more on bogged down server
Rick Stevens
rstevens at vitalstream.com
Mon Apr 10 21:05:29 UTC 2006
On Mon, 2006-04-10 at 11:55 -0700, Harold Hallikainen wrote:
> Last week, I was out of town for the week and, of course, my FC4 system
> slowed down to a crawl, and eventually I could not get into it at all. I
> just bought and installed a "Web Power Switch" (under $100 at
> http://www.digital-loggers.com/lpc.html), so I will always (I hope) be
> able to reboot the system from anywhere.
>
> I also reduced the number of clients (I think that was the term) in
> httpd.conf from 150 to 50.
>
> Based on Rick's suggestion, I also added this to /etc/sysctl.conf:
>
> # below lines added 4/8/06 to try to prevent system bog downs due to
> httpd. hh
> net.ipv4.tcp_fin_timeout = 1
> net.ipv4.tcp_max_syn_backlog = 2048
> net.ipv4.tcp_syn_retries = 3
> net.ipv4.tcp_tw_recycle = 1
> net.ipv4.tcp_tw_reuse = 1
>
>
> My web server has a lot of large files that will take a while for people
> to download. I suspect Apache is starting another thread for each of
> these, and keeping it open a long time. As more and more requests come in,
> the load just keeps getting bigger.
Which is exactly why http is not a good choice for downloads. You
should modify the download links to "ftp://" to force FTP downloads.
> Here's a recent top:
>
> Cpu(s): 98.3% us, 1.7% sy, 0.0% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.0% si
> Mem: 1027640k total, 1013188k used, 14452k free, 8292k buffers
> Swap: 2031608k total, 244252k used, 1787356k free, 224352k cached
>
> PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
> 19089 apache 16 0 45120 17m 4780 S 17.0 1.8 0:04.59 httpd
> 14416 apache 24 0 60736 31m 4904 R 3.7 3.1 13:02.87 httpd
> 18425 apache 21 0 59872 30m 2996 R 3.7 3.0 2:58.17 httpd
> 8965 apache 25 0 59724 31m 4800 R 3.3 3.2 30:11.74 httpd
> 10263 apache 25 0 60896 32m 4664 R 3.3 3.2 17:42.99 httpd
> 10268 apache 25 0 60620 27m 4512 R 3.3 2.7 17:12.99 httpd
> 13121 apache 25 0 59540 31m 4648 R 3.3 3.2 15:00.67 httpd
> 13585 apache 25 0 51556 12m 4508 R 3.3 1.3 13:09.44 httpd
> 13802 apache 25 0 51364 19m 4504 R 3.3 1.9 13:28.15 httpd
> 14613 apache 25 0 60684 18m 4508 R 3.3 1.8 12:32.11 httpd
> 14682 apache 25 0 51284 10m 2960 R 3.3 1.0 13:36.44 httpd
> 14852 apache 25 0 51332 16m 4992 R 3.3 1.6 10:08.87 httpd
> 14853 apache 25 0 51144 18m 4620 R 3.3 1.9 11:20.88 httpd
> 14935 apache 25 0 51656 18m 5352 R 3.3 1.9 10:52.20 httpd
> 15134 apache 25 0 51360 18m 5364 R 3.3 1.8 10:00.45 httpd
> 15138 apache 21 0 51200 17m 5336 R 3.3 1.8 10:33.49 httpd
> 15504 apache 20 0 60708 20m 4512 R 3.3 2.0 10:24.10 httpd
> 15876 apache 20 0 51028 10m 4528 R 3.3 1.1 8:41.13 httpd
> 15877 apache 23 0 60520 20m 5448 R 3.3 2.1 5:43.60 httpd
> 16331 apache 20 0 60328 32m 5516 R 3.3 3.2 5:19.84 httpd
> 16633 apache 25 0 60420 32m 5408 R 3.3 3.2 5:15.28 httpd
> 17859 apache 25 0 60016 32m 5520 R 3.3 3.3 2:27.50 httpd
> 18089 apache 25 0 60040 32m 5512 R 3.3 3.3 3:17.04 httpd
> 18426 apache 21 0 59588 32m 5292 R 3.3 3.2 0:36.13 httpd
> 18503 apache 25 0 59800 32m 5460 R 3.3 3.3 0:57.90 httpd
>
>
> Notice that a lot of those httpd processes have been running quite a while.
Yup.
> My concern now is that while everything seems to be working, I think I'm
> missing some incoming mail. Here's something from /var/log/maillog:
>
> Apr 10 11:46:48 sujan sendmail[2316]: rejecting connections on daemon MTA:
> load average: 33
You aren't missing mail, but you're not receiving it in a timely manner.
A load average of 33 on a web server is pretty bad unless it's getting
just bloody hammered. Undoubtedly, HTTP downloads are the main culprit
here, and conversion to FTP would be a big help.
> So... what do I do?
You have to reduce your load somehow. Ideally, you should create an
anonymous FTP download directory and move all of the downloadable files
to it. The download directory also is used as the home directory for
the anonymous FTP user (user "ftp"). I actually use a completely
separate filesystem entirely for that. The filesystem is mounted so
that only root has write access.
Modify your vsftpd.conf file to permit anonymous downloads only
and start up vsftpd. Make sure you also set the "force chroot for
anonymous users" option. Then change your links on your web pages to
use "ftp://"-style links pointed at the anonymous download directory
paths for the downloadable files.
FTP is the protocol to use for large file downloads. HTTP just isn't
efficient for that, as you've now found out (the hard way, I might add).
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- All generalizations are false. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list