Results 1 to 17 of 17
-
08-11-2010, 04:44 AM #1WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
Apache + PHP-fcgi RAM usage increasing
Hi everyone,
I had fcgi to handle PHP (5.2.14) on my VPS, but I noticed RAM increases till there is no RAM, even when the site isn't as active. I have 2GBRAM, normally it uses like < 1GB now it keeps increasing till it hits the limit. I also use xCache
I suspect something has been configured wrong, any advice is appreciated
Thanks,
Dregond
-
08-11-2010, 05:56 AM #2Temporarily Suspended
- Join Date
- Oct 2003
- Location
- Hanoi
- Posts
- 4,309
Which version of Apache? Can you post your apache configuration?
-
08-11-2010, 09:39 AM #3WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
Apache 2.2
Any specific parts of the config you need?
Thanks.
-
08-11-2010, 02:10 PM #4Corporate Member
- Join Date
- Feb 2008
- Location
- Houston, Texas, USA
- Posts
- 3,262
Depending on your site's usage, you need to add configuration measures so fcgi processes get recycled (forcefully sometimes).
Regards
Joe / UNIXYUNIXy - Fully Managed Servers and Clusters - Established in 2006
Server Management - Unlimited Servers. Unlimited Requests. One Plan!
cPanel Varnish Plugin -- Seamless SSL Caching (Let's Encrypt, AutoSSL, etc)
Slow Site or Server? Unable to handle traffic? Same day performance fix: joe@unixy
-
08-11-2010, 02:23 PM #5Web Hosting Master
- Join Date
- Jun 2010
- Posts
- 592
the reason for this is xCache reserving memory for compiled php scripts. you need to optimize xcache settings
-
08-11-2010, 03:06 PM #6Ottomatic backup specialist
- Join Date
- Aug 2006
- Location
- Canada
- Posts
- 763
If you're using php-fpm, you can use the pm.max_requests directive if you think that there are memory leaks. If you're using fcgi itself, use PHP_FCG_MAX_REQUESTS.
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500█ Otto Yiu
█ Rsync Palace ● Providing offsite backups since 2007.
█ Backomatic ● Hassle-free Automated cPanel/WHM, DirectAdmin, FTP, and MySQL backups.
-
08-12-2010, 02:46 AM #7WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
There may be a memory leak, but i can't seem to find the "PHP_FCG_MAX_REQUESTS" in my http.conf file. to be honest im on a manage VPS, but I am not sure if FCGI was properly configured so i wanted to hear what people say about the memory increase.
My settings are the defaults mostly, I haven't tweaked much.
Code:[xcache] ; ini only settings, all the values here is default unless explained ; select low level shm/allocator scheme implemenation xcache.shm_scheme = "mmap" ; to disable: xcache.size=0 ; to enable : xcache.size=64M etc (any size > 0) and your system mmap allows xcache.size = 60M ; set to cpu count (cat /proc/cpuinfo |grep -c processor) xcache.count = 1 ; just a hash hints, you can always store count(items) > slots xcache.slots = 8K ; ttl of the cache item, 0=forever xcache.ttl = 0 ; interval of gc scanning expired items, 0=no scan, other values is in seconds xcache.gc_interval = 0 ; same as aboves but for variable cache xcache.var_size = 4M xcache.var_count = 1 xcache.var_slots = 8K ; default ttl xcache.var_ttl = 0 xcache.var_maxttl = 0 xcache.var_gc_interval = 300 xcache.test = Off ; N/A for /dev/zero xcache.readonly_protection = Off ; for *nix, xcache.mmap_path is a file path, not directory. ; Use something like "/tmp/xcache" if you want to turn on ReadonlyProtection ; 2 group of php won't share the same /tmp/xcache ; for win32, xcache.mmap_path=anonymous map name, not file path xcache.mmap_path = "/dev/zero" ; leave it blank(disabled) or "/tmp/phpcore/" ; make sure it's writable by php (without checking open_basedir) xcache.coredump_directory = "" ; per request settings xcache.cacher = On xcache.stat = On xcache.optimizer = On [xcache.coverager] ; per request settings ; enable coverage data collecting for xcache.coveragedump_directory and xcache_coverager_start/stop/get/clean() functions (will hurt executing performance) xcache.coverager = Off ; ini only settings ; make sure it's readable (care open_basedir) by coverage viewer script ; requires xcache.coverager=On xcache.coveragedump_directory = ""
-
08-12-2010, 02:58 AM #8Ottomatic backup specialist
- Join Date
- Aug 2006
- Location
- Canada
- Posts
- 763
How are you spawning fcgi? You might have to create a wrapper:
Code:#!/bin/sh PHP_FCGI_MAX_REQUESTS=10000 export PHP_FCGI_MAX_REQUESTS exec /usr/bin/php-cgi
Code:FcgidWrapper /usr/bin/php-wrapper .php
Last edited by -OY-; 08-12-2010 at 03:03 AM.
█ Otto Yiu
█ Rsync Palace ● Providing offsite backups since 2007.
█ Backomatic ● Hassle-free Automated cPanel/WHM, DirectAdmin, FTP, and MySQL backups.
-
08-12-2010, 03:19 AM #9WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
Thanks -OY- for the information, ill look into it.
For now my host is asking me to return to suPHP because of a recent attack on my site, I guess even if fastCGI is better, its not safer ? I wish at least php optimizers would work with suphp. Is there no other secure solution?
-
08-12-2010, 03:30 AM #10Web Hosting Evangelist
- Join Date
- Jun 2006
- Location
- Cluj Napoca
- Posts
- 469
-
08-12-2010, 03:39 AM #11WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
-
08-12-2010, 03:40 AM #12Web Hosting Evangelist
- Join Date
- Jun 2006
- Location
- Cluj Napoca
- Posts
- 469
-
08-12-2010, 05:57 AM #13WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
Honestly i'm not sure, its the default so probably prefork, its compiled using EasyApache so its mod_fcgi, my host believes that its insecure and the reason for the "attacks" on the site, so they recompiled it as suphp. Is there anyway to get it running as fastcgi with security too?
Also worker is better than prefork I believe, but with the recent release of 5.2.14 and 5.3.3 i think FPM is now native with PHP is that even better than prefork and MPM ?
-
08-12-2010, 06:03 AM #14Web Hosting Evangelist
- Join Date
- Jun 2006
- Location
- Cluj Napoca
- Posts
- 469
Honestly I am not sure why they would state that fastcgi is not secure. Maybe they believe you are actually using the old style CGI (suphp does that btw) setup.
If you are using worker than that's not ok in OpenVZ.
First off try a Xen setup (or vmware or kvm) , you can go with 1GB of ram even if now you have 2GB in OpenVZ.
If you can't or don't want to try a Xen setup, please make sure that you recycle and limit the number of fcgi processes to something acceptable. Check the timeouts, max requests a.s.o for you fastcgi processes.
Also I would recommend you to use mpm_event with Apache and FastCGI to reduce the number of httpd processes.
Ah, and if you use xcache or eaccelerator, remove them for a while and see if it's better without them.
-
08-12-2010, 06:48 AM #15WHT Addict
- Join Date
- Jun 2010
- Posts
- 143
Thanks for your advise, I will try this when i have solved the security problem. The VPS offers only OpenVZ so I can't make a switch, Also they know its compiled as fcgi and I enabled suEXEC. But even then there seems to be some lose ends causing the security problem. I'm considring installing "Suhosin" to secure PHP (Joomla seems to the be the cause)
Thanks again
-
08-12-2010, 06:50 AM #16Web Hosting Evangelist
- Join Date
- Jun 2006
- Location
- Cluj Napoca
- Posts
- 469
-
11-30-2011, 07:29 AM #17Web Hosting Master
- Join Date
- Oct 2004
- Posts
- 632
Similar Threads
-
Vps optimization & Apache suphp, dso vs fcgi
By adeministrator in forum Hosting Security and TechnologyReplies: 11Last Post: 04-05-2010, 02:46 AM -
Apache PHP-cgi + fcgi problem
By IcyTexx in forum Hosting Security and TechnologyReplies: 5Last Post: 03-27-2010, 01:50 AM -
Increasing the Apache ServerLimit in Apache 2.2.8 version.
By rvbraj in forum Hosting Security and TechnologyReplies: 7Last Post: 05-28-2008, 12:17 PM -
apache + spawn-fcgi
By papajo in forum Hosting Security and TechnologyReplies: 2Last Post: 04-14-2008, 01:56 PM -
Lighttpd - 95% Cpu Usage. Apache - All Ram Used, Swap Comes In
By Greedisgood in forum Hosting Security and TechnologyReplies: 18Last Post: 10-14-2007, 12:34 PM