Ver Mensaje Individual
  #8 (permalink)  
Antiguo 30/05/2007, 18:48
Avatar de wiz
wiz
 
Fecha de Ingreso: agosto-2006
Ubicación: Argentina
Mensajes: 48
Antigüedad: 18 años, 4 meses
Puntos: 0
Re: Afinando un Server

parte 2

Cita:
Service Configuration -> Service Manager
-----------
Making sure all services are enabled and monitored as it is vital that you know the status of all the services on your machine, however please take note to disable the Java Melange Chat Server as it has been deprecated by cPanel and as such should be considered a security concern.

=========================================
System Health
=========================================

Service Configuration -> Background Process Killer
-----------

You should enable each item in this menu, which will disable the process from running on all accounts.

(TICK) BitchX
(TICK) bnc
(TICK) eggdrop
(TICK) generic-sniffers
(TICK) guardservices
(TICK) ircd
(TICK) psyBNC
(TICK) ptlink
(TICK) services

=========================================
Add-Ons
=========================================

Add-Ons -> Setup Spamd Startup Configuration
-----------

These are the recommended settings for a Power 1 and above VPS:

Maximum Children: 2
Allowed IPs: 127.0.0.1
Maximum Connections Perl Child: 200


Apache Modifications:

=========================================
Configurations File
=========================================

Identification output for Apache. (This is to hide version numbers from potentional hackers)

Quote:
pico /etc/httpd/conf/httpd.conf
Type CTRL + W then type ServerSignature then hit enter, once you've found it replace the "On" with "Off"

Quote:
Restart Apache /etc/rc.d/init.d/httpd restart
=========================================
Optimizing Apache for Low Memory Usage
=========================================

Apache can consume quite a bit of memory, if you’re not careful. This part of the guide discusses how to reduce the amount of memory it uses without killing performance. The caveat, of course, is that you’re not going to be able to run a site with a large database and large amount of traffic with these settings. I’m going to try to explain the WHY more than the WHAT. All of this is in conjunction with my goal of reducing the amount of ram. Before I begin, I’d like to say that you should also look at various system utilities that consume ram. Services like FTP and SMTP can and should be passed off to xinetd. Also, you should look at shells besides bash, such as dash. And, if you’re really serious about low memory, you might look at using something like BusyBox, which brings you into the realm of real embedded systems. Personally, I just want to get as much as I can out of a standard linux distribution. If I need more horsepower, I want to be able to move to bigger, faster virtual machines and/or dedicated servers. For now, optimizing a small virtual machine will do.

First off, Apache. My first statement is, if you can avoid it, try to. Lighttpd and thttpd are both very good no frills webservers, and you can run lighttpd with PHP. Even if you’re running a high volume site, you can seriously gain some performance by passing off static content (images and javascript files, usually) to a lightweight, super-fast HTTPd server such as Lighttpd.
The biggest problem with Apache is the amount of ram it uses. I’ll discuss the following techniques for speeding up Apache and lowering the ram used.

* Loading Fewer Modules
* Handle Fewer Simultaneous Requests
* Recycle Apache Processes
* Use KeepAlives, but not for too long
* Lower your timeout
* Log less
* Don’t Resolve Hostnames
* Don’t use .htaccess

Loading Fewer Modules

First things first, get rid of unnecessary modules. Look through your config files and see what modules you might be loading. Are you using CGI? Perl? If you’re not using modules, by all means, don’t load them. That will save you some ram, but the BIGGEST impact is in how Apache handles multiple requests.

Handle Fewer Simultaneous Requests

The more processes apache is allowed to run, the more simultaneous requests it can serve. As you increase that number, you increase the amount of ram that apache will take. Looking at TOP would suggest that each apache process takes up quite a bit of ram. However, there are a lot of shared libraries being used, so you can run some processes, you just can’t run a lot. With CentOS 4.4 and Apache1, the following lines are the default:

Quote:
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
I haven’t found documentation on this, but prefork.c seems to be the module that’s loaded to handle things w/ Apache1 and CentOS 4.4. Other mechanisms could or could not be much more memory efficient, but I’m not digging that deep, yet. I’d like to know more, though, so post a comment and let me know. Anyway, the settings that have worked for me are:

Quote:
Timeout 180
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 3
MinSpareServers 1
MaxSpareServers 5
StartServers 1
MaxClients 5
MaxRequestsPerChild 300
What I’m basically saying is, “set the maximum amount of requests that this server can handle at any one time to 5.” This is pretty low, and I wouldn’t try to do this on a high volume server. However, there is something you can and should do on your webservers to get the most out of them, whether you’re going for low memory or not. That is tweak the keepalive timeout.

Recycle Apache Processes

If you noticed, I changed the MaxRequestsPerChild variable to 500, from 0. This variable tells Apache how many requests a given child process can handle before it should be killed. You want to kill processes, because different page requests will allocate more memory. If a script allocates a lot of memory, the Apache process under which it runs will allocate that memory, and it won’t let it go. If you’re bumping up against the memory limit of your system, this could cause you to have unnecessary swapping. Different people use different settings here. How to set this is probably a function of the traffic you receive and the nature of your site. Use your brain on this one.

Use KeepAlives, but not for too long

Keepalives are a way to have a persistent connection between a browser and a server. Originally, HTTP was envisioned as being “stateless.” Prior to keepalive, every image, javascript, frame, etc. on your pages had to be requested using a separate connection to the server. When keepalives came into wide use with HTTP/1.1, web browsers were able to keep a connection to a server open, in order to transfer multiple files across that same connection. Fewer connections, less overhead, more performance. There’s one thing wrong, though. Apache, by default, keeps the connections open for a bit too long. The default seems to be 15 seconds, but you can get by easily with 2 or 3 seconds.

This is saying, “when a browser stops requesting files, wait for X seconds before terminating the connection.” If you’re on a decent connection, 3 seconds is more than enough time to wait for the browser to make additional requests. The only reason I can think of for setting a higher KeepAliveTimeout is to keep a connection open for the NEXT page request. That is, user downloads page, renders completely, clicks another link. A timeout of 15 would be appropriate for a site that has people clicking from page to page, very often. If you’re running a low volume site where people click, read, click, etc., you probably don’t have this. You’re essentially taking 1 or more apache processes and saying, “for the next 15 seconds, don’t listen to anyone but this one guy, who may or may not actually ask for anything.” The server is optimizing one case at the expense of all the other people who are hopefully hitting your site.

Lower Your Timeout

Also, just in case, since you’re limiting the number of processes, you don’t want one to be “stuck” timing out for too long, so i suggest you lower your “normal” Timeout variable as well.

Log Less
If you’re trying to maximize performance, you can definitely log less. Modules such as Mod_Rewrite will log debugging info. If you don’t need the debugging info, get rid of it. The Rewrite log is set with the RewriteLogUser-Agent or the Http-Referer. I like seeing those things, but it’s up to you. command. Also, if you don’t care about looking at certain statistics, you can choose to not log certain things, like the

Don’t Resolve Hostnames

This one’s easy. Don’t do reverse lookups inside Apache. I can’t think of a good reason to do it. Any self respecting log parser can do this offline, in the background.

Quote:
HostnameLookups Off
Don’t Use .htaccess

You’ve probably seen the AllowOverride None command. This says, “don’t look for .htaccess files” Using .htaccess will cause Apache to 1) look for files frequently and 2) parse the .htaccess file for each request. If you need per-directory changes, make the changes inside your main Apache configuration file, not in .htaccess.

Última edición por wiz; 30/05/2007 a las 19:24