Does anyone know how to limit the total amount of memory usage by apache? Ive got a problem with my servers crasing and i believe its down to apache consuming all the memory. I have tried using rlimitmem but that doesnt seem to have any affect.

I have also tried putting limits on usernobody in /etc/security/limits.conf but that didnt work either :(

Rlimit and Rmem i think.


Jason

Show us the main config of your httpd.conf

It also depends on the number of servers and the child procs you spawn

RLimitMEM 117658000 200000000
I had RLimitMEM 117658000
and also have tried
RLimitMEM 117658 200000

i can run a php script which will take up 80% of the memory in a few seconds.

Originally posted by SplashHost.com
Does anyone know how to limit the total amount of memory usage by apache? Ive got a problem with my servers crasing and i believe its down to apache consuming all the memory. I have tried using rlimitmem but that doesnt seem to have any affect.

I have also tried putting limits on usernobody in /etc/security/limits.conf but that didnt work either :( Why don't you get, an unlimited megabyte stick of memory? :D :sickface:

Just Kidding, hmm this sounds weird one php script? will take 80%? What exactly does this php script do?

Originally posted by SplashHost.com
RLimitMEM 117658000 200000000
I had RLimitMEM 117658000
and also have tried
RLimitMEM 117658 200000

i can run a php script which will take up 80% of the memory in a few seconds.

Do you know it's due to memory and not the CPU? You should use Rlimit to also control the CPU and processes (as well as Apache's own settings).

Your original limit was huge and took the point out of setting a limit in the first place. Are you putting this in the global part of the web server configuration or the users own virtual host. I assume you are putting it in the global area (you should for a PHP module).

Also the /etc/security/limits.conf file will only limit login accounts (shell) and the Apache web server user doesn't log in. What does your messages log show before the crash? It could show memory errors, drive or swap errors, out of mem, etc. What does free show for memory usage and swap? A little more information would help us help you.

Originally posted by SplashHost.com
Does anyone know how to limit the total amount of memory usage by apache? Ive got a problem with my servers crasing and i believe its down to apache consuming all the memory. I have tried using rlimitmem but that doesnt seem to have any affect.

I have also tried putting limits on usernobody in /etc/security/limits.conf but that didnt work either :(

Hey there,

Ok, as 2Host.com correctely pointed out limits.conf won't work since Apache doesn't use a shell. What both of you seemed to miss out on was exactly what the RLimit* directives do.

As stated in the Apache docs (http://httpd.apache.org/docs/mod/core.html#rlimitcpu) RLimitMem does the following:


This applies to processes forked off from Apache children servicing requests, not the Apache children themselves. This includes CGI scripts and SSI exec commands, but not any processes forked off from the Apache parent such as piped logs.


"Not the Apache Children themselves" is where it fails. PHP (and mod_perl) runs within the Apache child, not as a forked process (although you can run it forked style by specifying #!/location/to/php at the top of a PHP file aka a Perl script style). Since it runs within the Apache child these limits don't apply.

A more appropriate method would be using Apache::Resource included within the mod_perl package.

http://perl.apache.org/docs/1.0/api/Apache/Resource.html

While it is Perl related (and you have to run mod_perl on your server to use it) it is applied to the entire Apache process so I believe that it will work for PHP scripts. I am amazed PHP doesn't have it's own server side resource limiting abilities although it doesn't surprise me as PHP has always struck me as bringing the hard stuff closer to the masses (as opposed to Perl which makes life hard but is overly capable at just about everything).

Finally, you could play around with some low Timeout values (http://www.simplythebest.net/info/apache_core.html#timeout) but this could cause performance on the server to diminish as it respawns constantly.

Good luck!

Stuart

Originally posted by Perlboy

What both of you seemed to miss out on was exactly what the RLimit* directives do.



I actually do know exactly what the RLimit* directives do and what you say is true (as it does run in the httpd process itself). I think this was a result of me trying to explain too many scenario's and I didn't post my response clearly (as I had intended to state that it might not be a PHP process) and he should set global limits for any process that will not be running as the user themselves (for CGI (to be clear)) (i.e., global user via Apache) and if it us using SuEXEC then it should be within the Virtual host block for each domain (for CGI, to be clear). I worded my post improperly, thanks for mentioning that or it would have gone unnoticed and I'd have looked foolish. However for CGI purposes, I suggest he also use RLimitCPU and RLimitNPROC, and not just RLimitMEM.

I also mentioned he needs to look into the Apache configuration directives themselves to control other aspects (in this case and for this reason) to better tune it. You can also set memory limits for PHP (--enable-memory-limit when building PHP, but this is hardly fool proof and isn't going to help with a lot of common issues with memory usage anyway). To explain it another way (and what I do) would be too complex I fear, but if you are curious, shoot me an email and I'll explain how as I would prefer to not try and generalize it in a forum post. In any case, I suggest that if PHP is a problem, to just run it as CGI and use SuEXEC and the correct RLimit* directives, as it will save the server from crashing from poorly coded PHP scripts (when run as CGI), as well as CGI scripts coded in (many) other languages.

Oh, and PS: The #!/interpreter line is not really the "Perl way", as it's common to any script run as CGI to locate the binary/interpreter to run the script (shell, Python, Perl, Ruby, etc. all do this).

I actually do know exactly what the RLimit* directives do and what you say is true (as it does run in the httpd process itself). I think this was a result of me trying to explain too many scenario's and I didn't post my response clearly (as I had intended to state that it might not be a PHP process) and he should set global limits for any process that will not be running as the user themselves (for CGI (to be clear)) (i.e., global user via Apache) and if it us using SuEXEC then it should be within the Virtual host block for each domain (for CGI, to be clear). I worded my post improperly, thanks for mentioning that or it would have gone unnoticed and I'd have looked foolish. However for CGI purposes, I suggest he also use RLimitCPU and RLimitNPROC, and not just RLimitMEM.


No offense intended. :)


to not try and generalize it in a forum post. In any case, I suggest that if PHP is a problem, to just run it as CGI and use SuEXEC and the correct RLimit* directives, as it will save the server from crashing from poorly coded PHP scripts (when run as CGI), as well as CGI scripts coded in (many) other languages.


I think his problem was related to not wanting it dependant on the coder.


Oh, and PS: The #!/interpreter line is not really the "Perl way", as it's common to any script run as CGI to locate the binary/interpreter to run the script (shell, Python, Perl, Ruby, etc. all do this).

True, my bad. :)

Stuart

Hey, no offense taken, it was my mistake in the way I worded it (I must have lost track). Thanks for catching that. :-) Also, my comment about the bash line was actually meant for the sake of any viewers, I figured you know it already.

What im looking to do here is limit the memory usage by the apache children. There is someones script either malicously or accidently using up the memory on the server. If i compile in modperl will cgi scripts still run in the normal fashion unless they are designed to work with mod perl or?