User uses all RAM

[splatz]

Hi everyone,

We just had an accident with one of our servers. There was one user which used all RAM of the server. The server became unresponsive and we had to do a reboot. It wasn't that hard to find the user who used all of the RAM as we use mod_ruid2. Now, we are investigating how this could happen and how we can prevent users from using all RAM. I was wondering how you guys are dealing with this and how you prevent a server from getting out of RAM.

 

[nobaloney]

Users don't use RAM; processes do. you need to determine which of the processes (probably processes started by the user) are using the RAM, and then configure them with limits.

Jeff

 

[splatz]

Thanks for the reply.
At the time there were many httpd processes running started by the client.

 

[tomtom901]

Thanks for the reply.
At the time there were many httpd processes running started by the client.

Sounds familiar, you might need to look into Apache's server status option to determine which page causes these processes.

You might also want to try lowering ServerLimit and MaxClients.

 

[splatz]

@tomtom901 Thx for the reply. Will look into this

What strikes me is that the every day after around 6 p.m. the user starts consuming a lot of RAM. There are no cronjobs for that time.

 

[tomtom901]

@tomtom901 Thx for the reply. Will look into this

What strikes me is that the every day after around 6 p.m. the user starts consuming a lot of RAM. There are no cronjobs for that time.

Maybe there is some kind of page active. That's why I'm saying, have a look at Apache's server status option.

 

[zEitEr]

Apache is always greedy for RAM. Lowering ServerLimit and MaxClients will make another error to occur. If you set MaxClients to 50, every connection above that limit will by dropped be default with an error (Error 40x).

To get best from your server is to set up Front-end (nginx/lighttpd/etc) + Back-end(Apache) scheme. Or just replace Apache with something more light web server.

@splatz, it often occurs on downloading from the server with the help of downloaders. On search spiders visits.

 

[splatz]

@tomtom901 Yeah but I can't see the situation of yesterday anymore, right?

 

[tomtom901]

@tomtom901 Yeah but I can't see the situation of yesterday anymore, right?

True, am dealing with this problem on one of our clients' machine too.

 

[BuGoFf]

@tomtom901 Yeah but I can't see the situation of yesterday anymore, right?

you can take a look at the apache logs from yesterday.

/var/log/httpd/domains/<domain>.access.log.2 (or 3) and see what requests where at that time.

 

[inferencia]

It wasn't that hard to find the user who used all of the RAM as we use mod_ruid2.

Interesting. How does this work, in TOP intead of httpd you see users by using ruid2?

Jeff, have you tried this mod on a shared server?

 

[tomtom901]

We currently enroll mod_ruid2 everywhere, and yes, apache won't run under apache but under $user.

 

[nobaloney]

I've never tried it, but we're going to use it on future server builds. In addition to being more straightforward then using PHP as CGI, it also uses less resources, and some would say is more secure, because even apache runs as the specific user.

Jeff