In this article:
Applicable to:
- Twingate Component: Connector
Overview
The underlying host of a Twingate Connector will typically be hosted on a Linux Distribution which has a default ulimit
value of 1024
. This includes file descriptors, that fall under the category of open sockets to Twingate Resources. If the total number of users connected to a connector x number of resources those users are connected to exceeds this limit, a Connector can go down.
Each Client tunnel consumes 8 transports, or 8 file descriptors. Which means that at most 128 active clients would be supported by a Connector running with the default value.
Symptoms
- Connector fails to send /heartbeat metrics
- Connector goes offline, and starts writing logs stating
too many open files
:
[ERROR] [connector] Failed to submit analytics events: Unexpected error: error sending request for url (https://analytics.twingate.com/v1/track): error trying to connect: dns error: Too many open files (os error 24)
Resolution
1. Increase the limit
On the underlying host, you can modify the allowance for the `ulimit` value, by increasing the limit like:
ulimit -n 2048
Be mindful the limit you increase to
2. Add Connectors
Increasing your Connector count should allow for better load balancing, to avoid this problem going forward, if both (or all) of your Connectors are hitting this limit, due to too many active connections to resources.
Exception
Connectors launched as AWS ECS Fargate Tasks do not allow you to modify the nofile
parameter of the underlying host's ulimit
value, per their documentation:
Amazon ECS tasks hosted on AWS Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which AWS Fargate overrides. The nofile resource limit sets a restriction on the number of open files that a container can use. The default nofile soft limit is 1024 and the default hard limit is 65535.