All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Trying to figure out why my LEB with APACHE2/PHP/OpenVPN-AS is using 92MB of RAM :s
Done:
apt-get remove bind9
Fortunately it is a 768MB RAM VPS, but I don't understand why it was using over 100MB of RAM with APACHE2 (default with the vanilla install) and OpenVPN AS installed. I subsequently installed PHP. which increased the RAM usage by a couple MB.
Anyway, "free -m" currently shows usage of 92MB RAM, but "ps aux" shows a ton of openvpn processes ("openvpn --errors-to-stderr --config stdin") and I'm not sure why they are all running. The VPN works.
Thoughts/suggestions about what to do to improve (reduce) RAM usage (short of getting rid of APACHE2 and replacing it with nginx, though I guess that's a possibility) and clean up the OpenVPN and related processes are welcome.
root@vpsla:/var/www# free -m
total used free shared buffers cached
Mem: 768 129 638 0 0 36
-/+ buffers/cache: 92 675
Swap: 256 0 256
root@vpsla:/var/www# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2028 732 ? Ss 08:15 0:00 init [2]
root 2 0.0 0.0 0 0 ? S 08:15 0:00 [kthreadd/13377]
root 3 0.0 0.0 0 0 ? S 08:15 0:00 [khelper/13377]
root 437 0.0 0.0 1736 632 ? Ss 08:15 0:00 /sbin/syslogd
bind 497 0.0 1.6 83072 12668 ? Ssl 08:15 0:00 /usr/sbin/named -u bind
root 505 0.0 0.0 1680 588 ? Ss 08:15 0:00 /usr/sbin/anacron -s
root 535 0.0 0.1 8668 820 ? Ss 08:15 0:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 2
root 541 0.0 0.0 8668 384 ? S 08:15 0:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 2
root 556 0.0 0.1 2392 868 ? Ss 08:15 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
root 560 0.0 0.1 5488 968 ? Ss 08:15 0:00 /usr/sbin/sshd
root 572 0.0 0.2 9200 1760 ? Ss 08:15 0:00 /usr/sbin/nmbd -D
root 577 0.0 0.3 16544 2880 ? Ss 08:15 0:00 /usr/sbin/smbd -D
root 583 0.0 0.1 16544 1248 ? S 08:15 0:00 /usr/sbin/smbd -D
root 585 0.6 3.3 40556 26308 ? S 08:15 0:00 python -c from pyovpn.sagent.sagent_entry import openvpnas ; openvpnas() --logfile=/var/log/openvpnas.log --pidfile=/var/run/openvpnas.pid
root 592 0.1 1.8 27848 14696 ? S 08:15 0:00 python -c from pyovpn.log.logworker import start ; start()
1001 593 0.3 2.2 21536 18012 ? S 08:15 0:00 python -c from pyovpn.cserv.wserv_entry import start ; start() -no -u openvpn_as -g openvpn_as --pidfile /usr/local/openvpn_as/etc/tmp/wserv.pid -r epoll
root 611 0.1 1.1 12240 9228 ? S 08:15 0:00 python -c from pyovpn.sagent.iptworker import start ; start()
root 612 0.0 0.3 8544 3012 ? Ss 08:15 0:00 sshd: root@notty
1001 615 0.0 0.3 4632 2388 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 617 0.0 0.0 4496 700 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 621 0.0 0.3 4632 2384 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 623 0.0 0.0 4496 696 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 626 0.0 0.3 4632 2392 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 628 0.0 0.0 4496 704 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 631 0.0 0.3 4632 2392 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 633 0.0 0.0 4496 704 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 636 0.0 0.2 4628 2356 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 640 0.0 0.3 4628 2360 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 644 0.0 0.2 4628 2356 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
1001 648 0.0 0.2 4628 2356 ? S 08:15 0:00 openvpn --errors-to-stderr --config stdin
root 650 0.0 0.0 2272 732 ? S 08:15 0:00 iptables-restore -n
root 651 0.0 0.1 1924 808 ? Ss 08:15 0:00 /usr/lib/openssh/sftp-server
root 652 0.0 0.4 8544 3404 ? Ss 08:15 0:00 sshd: root@pts/0
root 654 0.0 0.2 2964 1648 pts/0 Ss 08:15 0:00 -bash
root 664 0.0 0.2 9992 1588 ? Ss 08:16 0:00 sendmail: MTA: accepting connections
root 686 0.0 0.8 20840 6292 ? Ss 08:16 0:00 /usr/sbin/apache2 -k start
www-data 694 0.0 0.4 20840 3588 ? S 08:16 0:00 /usr/sbin/apache2 -k start
root 714 0.0 0.1 2288 876 ? Ss 08:16 0:00 /usr/sbin/cron
www-data 734 0.0 0.4 20840 3580 ? S 08:16 0:00 /usr/sbin/apache2 -k start
www-data 735 0.0 0.4 20840 3580 ? S 08:16 0:00 /usr/sbin/apache2 -k start
www-data 736 0.0 0.4 20840 3580 ? S 08:16 0:00 /usr/sbin/apache2 -k start
root 738 0.0 0.1 2348 920 pts/0 R+ 08:18 0:00 ps aux
Comments
No, you are using 92MB
Another quote for this again: http://www.linuxatemyram.com/
Anyway, Apache and some python threads that you have there (openvpn stuff?) are the culprit processes
Another quote for this again: http://www.linuxatemyram.com/
Anyway, Apache and some python threads that you have there (openvpn stuff?) are the culprit processes
Ah, that does make a bit more sense after reading your link. But, I sadly don't know why there are so many openvpn-related processes, if they're necessary (or an error), and how to stop them from coming if they're unnecessary. Poking around the interwebs didn't turn much up about the specific combination of flags.
Some of them probably are "childs"/threads of a main one. Not sure since I don't use the "AS" version.
Do you have htop?
Check the boxes for hiding the userland and kernel threads in the setup section.
If the processes are still there, then they are independent, otherwise, they are threads.
MinSpareServers 1
MaxSpareServers 2
I already had my httpd.conf set to the following:
StartServers 1
MinSpareServers 4
MaxSpareServers 2
ServerLimit 6
MaxClients 6
MaxRequestsPerChild 3000
but will change it to the following and restart apache:
StartServers 1
MinSpareServers 1
MaxSpareServers 2
ServerLimit 6
MaxClients 6
MaxRequestsPerChild 3000
@yomero: I didn't have htop installed, but installed it. I made the setting change you suggested and it still shows all of those openvpn processes. More specifically, it shows 12 "openvpn --errors-to-stderr --config stdin" processes, 7 "named -u bind" processes, and 4 "apache2 -k start" processes (among many others).
I'd get rid of bind and not run my nameservers on that VPS.
root 577 0.0 0.3 16544 2880 ? Ss 08:15 0:00 /usr/sbin/smbd -D
root 583 0.0 0.1 16544 1248 ? S 08:15 0:00 /usr/sbin/smbd -D
Are you really connecting to your VPS with Samba or as a Windows share? If not, this will free up ~7 megabytes.
root 541 0.0 0.0 8668 384 ? S 08:15 0:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 2
You really don't need to run SASL, like, ever....
I see that you're connected via sftp, which doesn't get spawned from xinetd, so you can kill xinetd too.
I don't actually run nameservers on my VPS; my main domain is hosted on some super low-end shared hosting and I manage all that stuff there. I tried removing bind, but this is what happens:
root@vpsla:~# apt-get remove bind
Reading package lists... Done
Building dependency tree
Reading state information... Done
Virtual packages like 'bind' can't be removed
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Based on the above posts, I should get rid of bind, nmbd, and sasl?
@Damian: I never use Samba or Windows share. Also, by "kill xinetd," do you mean remove it or just kill the process?
Yes.
@user123 said: do you mean remove it or just kill the process?
Yes.
Yes to which one? (removing or killing)
lol
root@vpsla:~# apt-get remove bind
apt-get remove bind9 or you could do apt-get purge bind9*
Thanks, done.
Hmm
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package nmbd
root@vpsla:~# apt-get remove sasl
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package sasl
in putty type
tasksela window will pop up
just untick all services you don't want
@earl:
-bash: tasksel: command not found
So I installed it, but it doesn't actually let me remove packages. Whenever I highlight a package and press "g" (it says "g" is "Download/Install/Remove Flags"), I get a popup saying "No packages are scheduled to be installed, removed, or upgraded".
where does it say g? when the window pops up just use the space bar to tick and untick the package and tab to highlight the ok button and should be good to go..
here is some more help:
https://help.ubuntu.com/community/Tasksel
http://wiki.debian.org/tasksel
@earl at the top of the window. I figured out that I have to go into the package and then double click on the menu "Package" then "Remove" then "g" + "g" and then it removes a package. When I restart tasksel, it brings me back to the window where you can hit spacebar. But, the only two things with the asterix beside them are "Web server" (Apache2?) and "SSH server" (OpenSSH?) (both of which I want to keep). I had previously opted to get into the "manual package selection" to try to remove stuff...was that incorrect?
well you have already purged Bind so DNS server will be unchecked in tasksel but I would only use taskel to remove complete packages like desktop etc..
for small things it's better to use apt-get purge the "manual package selection" seems similar to "aptitude" to be honest it gives me a headache using it..
Worker mpm seems to need much less memory.
the packages for saslauthd are:
libsasl2-modules-sql
sasl2-bin
libsasl2-2
and you might also have:
php-auth-sasl
I wouldn't remove the Sasl packages though because if it's installed your openvpn is probably setup to use user/password authentication based on libpam-mySQL which requires saslauthd
That makes sense, thanks. OpenVPN-AS is setup to authenticate using PAM.
you should remove openvpnas and use the community version - much much extra ram
I would if I knew how to get it to work. I tried following SEVERAL guides and many automated scripts for installing "plain" OpenVPN, but could not end up with a working VPN.
AL FYI OpenVPN-AS was never designed to be light weight, they recommended minimum for that alone is 512MB
Unless you just plan to install it and nothing else
Why are you using Apache?
Because it was included in the OS install. I'd like to replace it with nginx and php (PHP-FPM?), but don't want to trash Apache until I've found solid guides for removing apache and setting up nginx with SSL and php on Debian. I'm also not sure if I need to do anything in the time between removing apache (apt-get remove apache2 ?) and installing nginx to avoid my current php page from not being served correctly.
Interestingly enough, my LEB is only using 63MB RAM atm, down from 92MB previously. I'm not sure why this is, since I have not changed anything other than removing bind (and the LEB was still using the same 92MB after that)
Mem: 768 86 681 0 0 23
-/+ buffers/cache: 63 704
Swap: 256 12 243
Under Server Network Settings on the admin ui, go to the area that says "Multi-Daemon Mode" and edit the number of running daemons to 1 or 2. Since you are on a VPS and most likely only have a few users connecting you shouldn't need that many daemons/processes running for Access Server. By default, the amount of daemons for both UDP and TCP match the amount of cores available on your system.
Thanks, I changed to 1 TCP and 1 UDP daemon and now it's down to 3 OpenVPN and 3 Apache processes