:
[root@localhost ~]# mysql -uroot -p //root 用户 more than 'max_user_connections'
Enter password: ERROR (): User root already has more than 'max_user_connections' active connections [root@localhost ~]# mysql -umysql -p //mysql用户可登陆
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is
Server version: 5.6.-debug-log Source distribution Copyright (c) , , Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
会话5:
Last login: Thu Jul :: from 192.168.1.152
[root@localhost ~]# mysql -umysql -p
Enter password:
ERROR (): Too many connections 已超过最大连接数
[root@localhost ~]#
max_connect_errors:
mysql的这个参数指的是网络错误 密码错误并不算在内,尝试用for循环尝试密码的用户host并不会block 以下是mysql非常出名的分支percona的cto关于max_connect_errors的评论 There seems to be confusion around that variable. It does not really block hosts for repeated invalid passwords but for aborted connections due to network errors.
模拟网络错误:max_connect_errors=1
http://www.cnblogs.com/ivictor/p/5311607.html
[root@localhost ~]# telnet 192.168.1.26 3306
Trying 192.168.1.26...
Connected to 192.168.1.26 (192.168.1.26).
Escape character is '^]'.
jHost '192.168.1.26' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'Connection closed by foreign host.
[root@localhost ~]# mysql -h192.168.1.26 -p -uroot
Enter password:
ERROR 1129 (HY000): Host '192.168.1.26' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts' [root@localhost ~]# mysql -h192.168.1.26 -p -uroot
Enter password:
ERROR 1129 (HY000): Host '192.168.1.26' is blocked because of many connection errors; unblock with 'mysqladmin flush-host'
一、程序运行一段时间后,tomcat启动后,连接池不能使用,拿不到数据库连接,查看catalina.out发现如下错误:
[http-80-35] ERROR sls.database.DBConn - org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot create Poola
bleConnectionFactory (null, message from server: Host localhost is blocked because of many connection errors; unblock with mysqladmin flush-hosts) 二、出现的原因:
数据库的错误链接处达到最大,数据库服务器拒绝连接。
由于出现某台host连接错误次数等于max_connect_errors(默认10) ,主机'host_name'再次尝试时被屏蔽。可有效反的防止dos攻击,使用'mysqladmin flush-hosts'解除屏蔽。 【连接次数失败过多,并超过max_connect_erros的值后,服务器会直接拒绝来源机器的所有连接,只要把 mysql server默认 max_connect_errors = 10
把这个值设置大点就好了,记得一定要执行mysqladmin flush-hosts命令来解锁,原来的主机才可以恢复正常连接的.】
三、解决方案:
1.查看数据库允许的错误链接数:
show status 看那个abort_client.
2.运行:
mysqladmin flush-hosts命令,解除数据库的连接屏蔽,重新允许数据库被访问。 3.也可以重启mysql数据库,这样,也可以将错误链接数清零。 4.修改my.inf或者:my.cnf修改max_connect_errors的值,可以适当大些。
配置文件中,如果没有此键值,请在[mysqld]内增加该值。
# Maximum amount of errors allowed per host. If this limit is reached,
# the host will be blocked from connecting to the MySQL server until
# "FLUSH HOSTS" has been run or the server was restarted. Invalid
# passwords and other errors during the connect phase result in
# increasing this value. See the "Aborted_connects" status variable for
# global counter.
max_connect_errors = 8000
[mysqld]
max_connections=xx
max_connect_errors=xx
max_user_connections=xx