tiup: clarify limits.conf behavior in no-sudo mode

[doc-claw-bot]

What is changed, added or deleted? (Required)

This PR updates the TiUP no-sudo documentation to clarify how resource limits take effect for the per-user systemd manager.

• Clarify that /etc/security/limits.conf might be applied through PAM when user@<UID>.service starts, but the effective Max open files value still depends on the limits obtained by the user manager itself.
• Add a verification step to check the effective Max open files value of the running user@${uid}.service.
• Add a documented fallback: if the effective value is still too low, configure a system-level drop-in for user@${uid}.service with LimitNOFILE=1000000.
• Explain that restarting user@${uid}.service stops all user services managed by that user, so existing clusters should be stopped first or handled in a maintenance window.

Which TiDB version(s) do your changes apply to? (Required)

Tips for choosing the affected version(s):

By default, CHOOSE MASTER ONLY so your changes will be applied to the next TiDB major or minor releases. If your PR involves a product feature behavior change or a compatibility change, CHOOSE THE AFFECTED RELEASE BRANCH(ES) AND MASTER.

For details, see tips for choosing the affected versions (in Chinese).

• master (the latest development version)
• v9.0 (TiDB 9.0 versions)
• v8.5 (TiDB 8.5 versions)
• v8.1 (TiDB 8.1 versions)
• v7.5 (TiDB 7.5 versions)
• v7.1 (TiDB 7.1 versions)
• v6.5 (TiDB 6.5 versions)
• v6.1 (TiDB 6.1 versions)

What is the related PR or file link(s)?

• Other reference link(s): https://docs.pingcap.com/tidb/stable/tiup-cluster-no-sudo-mode/
• systemd reference: https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html
• TiUP service template reference: https://github.com/pingcap/tiup/blob/0ca2354a289c34bf3a6a90871e1dcdc293409f11/embed/templates/systemd/system.service.tpl

Do your changes match any of the following descriptions?

• Delete files
• Change aliases
• Need modification after applied to another branch
• Might cause conflicts after applied to another branch

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign lilin90 for approval. For more information see the Code Review Process.
Please ensure that each of them provides their approval before proceeding.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ti-chi-bot]

Hi @doc-claw-bot. Thanks for your PR.

I'm waiting for a pingcap member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[gemini-code-assist]

Code Review

This pull request updates the documentation for TiDB in no-sudo mode to explain how to apply limits from /etc/security/limits.conf by restarting the per-user systemd instance. The review feedback suggests improving clarity and readability by using active voice, making the shell code block more copy-paste friendly by moving the conditional restart explanation into the text, and changing "might not take effect" to "will not take effect" for technical accuracy.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

Including both start and restart commands with a conditional comment inside a single shell code block makes it cluttered and less copy-paste friendly (users copy-pasting the block will run both commands sequentially). It is cleaner to explain the restart scenario in the text and keep the code block focused on the standard start/status commands.

Suggested change

	2. Use the `root` user to start the user service. If `user@${uid}.service` is already running after you update `/etc/security/limits.conf`, run `systemctl restart user@${uid}.service` to apply the new limits.
	```shell
	$ uid=$(id -u tidb) # Get the ID of the tidb user
	$ systemctl start user@${uid}.service
	# If user@${uid}.service is already running after you update /etc/security/limits.conf, run:
	$ systemctl restart user@${uid}.service
	$ systemctl status user@${uid}.service
	2. Use the `root` user to start the user service. If `user@${uid}.service` is already running and you have updated `/etc/security/limits.conf`, run `systemctl restart user@${uid}.service` instead of `systemctl start user@${uid}.service` to apply the new limits.
	```shell
	$ uid=$(id -u tidb) # Get the ID of the tidb user
	$ systemctl start user@${uid}.service
	$ systemctl status user@${uid}.service

References

1. Ensure clarity, simplicity, and readability, and avoid unnecessary words and repetition. ^(link)

[gemini-code-assist]

To improve clarity and accuracy, use active voice ("you must restart") and change "might not take effect" to "will not take effect" (since systemd will definitely not apply the new limits without a restart).

Suggested change

Because TiDB services in no-sudo mode are managed by the per-user `systemd` instance (`user@<UID>.service`), the limits in `/etc/security/limits.conf` are applied when `user@<UID>.service` starts. If you change `/etc/security/limits.conf` after `user@<UID>.service` is already running, restart `user@<UID>.service` or reboot the target machine before you deploy or restart TiDB services. Otherwise, the new limits might not take effect for the TiDB services.

Because TiDB services in no-sudo mode are managed by the per-user `systemd` instance (`user@<UID>.service`), the limits in `/etc/security/limits.conf` only take effect when `user@<UID>.service` starts. If you change `/etc/security/limits.conf` after `user@<UID>.service` is already running, you must restart `user@<UID>.service` or reboot the target machine before deploying or restarting TiDB services. Otherwise, the new limits will not take effect.

References

1. Write in second person ('you'), prefer present tense, and avoid unnecessary words and repetition. ^(link)

[lilin90]

/ok-to-test

[Copilot]

Pull request overview

This PR clarifies how file descriptor limits are applied in TiUP no-sudo mode, specifically how user@<UID>.service (the per-user systemd manager) affects the effective Max open files limit for TiDB services.

Changes:

• Adds an explanation of why /etc/security/limits.conf might not fully take effect for the running user systemd manager.
• Adds steps to restart user@${uid}.service (when applicable) and verify the effective Max open files value via /proc/<pid>/limits.
• Documents a fallback using a system-level drop-in to set LimitNOFILE=1000000 for user@${uid}.service, plus an operational warning about the restart impact.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.