Phoenix,

Also consider look to http://www.varnish-cache.org/. It can help you making your env better during high traffic.

I can't do too much with Rainer's directions... since my "server" cannot handle too much connections... and i can't generate too much connections to stress it.

Thanks

Breno

On Fri, May 27, 2011 at 7:20 AM, Breno Silva <breno.silva@gmail.com> wrote:
I cannot stress it too much ... my "server" is a vm image with 500mb of memory and low cpu.


On Fri, May 27, 2011 at 4:19 AM, Rainer Jung <rainer.jung@kippdata.de> wrote:
On 27.05.2011 11:03, Phoenix Kiula wrote:
> On Fri, May 27, 2011 at 4:06 PM, Rainer Jung <rainer.jung@kippdata.de> wrote:

> Rainer, thanks for this informative post.
>
> I am the one who was testing with Breno live on my very high traffic
> server. And we had no success.
>
> I have to use Prefork. Cannot use Worker MPM as highly customized php
> functionality is paramount. Worker MPM is not great for PHP as one
> needs to tinker with mod_fcgi dribble.
>
> My setup is as follows:
>
> TimeOut                 6
> KeepAlive              On
> KeepAliveTimeout        2
> StartServers            5
> MinSpareServers         5
> MaxSpareServers        15
> ServerLimit           600
> MaxClients            350
> MaxRequestsPerChild  2000
>
>
> I have quad core CentOS 64 bit, with 12GB RAM. I can spare about 3GB
> for Apache alone, as the rest is needed for heavylifting by
> Postgresql. It's a RAID 10 setup if that matters.
>
> With this in mind, and peak traffic of about 1000 concurrent
> connections (which are very small and quick) -- and images are
> offloaded either to a CDN static server or to a separate nginx
> installation -- and about 500 MaxClients, what would you recommend?
>
> Your description is very lucid, but it's for Worker MPM and its
> threads. Would love to hear your opinion about Prefork's processes
> too, because as of now I cannot use the Google safe Browsing rules
> with my setup above -- Apache crashes in less than a minute. Even with
> Breno's latest build of 2.6.1_rc.

1) Start with MaxClients. Despite its name MaxClients configures the
maximum number of concurrent connections Apache will handle. For prefork
each connection is one thread which in turn is one process.

A few additional connections might stay in kernel accept, but this won't
be much.

If you need to handle a peak load of 1000 concurrent connections with
prefork, you need MaxClients 1000 and prepare for 1000 Apache processes
(!). So think twice, whether that number is realistic. You can reduce
the number of connections by either turning KeepAlive off, or reducing
your KeepAliveTimeout from 2 to 1. You might also want to monitor
server-status to find out, how many concurrent connections are there
actually during peak times.

I will assume 1000 for now.

2) StartServers I would suggest a number close to the number of
concurrent connections you experience most time of the day. It might be
something like 100. It should usually be somewhere between 10 and 20% of
MaxClients.

3) MinSpareServers: I suggest about 5% to 10% of the number of
concurrent connections you experience most time of the day. So here it
might be about 5-10.

4) MaxSpareServers: I'd say 25% of the number of concurrent connections
you experience most time of the day. So here it might be about 25.

5) ServerLimit must be at least as big as MaxClients. If you do not want
to increase MaxClients using a graceful restart, you can set ServerLimit
equals to MaxClients.

6) MaxRequestsPerChild could be OK, depending on your rate of new
connections per process.

5) If your process table shows that Apache processes are not being
reused nicely, i.e. you always see a high number of processes that are
only a few minutes old, then you neded to increase MaxRequestsPerChild
and possibly also the difference between min spare and max spare.

Regards,

Rainer

------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery,
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now.
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php