Results 1 to 17 of 17
  1. #1

    Apache + PHP-fcgi RAM usage increasing

    Hi everyone,

    I had fcgi to handle PHP (5.2.14) on my VPS, but I noticed RAM increases till there is no RAM, even when the site isn't as active. I have 2GBRAM, normally it uses like < 1GB now it keeps increasing till it hits the limit. I also use xCache

    I suspect something has been configured wrong, any advice is appreciated

    Thanks,
    Dregond

  2. #2
    Join Date
    Oct 2003
    Location
    Hanoi
    Posts
    4,309
    Which version of Apache? Can you post your apache configuration?

  3. #3
    Apache 2.2

    Any specific parts of the config you need?

    Thanks.

  4. #4
    Join Date
    Feb 2008
    Location
    Houston, Texas, USA
    Posts
    3,262
    Depending on your site's usage, you need to add configuration measures so fcgi processes get recycled (forcefully sometimes).

    Regards
    Joe / UNIXY
    UNIXy - Fully Managed Servers and Clusters - Established in 2006
    Server Management - Unlimited Servers. Unlimited Requests. One Plan!
    cPanel Varnish Plugin -- Seamless SSL Caching (Let's Encrypt, AutoSSL, etc)
    Slow Site or Server? Unable to handle traffic? Same day performance fix: joe@unixy

  5. #5
    Join Date
    Jun 2010
    Posts
    592
    the reason for this is xCache reserving memory for compiled php scripts. you need to optimize xcache settings

  6. #6
    Join Date
    Aug 2006
    Location
    Canada
    Posts
    763
    If you're using php-fpm, you can use the pm.max_requests directive if you think that there are memory leaks. If you're using fcgi itself, use PHP_FCG_MAX_REQUESTS.

    ; The number of requests each child process should execute before respawning.
    ; This can be useful to work around memory leaks in 3rd party libraries. For
    ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
    ; Default Value: 0
    pm.max_requests = 500
    Otto Yiu
    Rsync Palace ● Providing offsite backups since 2007.
    Backomatic ● Hassle-free Automated cPanel/WHM, DirectAdmin, FTP, and MySQL backups.

  7. #7
    Quote Originally Posted by -OY- View Post
    If you're using php-fpm, you can use the pm.max_requests directive if you think that there are memory leaks. If you're using fcgi itself, use PHP_FCG_MAX_REQUESTS.
    There may be a memory leak, but i can't seem to find the "PHP_FCG_MAX_REQUESTS" in my http.conf file. to be honest im on a manage VPS, but I am not sure if FCGI was properly configured so i wanted to hear what people say about the memory increase.


    Quote Originally Posted by SirMarcel View Post
    the reason for this is xCache reserving memory for compiled php scripts. you need to optimize xcache settings
    My settings are the defaults mostly, I haven't tweaked much.

    Code:
    [xcache]
    ; ini only settings, all the values here is default unless explained
    
    ; select low level shm/allocator scheme implemenation
    xcache.shm_scheme = "mmap"
    ; to disable: xcache.size=0
    ; to enable : xcache.size=64M etc (any size > 0) and your system mmap allows
    xcache.size = 60M
    ; set to cpu count (cat /proc/cpuinfo |grep -c processor)
    xcache.count = 1
    ; just a hash hints, you can always store count(items) > slots
    xcache.slots = 8K
    ; ttl of the cache item, 0=forever
    xcache.ttl = 0
    ; interval of gc scanning expired items, 0=no scan, other values is in seconds
    xcache.gc_interval = 0
    
    ; same as aboves but for variable cache
    xcache.var_size = 4M
    xcache.var_count = 1
    xcache.var_slots = 8K
    ; default ttl
    xcache.var_ttl = 0
    xcache.var_maxttl = 0
    xcache.var_gc_interval = 300
    
    xcache.test = Off
    ; N/A for /dev/zero
    xcache.readonly_protection = Off
    ; for *nix, xcache.mmap_path is a file path, not directory.
    ; Use something like "/tmp/xcache" if you want to turn on ReadonlyProtection
    ; 2 group of php won't share the same /tmp/xcache
    ; for win32, xcache.mmap_path=anonymous map name, not file path
    xcache.mmap_path = "/dev/zero"
    
    
    ; leave it blank(disabled) or "/tmp/phpcore/"
    ; make sure it's writable by php (without checking open_basedir)
    xcache.coredump_directory = ""
    
    ; per request settings
    xcache.cacher = On
    xcache.stat = On
    xcache.optimizer = On
    
    [xcache.coverager]
    ; per request settings
    ; enable coverage data collecting for xcache.coveragedump_directory and xcache_coverager_start/stop/get/clean() functions (will hurt executing performance)
    xcache.coverager = Off
    
    ; ini only settings
    ; make sure it's readable (care open_basedir) by coverage viewer script
    ; requires xcache.coverager=On
    xcache.coveragedump_directory = ""

  8. #8
    Join Date
    Aug 2006
    Location
    Canada
    Posts
    763
    How are you spawning fcgi? You might have to create a wrapper:

    Code:
    #!/bin/sh
        PHP_FCGI_MAX_REQUESTS=10000
        export PHP_FCGI_MAX_REQUESTS
        exec /usr/bin/php-cgi
    and in apache, you call the script:

    Code:
    FcgidWrapper /usr/bin/php-wrapper .php
    To make everything easier, you should use a fcgi process manager like PHP-FPM for example.

    Quote Originally Posted by Dregond Rahl View Post
    There may be a memory leak, but i can't seem to find the "PHP_FCG_MAX_REQUESTS" in my http.conf file. to be honest im on a manage VPS, but I am not sure if FCGI was properly configured so i wanted to hear what people say about the memory increase.




    My settings are the defaults mostly, I haven't tweaked much.

    Code:
    [xcache]
    ; ini only settings, all the values here is default unless explained
    
    ; select low level shm/allocator scheme implemenation
    xcache.shm_scheme = "mmap"
    ; to disable: xcache.size=0
    ; to enable : xcache.size=64M etc (any size > 0) and your system mmap allows
    xcache.size = 60M
    ; set to cpu count (cat /proc/cpuinfo |grep -c processor)
    xcache.count = 1
    ; just a hash hints, you can always store count(items) > slots
    xcache.slots = 8K
    ; ttl of the cache item, 0=forever
    xcache.ttl = 0
    ; interval of gc scanning expired items, 0=no scan, other values is in seconds
    xcache.gc_interval = 0
    
    ; same as aboves but for variable cache
    xcache.var_size = 4M
    xcache.var_count = 1
    xcache.var_slots = 8K
    ; default ttl
    xcache.var_ttl = 0
    xcache.var_maxttl = 0
    xcache.var_gc_interval = 300
    
    xcache.test = Off
    ; N/A for /dev/zero
    xcache.readonly_protection = Off
    ; for *nix, xcache.mmap_path is a file path, not directory.
    ; Use something like "/tmp/xcache" if you want to turn on ReadonlyProtection
    ; 2 group of php won't share the same /tmp/xcache
    ; for win32, xcache.mmap_path=anonymous map name, not file path
    xcache.mmap_path = "/dev/zero"
    
    
    ; leave it blank(disabled) or "/tmp/phpcore/"
    ; make sure it's writable by php (without checking open_basedir)
    xcache.coredump_directory = ""
    
    ; per request settings
    xcache.cacher = On
    xcache.stat = On
    xcache.optimizer = On
    
    [xcache.coverager]
    ; per request settings
    ; enable coverage data collecting for xcache.coveragedump_directory and xcache_coverager_start/stop/get/clean() functions (will hurt executing performance)
    xcache.coverager = Off
    
    ; ini only settings
    ; make sure it's readable (care open_basedir) by coverage viewer script
    ; requires xcache.coverager=On
    xcache.coveragedump_directory = ""
    Last edited by -OY-; 08-12-2010 at 03:03 AM.
    Otto Yiu
    Rsync Palace ● Providing offsite backups since 2007.
    Backomatic ● Hassle-free Automated cPanel/WHM, DirectAdmin, FTP, and MySQL backups.

  9. #9
    Thanks -OY- for the information, ill look into it.

    For now my host is asking me to return to suPHP because of a recent attack on my site, I guess even if fastCGI is better, its not safer ? I wish at least php optimizers would work with suphp. Is there no other secure solution?

  10. #10
    Join Date
    Jun 2006
    Location
    Cluj Napoca
    Posts
    469
    @Dregond is your VPS on OpenVZ ?
    IntoDNS - Check your DNS health and configuration
    FLEIO - OpenStack billing and control panel for service providers

  11. #11
    Quote Originally Posted by Cristi4n View Post
    @Dregond is your VPS on OpenVZ ?
    Yes it is.

  12. #12
    Join Date
    Jun 2006
    Location
    Cluj Napoca
    Posts
    469
    ok, and do you user worker_mpm (threads) or prefork with your Apache configuration ?
    IntoDNS - Check your DNS health and configuration
    FLEIO - OpenStack billing and control panel for service providers

  13. #13
    Quote Originally Posted by Cristi4n View Post
    ok, and do you user worker_mpm (threads) or prefork with your Apache configuration ?
    Honestly i'm not sure, its the default so probably prefork, its compiled using EasyApache so its mod_fcgi, my host believes that its insecure and the reason for the "attacks" on the site, so they recompiled it as suphp. Is there anyway to get it running as fastcgi with security too?

    Also worker is better than prefork I believe, but with the recent release of 5.2.14 and 5.3.3 i think FPM is now native with PHP is that even better than prefork and MPM ?

  14. #14
    Join Date
    Jun 2006
    Location
    Cluj Napoca
    Posts
    469
    Honestly I am not sure why they would state that fastcgi is not secure. Maybe they believe you are actually using the old style CGI (suphp does that btw) setup.
    If you are using worker than that's not ok in OpenVZ.

    First off try a Xen setup (or vmware or kvm) , you can go with 1GB of ram even if now you have 2GB in OpenVZ.

    If you can't or don't want to try a Xen setup, please make sure that you recycle and limit the number of fcgi processes to something acceptable. Check the timeouts, max requests a.s.o for you fastcgi processes.

    Also I would recommend you to use mpm_event with Apache and FastCGI to reduce the number of httpd processes.

    Ah, and if you use xcache or eaccelerator, remove them for a while and see if it's better without them.
    IntoDNS - Check your DNS health and configuration
    FLEIO - OpenStack billing and control panel for service providers

  15. #15
    Quote Originally Posted by Cristi4n View Post
    Honestly I am not sure why they would state that fastcgi is not secure. Maybe they believe you are actually using the old style CGI (suphp does that btw) setup.
    If you are using worker than that's not ok in OpenVZ.

    First off try a Xen setup (or vmware or kvm) , you can go with 1GB of ram even if now you have 2GB in OpenVZ.

    If you can't or don't want to try a Xen setup, please make sure that you recycle and limit the number of fcgi processes to something acceptable. Check the timeouts, max requests a.s.o for you fastcgi processes.

    Also I would recommend you to use mpm_event with Apache and FastCGI to reduce the number of httpd processes.

    Ah, and if you use xcache or eaccelerator, remove them for a while and see if it's better without them.
    Thanks for your advise, I will try this when i have solved the security problem. The VPS offers only OpenVZ so I can't make a switch, Also they know its compiled as fcgi and I enabled suEXEC. But even then there seems to be some lose ends causing the security problem. I'm considring installing "Suhosin" to secure PHP (Joomla seems to the be the cause)

    Thanks again

  16. #16
    Join Date
    Jun 2006
    Location
    Cluj Napoca
    Posts
    469
    Also, what security problems do you refer to ?
    IntoDNS - Check your DNS health and configuration
    FLEIO - OpenStack billing and control panel for service providers

  17. #17
    Join Date
    Oct 2004
    Posts
    632
    Quote Originally Posted by -OY- View Post
    How are you spawning fcgi? You might have to create a wrapper:

    Code:
    #!/bin/sh
        PHP_FCGI_MAX_REQUESTS=10000
        export PHP_FCGI_MAX_REQUESTS
        exec /usr/bin/php-cgi
    and in apache, you call the script:

    Code:
    FcgidWrapper /usr/bin/php-wrapper .php
    To make everything easier, you should use a fcgi process manager like PHP-FPM for example.
    Hi

    could you please tell how to achieve this on cpanel server?

    such as add those on /usr/local/cpanel/cgi-sys/php5 ?

Similar Threads

  1. Vps optimization & Apache suphp, dso vs fcgi
    By adeministrator in forum Hosting Security and Technology
    Replies: 11
    Last Post: 04-05-2010, 02:46 AM
  2. Apache PHP-cgi + fcgi problem
    By IcyTexx in forum Hosting Security and Technology
    Replies: 5
    Last Post: 03-27-2010, 01:50 AM
  3. Increasing the Apache ServerLimit in Apache 2.2.8 version.
    By rvbraj in forum Hosting Security and Technology
    Replies: 7
    Last Post: 05-28-2008, 12:17 PM
  4. apache + spawn-fcgi
    By papajo in forum Hosting Security and Technology
    Replies: 2
    Last Post: 04-14-2008, 01:56 PM
  5. Lighttpd - 95% Cpu Usage. Apache - All Ram Used, Swap Comes In
    By Greedisgood in forum Hosting Security and Technology
    Replies: 18
    Last Post: 10-14-2007, 12:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •