Date post: | 15-Apr-2017 |
Category: |
Technology |
Upload: | cloudlinux |
View: | 899 times |
Download: | 9 times |
HOW TO OPTIMIZE CloudLinux OS Limits
• What is LVE
• mod_hostinglimits is Apache
module that:o detects VH
o puts apache process into LVE
o lets apache server it
o removes apache process from LVE
UNDERSTANDING LVE
• LVE limits don’t depend on hardware
• Default LVE limits optimized for regular shared
hosting account
o More powerful hardware → more clients per server
o Less powerful hardware → less clients
• Low end customers → smaller limits
• High end customers → larger limits
TYPICAL Hosting AccountSPEED=100%PMEM=256MBVMEM=0IO=1024KB/sNPROC=100EP=20
HIGH END Hosting AccountSPEED=200%PMEM=512MBVMEM=0IO=1024KB/sNPROC=100EP=40
Limits <-> Hardware dependency
• PHP/CGI scripts
• SSH sessions
• Cron jobs
What do limits “LIMIT”
• E-Maile Pipes (cPanel only)
• MySQL queries (requires MySQL
Governor, CPU & IO only)
Static content is NOT limited by defaulto Noticeable overheado Can be changed by setting AllowHandler * in modhostinglimits.conf
LIMITS UNITS DEFAULT VALUE
SPEED % of a core, or HZ 100%
PMEM KB 256MB
VMEM KB 0MB
IO KB/sec 1024KB/sec
IOPS [requires lve1.3+] Operations per second 1024
NPROC number 100
EP number 20
Default Limits
Type RLIMIT LVE Limit
CPU Per process. Amount of seconds each process will execute.
Whole account. Total amount of CPU all processes within account can use at the same time.
Memory Per process, limits memory consumption per process.
Total memory consumption for all processes within accounts.
IO No alternative Amount of data per second that can be read/written
IOPS No alternative Number of IO operations / second allowed
Number of processes
Max number of processes per account Max number of processes per account
Entry processes No alternatives Max number of apache connections for account
Difference between RLimit & LVE Limits
• % of a single core OR # in hzo speed=150% → 1 and ½ cores
o 2ghz → 2ghz, no matter what the speed of CPU is
• Default → 100% (1 core)• Recommended SPEED settings → 100% for regular
accounts, 200% for high performance accounts
• Once limit reached, processes slow down
• Hyper threading counts as a separate core
SPEED (CPU LIMIT)
HZ settings allows to set approximately same performance level across different hardware
• Single thread can occupy one core
o Using limit < 1 core will cause
automatic throttling of all requests
• ½ core → requests take 2x as slow
• Due to context switching → CPU
usage is higher than without the
limit
DANGER OF LOW LIMIT
• Limits should be at most ½ of all cores
• Better 1/4 of all cores
WHAT IF LIMIT TOO HIGH
If limit >= ½ cores –
you need just 2 accounts to OVERLOAD server
• Disc throughput○ Read & Write
○ KB/s
• Default: 1024KB/sec
• Processes throttled on IO
once limit is hit
IO LIMIT
• SSD provides better throughput○ HDD → 30-100MB/s
○ SSD → 80-500MB/s
○ Limits are still per account / might not have to
be changed
IO limits Standard account High-end account
HDD 1 MB/s 5 MB/s
SSD 4 MB/s 10 MB/s
SSD vs HDD Disks [IO]
• Disc throughputo Read & Write
• Restricts total number of IO
operations
o Operations stop once limit is reached, until
second expires
• Default: 1024 operations per second
IOPS LIMIT
SSD vs HDD Disks [IOPS]
• SSD provides significantly higher IOPS rate○ HDD → 100 to 400 IOPS
○ SDD → 5,000 to 100,000 IOPS Source: https://en.wikipedia.org/wiki/IOPS
https://calypsotesters.com/summary-performance-comparison-hdd-sshd-ssd/
○ Limits are still per account / might not have to be
changed Yet, you can…
vMEM vs pMEM
• vMEM -- virtual memory (deprecated on CL6 & CL7)
vMEM → allocated memory, often not used. Prevents process from
allocating more memory
• pMEM -- physical memory
pMEM → used memory. Counts actual memory of pages in use. Will
kill (OOM) processes for account, if pMEM limit is reached
• Default: 256MB
• RSS field in ps, RES in top.
○ Includes shared memory
○ Includes disk caches
Used for account, caches will be freed if user
reached memory limit
pMEM limit
• Number of processes limit
• Default: 100• Most users will never hit this limit
○ Safe to increases to 1000...
NPROC Limit
PROTECTS AGAINST FORK BOMBS AND SIMILAR ATTACKS
• Number of entry processes
(Apache connections)
• Default: 20• Error code 508 response when
limit is reached
• Protects against exhaustion of
Apache slots (MaxClients)
EP LIMIT
Questions?
Twitter.com/CloudLinuxOS Visit CloudLinux.com