Thursday, July 17, 2008

Load hike in the server..

Server Load...

Sometimes, there may be more number of httpd connections to the server. If we increase Maxclients to more than 300, it won’t be able to withstand the high access.

This can be fixed by enabling Raise Hard Server Limit on easy apache.

In WHM , go to Software > Apache Update:
1. Profile: Previously Saved Config [Start customizing based on profile]
2. Apache Version: (your choice) [Next Step]
3. PHP Major Version: (your choices) [Next Step]
4. PHP Minor version: (your choices) [Next Step]
5. Short Options List: (your choices) [Exhaustive Options List]
6. Exhaustive Options list: [CHECK] Raise Hard Server Limit
7. Save and build

The above process can be done via SSH as well (using /scripts/easyapache) and finding similarly “Raise Hard Server Limit” in order to enable it and then recompile Apache.

When you choose “Raise Hard Server Limit” (via cPanel or SSH), cPanel patches /home/cpeasyapache/src/include/httpd.h (using /home/cpeasyapache/src/cppatch/raise_hard_server_limit.patch) in order to increase HARD_SERVER_LIMIT from 256 to 2048.

Follow these steps to control the load on the server..

1===========Cpu process==========
Check processes and find the process that take high cpu usage
=>nice top
=>top -c Shift+m
=>pstree -pua

=>killall -9
=>kill -9

2===========Semaphores checking==========
to show IPC
=>ipcs -s

for i in `ipcs -s | awk ‘{print $2}’`; do ipcrm -s $i; done use this script to remove all semaphores.

lsof -c httpd |grep cwd|grep home| awk ‘{print $9}’|cut -f3 -d\/|sort -n| uniq -c|sort -n

3.==========Exim ===================================
If again high load exim check for spaming
If there are too many exim it may due to spaming
*then enable Spam assasination
*Remove frozen mails from the queue,
*Check for exim connection using netstat

exim -bp |grep frozen |awk ‘{print $3}’ |xargs exim -Mrm

Remove all mails in the server.

Forceful delivery:

exim -qff -v

4. =============http connections=DOS==================
=>pidof httpd
also check whether ir is due to url calling::

watch using

watch “ls -ltr /usr/local/apache/domlogs | tail -20″
netstat -plan | grep :80 | awk ‘{print $5}’ | cut -d: -f 1 | sort | uniq -c | sort -n

netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

If there are too many http connections from any IP, you can block that IP.
If you want to block an IP use the syntax

=>iptables -I INPUT -s IP -j DROP
=>apf -d IP
this edits apf.conf
4.===============Mysql =================

The status of the processes and databases accessed can be found using:
=>mysqladmin processlist status

=>/etc/init.d/mysql restart

5.=========Also check these================
Free memory in server
free -m

No of domains hosted in server
=>cat /etc/userdomains |wc -l

No of processors:
=> cat /proc/cpuinfo |grep processor

=>dmesg |grep error

=> /scripts/smartcheck

also check access to a particular domain

cd /usr/local/apache/domlogs
ls -alSh |more

tail -f /usr/local/apache/domainname
if it suspend it

No comments: